BlindGuard is a security agent that runs inside an EigenCompute TEE. Your source code goes in, a signed vulnerability report comes out. The code never leaves the enclave.
Install it on your repo. Every commit, every release gets audited automatically. You get the guarantee that the code being operated is safe, without anyone ever reading it.
Paste code or enter a public GitHub repo URL. BlindGuard analyzes everything inside the TEE. The code never leaves the enclave.
The entire analysis happens inside a hardware isolated enclave. No one, not even BlindGuard's operators, can access your source code.
Code enters the TEE enclave via encrypted channel
Static analysis + EigenAI LLM inference inside the enclave
Signed vulnerability report + cryptographic attestation exits
Anyone can verify the audit without seeing the code
BlindGuard ships as a GitHub App. Install it on any repo, public or private. Every push and every release triggers a full security audit inside the TEE. Results show up directly on your commits.
Add BlindGuard to your repo with one click
Every commit and release triggers an audit automatically
Code is analyzed inside the TEE, no one sees it
Signed attestation posted as a commit comment
Every BlindGuard audit is fully auditable. The agent's identity is defined by its code, data commitments, upgrade policy, and persistent state.
The Docker image digest is included in every TEE attestation. Anyone can verify the exact code that ran.
A hash of the input code is computed before analysis. Proves what was analyzed without revealing it.
Manifest enforces semantic versioning. No silent changes. Every upgrade requires a version bump.
Full audit history in TEE encrypted storage. Every analysis leaves a verifiable trail.
Check our verifiable build and deployment on the EigenCloud dashboard.
View TEE Dashboard