AI Security & Privacy

Zero's AI assistant is designed with privacy as a core principle. Conversations are protected by TEE (Trusted Execution Environment) isolation, and no query logs are retained on servers.

TEE-Protected AI

Zero runs AI processing inside Trusted Execution Environments—hardware-isolated secure enclaves that prevent unauthorized access to conversation data.

What is a TEE?

A Trusted Execution Environment is a secure area within a processor that guarantees:

Code Integrity: Only verified code runs inside the enclave
Data Confidentiality: Memory is encrypted and isolated from the host system
Execution Isolation: Even privileged system processes cannot access TEE memory
Attestation: Cryptographic proof that code is running unmodified in a genuine TEE

In practice, this means your AI conversations are processed in a secure black box that even Zero's infrastructure operators cannot inspect.

Hardware-Based Security: TEEs use CPU-level protection (Intel SGX, AMD SEV, ARM TrustZone) to create isolated execution environments.

What Zero's AI Sees

When you interact with Zero's AI, it has access to:

Your Query: The question or command you type
Conversation History: Previous messages in your current session for context
Retrieved Data: Blockchain data, web search results, or knowledge base content fetched to answer your query
Your Wallet Address: If relevant to the query (e.g., portfolio analysis)

What Zero's AI NEVER Sees

Private Keys: Your wallet keys remain in your wallet, never exposed to Zero or the AI
IP Address: Your IP is not linked to specific queries
Personal Information: Unless you explicitly share it in your query
Other Users' Data: Conversations are isolated; the AI has no access to other users' sessions

Don't Share Secrets: Never type private keys, seed phrases, or passwords into AI queries. Zero's AI will never ask for them.

Data Retention Policy

During Your Session

Conversation history exists in two places:

Your Browser: Full conversation stored in browser memory (RAM) and local storage
TEE Environment: Temporary processing of queries during active interactions

After Your Session

When you close Zero, click "Destroy," or clear browser data:

Browser Memory: Cleared immediately
Local Storage: Conversation history deleted
Server-Side: No conversation logs exist to delete

There is no backup, no archive, no recovery mechanism. Once destroyed, AI conversations are permanently gone.

Zero-Knowledge by Design: Zero's servers process queries inside TEEs but retain no record of what you asked or the AI's responses.

Network Security

Encrypted Communication

All communication between your browser and Zero's servers uses TLS encryption:

Queries encrypted in transit
Responses encrypted on the way back
No plaintext exposure to network observers

IP Protection

Your IP address is not logged with AI queries. While Zero's servers see your IP for network routing, it's not associated with:

Specific questions you ask
Topics you research
Conversation content or patterns

Threat Model

What Zero Protects Against

Surveillance: No one (including Zero) can see what you're asking the AI
Data Breaches: If Zero's servers are compromised, there are no AI conversation logs to steal
Profiling: Zero can't build behavioral profiles because it doesn't retain query history
Third-Party Tracking: No analytics, no ad networks, no data sharing with external parties

What Zero Doesn't Protect Against

Malware on Your Device: If your computer is compromised, attackers could see your screen or keystrokes
Social Engineering: If you share sensitive info with the AI, it could be included in responses
Network-Level Monitoring: VPNs/Tor are recommended if you need to hide that you're using Zero at all

Maximum Privacy: Use Zero in incognito mode + VPN + destroy session after sensitive queries for the highest privacy posture.

TEE Attestation

Zero provides cryptographic attestation that AI processing occurs inside genuine TEEs:

Remote Attestation: TEE hardware generates proof of secure execution
Code Verification: Attestation includes hash of the code running inside the TEE
Public Verification: Anyone can verify Zero's attestation reports

This prevents Zero from running modified AI code that logs conversations, even if operators wanted to.

AI Model Privacy

Model Training

Zero's AI models are NOT trained on user conversations:

No conversation data is used for model fine-tuning
Your queries don't improve the AI for other users
Models are updated independently, not based on live usage

AI Infrastructure

Zero uses NEAR AI Cloud for AI model inference:

Conversations are processed on NEAR's AI infrastructure
All processing occurs within TEE-protected environments
No third-party AI providers (like OpenAI or Anthropic) are used

NEAR AI Cloud: Zero's AI runs on NEAR Protocol's infrastructure, keeping your data within the NEAR ecosystem's security model.

Privacy Best Practices

Don't Share Sensitive Information

Never type private keys, seed phrases, or passwords
Don't share personally identifiable information (full name, address, SSN)
Avoid sharing confidential business or legal information

Use Destroy Regularly

Click "Destroy" after sensitive research sessions
Always destroy before leaving a shared computer
Destroy immediately if you accidentally share sensitive data

Incognito Mode for Maximum Privacy

Use private browsing to prevent local storage persistence
Combine with VPN if you need to hide Zero usage from network observers
Close the incognito window when done to auto-clear all data

Comparison to Other AI Assistants

Feature	Zero AI	ChatGPT	Google Bard
Conversation logging	None	Logged	Logged
Training on your data	Never	Optional	Yes
TEE protection	Yes	No	No
IP tracking	Not linked	Logged	Logged
Data retention	Session only	30 days+	18 months