Privacy
What Ivaronix stores, where it stores it, and what it cannot see. Effective for the Galileo testnet. Mainnet inherits this contract.
What we record
Every action you run produces a receipt: a signed, chain-anchored record on a ReceiptRegistry contract (V3 for the receipt-type slots admitted post-B-V2-32; V2 for legacy slots 0-9). Receipts are public by design — they are how a third party proves you ran the work claimed.
A receipt body is canonical-hashed (RFC-8785 JCS) and contains:
- The skill that ran, its version, the model used.
- A keccak256 of the input + output (not the plaintext).
- The TEE attestation hash if the run used 0G Compute (TIER 1).
- The wallet that authorised the run (you).
What we cannot see
- 0G Compute (TIER 1) plaintext. Inference runs inside a TEE-attested provider. The operator wallet never handles your input or output text outside the TEE.
- Burn Mode contents. AES-256-GCM seals the input under a session key the operator never sees. Only the key fingerprint (
sha256(key)) is recorded. The full key is wiped at the end of the run. - Memory recall on a different wallet. Memory is per-wallet, stored under the wallet sandbox. Other wallets cannot recall your notes through Studio or the CLI.
Cookies + sessions
iv-session · 1 hour TTL, HMAC-signed with IVARONIX_SESSION_SECRET. Issued after a SIWE sign-in. iv-siwe-nonce · 5 minute TTL, single-use, prevents replay during the handshake. Both cookies are httpOnly + sameSite=strict.
Third-party analytics
None. No Google Analytics, Plausible, Mixpanel, Segment, or cookie-based tracking. The only network traffic Studio makes is to 0G RPC, 0G Storage, and the configured 0G Router endpoint.
Operator-as-proxy
Public chain reads (the /global ticker, dashboard refreshes) are made by the operator wallet so your wallet address does not appear in the indexer logs for unrelated reads. See READ_PROXY_PRIVATE_KEY / IVARONIX_READ_PROXY_KEY in the .env template for details.
Verification
Every claim above maps to source code. Repository: github.com/Pratiikpy/ivaronix. Receipts can be re-verified independently with ivaronix receipt verify --tee-independent.