View on GitHub
tinfoilsh/tinfoil-proxy
tinfoil-proxy is a small Go binary that serves the same http://127.0.0.1:3301/v1 endpoint as the menu-bar app. It’s the right pick for scripts, CI runners, headless servers, or any workflow where you don’t want a GUI.
Install script (macOS & Linux)
tinfoil-proxy binary from the latest release, and installs it to /usr/local/bin. Set INSTALL_DIR to install elsewhere, or VERSION (e.g. VERSION=0.0.8) to pin a specific release.
Pre-built binaries
Each release publishes standalonetinfoil-proxy binaries for macOS, Linux, and Windows alongside the Electron installers. Grab the one for your OS from the releases page.
From source
tinfoil-proxy into $GOPATH/bin (usually $HOME/go/bin). Make sure that’s on your PATH.
Docker
A multi-arch image (linux/amd64 + arm64) is published to the GitHub Container Registry on every release:0.0.0.0 inside the container so the published port is reachable; mapping it to 127.0.0.1 on the host keeps the endpoint loopback-only. Append flags after the image name to override defaults, for example ghcr.io/tinfoilsh/tinfoil-proxy -p 9443 -r tinfoilsh/confidential-model-router -e inference.tinfoil.sh. Pin a specific version with the :0.1.0 tag instead of :latest.
Run it
tinfoil-proxy listens on http://127.0.0.1:3301 and auto-selects a Tinfoil router enclave, verifies its attestation against the public transparency log, and pins the attested public-key fingerprint for upstream TLS connections. If the enclave rotates its TLS certificate later, the underlying Go client re-runs attestation before trusting the new key. Point any OpenAI-compatible client at:
Pin a specific enclave
--host and --repo are an all-or-nothing pair — leave both empty for auto-discovery, or set both to pin a particular enclave + config repo:
Choose a custom port
Command options
Use it from any tool
Oncetinfoil-proxy is running, the local endpoint is just a regular OpenAI-compatible base URL. See the coding agents tutorial for plug-and-play setups for Cline, Factory Droid, OpenCode, Hermes, and more.
Compare to the menu-bar app
tinfoil-proxy (CLI) and Tinfoil Proxy (menu-bar app) ship from the same repo. Both expose the same local endpoint (http://127.0.0.1:3301/v1 by default) and run identical attestation against the Tinfoil router enclave they forward to upstream. Pick whichever fits your workflow:

