Go SDK

Go SDK for Tinfoil’s secure AI inference API
GitHub: tinfoil-go Build Status Go Reference

Installation

Add the Tinfoil SDK to your project:
go get github.com/tinfoilsh/tinfoil-go
tinfoil-go currently relies on a specific feature in go-sev-guest that hasn’t been upstreamed yet. This requires adding the following line to your go.mod:
replace github.com/google/go-sev-guest => github.com/tinfoilsh/go-sev-guest v0.0.0-20250704193550-c725e6216008

Migration from OpenAI

Migrating from OpenAI to Tinfoil is straightforward. The client is designed to be compatible with the OpenAI Go client:
// Before (OpenAI)
- import (
- 	"os"
- 	"github.com/openai/openai-go"
- 	"github.com/openai/openai-go/option"
- )
- 
- client := openai.NewClient(
-    option.WithAPIKey(os.Getenv("OPENAI_API_KEY"))
- )

// After (Tinfoil)
+ import (
+ 	"os"
+ 	"github.com/openai/openai-go"
+ 	"github.com/openai/openai-go/option"
+ 	"github.com/tinfoilsh/tinfoil-go"
+ )
+ 
+ client, err := tinfoil.NewClient(
+ 	option.WithAPIKey(os.Getenv("TINFOIL_API_KEY")),
+ )
All method signatures remain the same since tinfoil.NewClient() returns a standard OpenAI client with built-in security features.

Usage

// 1. Create a client
client, err := tinfoil.NewClient(
	option.WithAPIKey(os.Getenv("TINFOIL_API_KEY")),
)
if err != nil {
	log.Fatal(err)
}

// 2. Use client as you would openai.Client 
// see https://pkg.go.dev/github.com/openai/openai-go for API documentation

Model Examples

Below are specific examples for each supported model. Click on any model to see its configuration and usage example.

Chat Models

Audio Models

Embedding Models

Advanced Functionality

// For manual verification and direct HTTP access, use SecureClient directly
secureClient := tinfoil.NewSecureClient("<enclave>.model.tinfoil.sh", "tinfoilsh/<config-repo>")

// Manual verification
groundTruth, err := secureClient.Verify()
if err != nil {
	return fmt.Errorf("verification failed: %w", err)
}

// Get the raw HTTP client 
httpClient, err := secureClient.HTTPClient()
if err != nil {
	return fmt.Errorf("failed to get HTTP client: %w", err)
}

// Make HTTP requests directly 
resp, err := secureClient.Get("/api/status", map[string]string{
	"Authorization": "Bearer token",
})

API Documentation

This library is a drop-in replacement for the official OpenAI Go client that can be used with Tinfoil. All methods and types are identical. See the OpenAI Go client documentation for complete API usage and documentation.

Guides