Fine-tune on sensitive data with differential privacy. Every adapter ships with a signed certificate — verifiable by anyone, tamper-evident by design. Your training data stays protected even if the weights leak.
Three primitives, one pipeline. Each is a node in the lattice — useless alone, definitive together. Privacy you can verify.
DP-SGD with Rényi accountant. Gaussian noise calibrated to your ε. Every gradient step accounted for, every dataset bounded.
BLAKE3 hash every weight tensor. ed25519 sign the certificate. Record ε, δ, noise multiplier, training steps. Tamper-evident — one flipped bit and verification fails.
Publish your adapter to HuggingFace, share with a colleague, deploy to production. The certificate travels with the weights. Anyone can verify. Your training data stays protected.
A model is (ε, δ)-differentially private if the probability of any output changes by less than eε when a single training example is added or removed. We make ε small. We make δ tiny. We prove it.
For all neighboring datasets D, D′ and all output sets S.
Per-sample gradients bounded to L2 norm C. Hard cap.
Gaussian noise σ added per batch. Calibrated to ε.
Noisy gradient → optimizer. Update happens.
RDP accountant tracks budget. Bounds compose tightly.
Every team fine-tunes on proprietary data. The problem isn’t training — it’s what happens after. Lattice lets you ship the adapter without shipping the dataset.
500K lines of internal code. You want a copilot that knows your patterns, conventions, and architecture. Fine-tune with DP-SGD — even if the adapter leaks, no one extracts your source. Share across the team with a signed certificate.
Support tickets, user feedback, sales calls. Train a model that understands your customers without leaking individual records. The ε guarantee means no single customer’s data can be extracted from the weights. GDPR-compatible by construction.
Docs, wikis, runbooks, post-mortems. Fine-tune a model on institutional knowledge and deploy to the whole org. The certificate proves the model can’t regurgitate confidential specifics — auditors can verify without seeing the data.
Patient records, case files, privileged correspondence. Regulated industries need provable privacy — not just promises. The Lattice certificate is a HIPAA artifact: here’s the ε, here’s the δ, here’s the signature. Verify it.
On-chain models need on-chain proof. Lattice certificates are verifiable by smart contracts — not just humans.
Train a model on proprietary trading signals — MEV strategies, arb patterns, liquidity analysis. Sell the model, not the alpha. The ε guarantee means buyers can’t reverse-engineer your edge from the weights.
Train analytics on member voting patterns without exposing individual votes. The model predicts proposal outcomes — no single member’s history can be extracted. Verifiable privacy for on-chain governance.
Security firms train on private vulnerability databases and publish the model for the ecosystem. The certificate proves it doesn’t leak the vuln DB — clients verify before trusting. Open security, closed data.
Ten models on huggingface.co/lattice-ai. Each carries a privacy tier and a signed certificate. Pull one, train on it, verify it.
▸3 more on the registry · all signed · all MIT
One pip install, one pull, one train, one verify. Private training from byte one. The CLI is the contract.
A tamper-evident JSON blob, BLAKE3-signed at the registry. Read it before you load the model. Reject if it doesn't match.
Pick the tier that matches your threat model. Each is a denser lattice of guarantees — more nodes, more proofs.
Encrypted runtime around any model. No retraining.
DP-SGD retrained. Mathematical guarantee on memorization.
Trained from scratch on your private data. Maximum density.
Install ltce in your next terminal. Train on your sensitive data. Ship a signed certificate with every adapter. Verify anywhere.