This is a big milestone for Tresor, and an important one for customers who want to build on private AI without lowering their standards. You can now build directly on top of Tresor with an OpenAI-compatible API, while keeping the privacy, sealed execution, and proof that make the product different.

OpenAI-compatible from day one

Point your existing OpenAI client at Tresor, use a tr- API key, and start making requests. The API supports streaming out of the box, and newer capabilities like tools and reasoning content are there from the start.

🔒 Privacy: The API keeps the same zero-access design people expect from Tresor.

A proper product, not just an endpoint

The new API dashboard gives you the basics you actually need on day one:

• API keys — Create and revoke keys from the dashboard, with clear prefixes and last-used visibility.

• Usage tracking — See spend over time, break it down by model, inspect individual rows, and export usage as CSV.

• Billing — Add credits, save payment methods, download invoices, and turn on auto-recharge.

• Operational emails — Get clearer alerts for low balance, depleted balance, payment failures, and API key activity.

Verifiable by default

Every API response can be tied to a signed receipt you can fetch and verify later. That receipt freezes the routed model, cryptographic fingerprints of the request and response, and the attestation trail behind the call.

If you want a stronger guarantee than TLS, tresor-attest lets your client verify it's talking to the genuine Tresor workload before any payload leaves your process.

Also in this launch

• OpenAI SDK examples — Quick-start docs for curl, Python, Node.js, and Go.

• Receipts in the dashboard — Usage entries make it easier to inspect verification details and timestamps.

• First-release polish — Better invoice empty states and fewer rough edges when creating new API keys.

This is the first release of the Tresor API, and it sets the baseline for what we want this product to feel like: easy to adopt, easy to operate, and much easier to trust.

Getting into Tresor now feels more dependable, and the proof behind each conversation is clearer once you're in. This release focuses on the first-run experience, verification, and everyday chat reliability.

Faster signup and email verification

• Cleaner email confirmation — Password setup and redirects now work more reliably after you verify your email.

• Better recovery when verification gets interrupted — If signup stalls, Tresor is better at getting you back on track instead of leaving you in a dead end.

• Invite-aware verification — Joining a workspace from an invite now completes more reliably and lands you in the right workspace.

• Lightweight bot protection — Signup and resend flows now include better abuse protection to keep the experience fast for real users.

• More reliable sign out — Leaving Tresor is less likely to get stuck in an awkward half-signed-in state.

Clearer proof in Private by design

The Private by design panel now does a better job surfacing the full verification path, including router and downstream checks where available.

If you stop a response early, Tresor is also better at preserving the proof behind what was generated instead of dropping into an unclear verification state.

🔒 Privacy: These improvements add clearer evidence, not more collection. Your messages and uploads stay private.

Improvements & fixes

• Better file uploads — Attachments are handled more robustly, with clearer failures when something goes wrong.

• Sidebar updates immediately — New chats now appear more reliably in the sidebar.

• Better stop behavior — Stopping a reply mid-stream is more reliable and less likely to leave verification in an odd state.

A smoother path from signup to first conversation, with stronger evidence all the way through.

When you opened the Private by design panel before today, Tresor showed you a hardware-signed proof that your message was processed inside a sealed environment. That proof now carries one extra piece of information that matters: which exact version of Tresor was running inside that sealed environment.

What changed

Every sealed environment now signs its identity — the workload name, the release version, and the exact image it was built from — and that identity is folded into the same hardware-signed proof you already see. The verifier that releases keys to the environment refuses to release them unless that identity check passes too. There is no longer a separate, after-the-fact check that could be skipped or bypassed.

What this means for you

• The proof you can inspect in the Private by design panel now binds the answer you got to a specific, signed Tresor build — not just to "some Tresor running on sealed hardware."

• A compromised host or a swapped container cannot quietly pass itself off as a genuine Tresor release. Without a release-signed identity for that build, the sealed environment is not allowed to start handling your traffic at all.

🔒 Privacy: This change is about adding evidence, not about collecting more data. Nothing about your messages or files is included in the proof.

For the technically curious

The full architecture, threat model, and verifier algorithm are public. See the Attestation Pinning guide and the open-source verifier SDKs at tresor-attest (Go, Python, TypeScript).

Safer accounts, clearer billing

This update makes the day-to-day basics feel more solid. Your account is easier to protect, billing is easier to stay on top of, and one of our strongest models just got better with images.

Two-Factor Authentication

You can now enable Two-Factor Authentication for your Tresor account. If you use Unlock encrypted chats, that flow is more consistent too, so getting back into protected conversations feels less fragile.

Better billing visibility

• Payment methods and invoices in one place — The billing page now does a better job surfacing saved payment methods, invoice history, and enterprise invoice status.

• Low-balance and payment alerts — Tresor now sends clearer emails for low balance, auto-recharge activity, payment failures, and API key events, so you get fewer surprises.

• Cleaner billing links — Billing-related emails and dashboard links now take you straight to the right place.

Better model support

• Gemma 4 31B now supports images — You can use it for image-aware work, not just text.

• Recommended models are easier to spot — Strong default picks are surfaced more clearly in the interface.

Like every model on Tresor, image processing stays inside the same secure, sealed environment.

Improvements & fixes

• Better French translations — A round of copy improvements across the chat experience.

• Smoother unlock flow — Unlocking encrypted chats is more reliable.

Small improvements, less friction. More on the way.

A packed update with new AI models, a more personal sharing experience, and several quality-of-life improvements.

New models

• Z.AI: GLM 5 — A new model option, now available in the model selector.

• Kimi k2.5 (recommended) — A strong all-rounder that's now a recommended pick for everyday use.

Like every model on Tresor, both run inside a secure, sealed environment.

User avatars and better sharing

Your conversations now show user avatars — giving shared chats a cleaner, more personal look. When you share a conversation, recipients can see who said what at a glance.

Delete workspaces

You can now delete a workspace you no longer need. Head to your workspace settings to remove it. This is permanent, so Tresor will ask you to confirm before anything is deleted.

Improvements & fixes

• Paste images from clipboard — You can now paste images directly from your clipboard into the chat, in addition to uploading from file.

• Better translations — Improved translations across the interface for French and German users.

• Fixed shared chat verification — Resolved an issue where verification could fail on shared conversations.

Tresor now lets you organize your work into projects — complete with their own files, instructions, and conversations.

Persistent file uploads

Previously, uploaded files only lived for a single conversation. Now your documents and images are stored persistently — available across conversations whenever you need them. Upload once, reference anytime.

🔒 Privacy: Your files remain encrypted and stored securely. Only you hold the keys.

Projects with files and custom instructions

Projects are a new way to keep related work together. Each project can have:

• A title to keep things organized

• Custom instructions that guide the AI for every conversation in that project

• File attachments — add documents and images that the AI can reference across all project conversations

Open the new project settings panel to configure everything in one place.

Longer conversations with compaction

Ever hit the limit on a long conversation? Compaction intelligently summarizes earlier parts of the conversation so you can keep going — without losing important context. Long research sessions, multi-step analysis, and extended discussions now flow naturally.

Give projects a spin — they're a great way to set up recurring workflows or keep a complex task organized.

A round of polish to make your day-to-day experience smoother:

• Auto-scroll after sending — The chat now scrolls to the latest response automatically after you submit a prompt. No more manual scrolling.

• Fixed follow-up web searches — Resolved an issue where web searches in follow-up questions could fail silently.

• More mobile file sources — The file picker on mobile now offers additional source options, making it easier to upload from your device.

• Better citation display — Fixed a parsing issue that caused some inline citation markers to render incorrectly.

Small improvements, steady progress. We're shipping these alongside larger features to keep the everyday experience feeling fast and reliable.

Tresor now understands images. Upload a photo, screenshot, chart, or diagram — and ask the AI to describe it, extract text, analyze data, or answer questions about what it sees.

Like everything on Tresor, your images are processed privately inside the sealed environment. They're never stored or visible to anyone.

Also in this update

• Faster prompt submission — Improved speed and responsiveness when sending messages.

• Smarter web queries — Better reformulation of your questions into effective search queries.

• Mobile settings layout — Fixed layout issues in settings on smaller screens.

• Improved mobile experience — Added PWA configuration so Tresor works better as an app on your phone or tablet.

💡 Tip: Try uploading a whiteboard photo, a receipt, a chart from a report, or a screenshot of an error message. The AI handles a wide range of visual content.

See it for yourself — drop an image into your next conversation.