Attestation is all you need

Policy is not enough for high-value prompts. A policy is a promise about what a router will do with your prompt, with no way to check that the promise is kept. For prompts that actually matter, you want to verify what code is receiving the request and whether that code matches the open source release.

So TrustedRouter builds attestation into the product itself. You can pull up the trust page, compare the source commits against the release digests, and decide for yourself whether a route clears your workload's privacy bar before you send anything through it.

The design splits cleanly along who needs what. The control plane handles accounts, keys, billing, docs, and status. The API plane carries prompt traffic through the attested gateway, and nothing else runs there. Provider pages show upstream retention and confidential-compute posture on their own, kept on the provider's side of the line, because that posture belongs to them. Legal and procurement pages say plainly what is ready now and what still needs a signed agreement.

The payoff is that each person can verify the part they care about, in their own terms. A lawyer reads the DPA and the subprocessor list. An engineer reads the code. An agent checks attestation before it routes sensitive work. Nobody has to take the others' word for it.