From 5fcf2330d392cc58f6d74179ba79245d9928fa9b Mon Sep 17 00:00:00 2001 From: kylexqian Date: Fri, 13 Mar 2026 00:53:27 -0700 Subject: [PATCH 1/4] Add verify_ssl parameter to LLM client for self-signed cert support Adds a `verify_ssl: bool = True` parameter to `LLM.__init__` so callers can disable TLS certificate verification when connecting directly to a TEE via `llm_server_url` (e.g. a server with a self-signed certificate). Updates docstring and CLAUDE_SDK_USERS.md accordingly. Co-Authored-By: Claude Sonnet 4.6 --- docs/CLAUDE_SDK_USERS.md | 4 ++++ src/opengradient/client/llm.py | 15 ++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/docs/CLAUDE_SDK_USERS.md b/docs/CLAUDE_SDK_USERS.md index f65a8e7..feba80c 100644 --- a/docs/CLAUDE_SDK_USERS.md +++ b/docs/CLAUDE_SDK_USERS.md @@ -40,6 +40,10 @@ Each service has its own client class: # LLM inference (Base Sepolia OPG tokens for x402 payments) llm = og.LLM(private_key="0x...") +# Connect directly to a known TEE IP instead of using the on-chain registry. +# Set verify_ssl=False when the server uses a self-signed certificate. +llm = og.LLM(private_key="0x...", llm_server_url="https://1.2.3.4", verify_ssl=False) + # On-chain model inference (OpenGradient testnet gas tokens) alpha = og.Alpha(private_key="0x...") diff --git a/src/opengradient/client/llm.py b/src/opengradient/client/llm.py index a345caa..791e7d3 100644 --- a/src/opengradient/client/llm.py +++ b/src/opengradient/client/llm.py @@ -68,6 +68,18 @@ class LLM: result = await llm.chat(model=TEE_LLM.CLAUDE_HAIKU_4_5, messages=[...]) result = await llm.completion(model=TEE_LLM.CLAUDE_HAIKU_4_5, prompt="Hello") + + Args: + private_key (str): Ethereum private key for signing x402 payments. + rpc_url (str): RPC URL for the OpenGradient network. Used to fetch the + active TEE endpoint from the on-chain registry when ``llm_server_url`` + is not provided. + tee_registry_address (str): Address of the on-chain TEE registry contract. + llm_server_url (str, optional): Bypass the registry and connect directly + to this TEE endpoint URL (e.g. ``"https://1.2.3.4"``). + verify_ssl (bool): Whether to verify the server's TLS certificate. + Defaults to ``True``. Set to ``False`` when connecting directly via + ``llm_server_url`` to a TEE with a self-signed certificate. """ def __init__( @@ -76,6 +88,7 @@ def __init__( rpc_url: str = DEFAULT_RPC_URL, tee_registry_address: str = DEFAULT_TEE_REGISTRY_ADDRESS, llm_server_url: Optional[str] = None, + verify_ssl: bool = True, ): self._wallet_account: LocalAccount = Account.from_key(private_key) @@ -90,7 +103,7 @@ def __init__( self._tee_payment_address = tee_payment_address ssl_ctx = build_ssl_context_from_der(tls_cert_der) if tls_cert_der else None - self._tls_verify: Union[ssl.SSLContext, bool] = ssl_ctx if ssl_ctx else True + self._tls_verify: Union[ssl.SSLContext, bool] = ssl_ctx if ssl_ctx else verify_ssl # x402 client and signer signer = EthAccountSignerv2(self._wallet_account) From 1aceb7261babd5a9165069ea225368014d80303a Mon Sep 17 00:00:00 2001 From: kylexqian Date: Fri, 13 Mar 2026 01:08:49 -0700 Subject: [PATCH 2/4] Add security warning for verify_ssl=False in docs and docstring Co-Authored-By: Claude Sonnet 4.6 --- docs/CLAUDE_SDK_USERS.md | 5 ++++- src/opengradient/client/llm.py | 8 ++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/docs/CLAUDE_SDK_USERS.md b/docs/CLAUDE_SDK_USERS.md index feba80c..f2930be 100644 --- a/docs/CLAUDE_SDK_USERS.md +++ b/docs/CLAUDE_SDK_USERS.md @@ -41,7 +41,10 @@ Each service has its own client class: llm = og.LLM(private_key="0x...") # Connect directly to a known TEE IP instead of using the on-chain registry. -# Set verify_ssl=False when the server uses a self-signed certificate. +# WARNING: verify_ssl=False disables TLS certificate verification and exposes +# the connection to man-in-the-middle attacks. Only use this when you trust +# the network path to the server. Never use in production without understanding +# the risks. llm = og.LLM(private_key="0x...", llm_server_url="https://1.2.3.4", verify_ssl=False) # On-chain model inference (OpenGradient testnet gas tokens) diff --git a/src/opengradient/client/llm.py b/src/opengradient/client/llm.py index 791e7d3..8a3b47f 100644 --- a/src/opengradient/client/llm.py +++ b/src/opengradient/client/llm.py @@ -80,6 +80,14 @@ class LLM: verify_ssl (bool): Whether to verify the server's TLS certificate. Defaults to ``True``. Set to ``False`` when connecting directly via ``llm_server_url`` to a TEE with a self-signed certificate. + + .. warning:: + Disabling SSL verification (``verify_ssl=False``) removes + protection against man-in-the-middle attacks. Only use this + when you trust the network path to the TEE and have verified + the server identity through another means (e.g. the on-chain + registry). Never use in production without understanding the + risks. """ def __init__( From 11110da8b5296ca2de048bd4b2fbfd8c8109d70b Mon Sep 17 00:00:00 2001 From: kylexqian Date: Mon, 16 Mar 2026 02:02:02 -0700 Subject: [PATCH 3/4] Auto-disable SSL verification when llm_server_url is set, remove verify_ssl param Self-hosted TEEs always use self-signed certs, so verify_ssl=False is the only practical option when bypassing the registry. Removes the explicit parameter and ties the behaviour to llm_server_url presence. Updates docstring and CLAUDE_SDK_USERS.md accordingly. Co-Authored-By: Claude Sonnet 4.6 --- docs/CLAUDE_SDK_USERS.md | 9 ++++----- src/opengradient/client/llm.py | 20 +++++++++----------- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/docs/CLAUDE_SDK_USERS.md b/docs/CLAUDE_SDK_USERS.md index f2930be..b8c7905 100644 --- a/docs/CLAUDE_SDK_USERS.md +++ b/docs/CLAUDE_SDK_USERS.md @@ -41,11 +41,10 @@ Each service has its own client class: llm = og.LLM(private_key="0x...") # Connect directly to a known TEE IP instead of using the on-chain registry. -# WARNING: verify_ssl=False disables TLS certificate verification and exposes -# the connection to man-in-the-middle attacks. Only use this when you trust -# the network path to the server. Never use in production without understanding -# the risks. -llm = og.LLM(private_key="0x...", llm_server_url="https://1.2.3.4", verify_ssl=False) +# WARNING: TLS certificate verification is automatically disabled when using +# llm_server_url, as self-hosted TEE servers typically use self-signed certs. +# Only connect to servers you trust over secure network paths. +llm = og.LLM(private_key="0x...", llm_server_url="https://1.2.3.4") # On-chain model inference (OpenGradient testnet gas tokens) alpha = og.Alpha(private_key="0x...") diff --git a/src/opengradient/client/llm.py b/src/opengradient/client/llm.py index 8a3b47f..74a33d7 100644 --- a/src/opengradient/client/llm.py +++ b/src/opengradient/client/llm.py @@ -76,18 +76,14 @@ class LLM: is not provided. tee_registry_address (str): Address of the on-chain TEE registry contract. llm_server_url (str, optional): Bypass the registry and connect directly - to this TEE endpoint URL (e.g. ``"https://1.2.3.4"``). - verify_ssl (bool): Whether to verify the server's TLS certificate. - Defaults to ``True``. Set to ``False`` when connecting directly via - ``llm_server_url`` to a TEE with a self-signed certificate. + to this TEE endpoint URL (e.g. ``"https://1.2.3.4"``). When set, + TLS certificate verification is disabled automatically because + self-hosted TEE servers typically use self-signed certificates. .. warning:: - Disabling SSL verification (``verify_ssl=False``) removes - protection against man-in-the-middle attacks. Only use this - when you trust the network path to the TEE and have verified - the server identity through another means (e.g. the on-chain - registry). Never use in production without understanding the - risks. + Using ``llm_server_url`` disables TLS certificate verification, + which removes protection against man-in-the-middle attacks. + Only connect to servers you trust and over secure network paths. """ def __init__( @@ -96,7 +92,6 @@ def __init__( rpc_url: str = DEFAULT_RPC_URL, tee_registry_address: str = DEFAULT_TEE_REGISTRY_ADDRESS, llm_server_url: Optional[str] = None, - verify_ssl: bool = True, ): self._wallet_account: LocalAccount = Account.from_key(private_key) @@ -111,6 +106,9 @@ def __init__( self._tee_payment_address = tee_payment_address ssl_ctx = build_ssl_context_from_der(tls_cert_der) if tls_cert_der else None + # When connecting directly via llm_server_url, skip cert verification — + # self-hosted TEE servers commonly use self-signed certificates. + verify_ssl = llm_server_url is None self._tls_verify: Union[ssl.SSLContext, bool] = ssl_ctx if ssl_ctx else verify_ssl # x402 client and signer From b7f0c36342693ab5738053cfddb5f0dfde0b441a Mon Sep 17 00:00:00 2001 From: kylexqian Date: Mon, 16 Mar 2026 02:13:08 -0700 Subject: [PATCH 4/4] Bump version to 0.8.1 Co-Authored-By: Claude Sonnet 4.6 --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 7b7247c..c0d6f34 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta" [project] name = "opengradient" -version = "0.8.0" +version = "0.8.1" description = "Python SDK for OpenGradient decentralized model management & inference services" authors = [{name = "OpenGradient", email = "adam@vannalabs.ai"}] readme = "README.md"