Private Jobs
B3IQ-native async encrypted private-job APIs and the active private_transport privacy boundary.
Private jobs are B3IQ-native async APIs, not hosted OpenAI chat. They are used for encrypted private transport workflows against known enrolled nodes or routed private-job paths.
Current private jobs are private from the B3IQ control plane, gateway, hosted playground, router accounting, billing exports, and public explorer payloads. They are not yet a claim that prompts and outputs are hidden from the node operator.
Create A Direct Private Job
Seal the request first with the private-transport helper. Send only the encrypted request envelope to B3IQ.
javascriptimport { readFileSync } from "node:fs";const baseURL = process.env.B3IQ_GATEWAY_BASE_URL;const customerID = process.env.B3IQ_CUSTOMER_ID;const nodeID = process.env.B3IQ_PRIVATE_NODE_ID;const customerToken = readFileSync(process.env.B3IQ_CUSTOMER_TOKEN_FILE, "utf8").trim();const encryptedRequest = JSON.parse(readFileSync(process.env.B3IQ_ENCRYPTED_REQUEST_FILE, "utf8"));const response = await fetch(`${baseURL}/v1/private-inference/jobs`, { method: "POST", headers: { "content-type": "application/json", "x-b3iq-customer-id": customerID, "x-b3iq-customer-token": customerToken }, body: JSON.stringify({ job_id: process.env.B3IQ_PRIVATE_JOB_ID, node_id: nodeID, model_id: "llama3.1:8b", max_price_wei: "100", encrypted_request: encryptedRequest })});console.log(await response.json());
Envelope Contract
Accepted b3iq-private-transport-v1 request envelope fields:
| Field | Purpose |
|---|---|
| version | Envelope version marker |
| key_id | Node transport key identifier |
| algorithm | Encryption algorithm |
| client_public_key_x25519 | Client public key for X25519 key exchange |
| nonce | Encryption nonce |
| ciphertext | Encrypted request payload |
| aad_hash | Optional associated-data hash |
Extra request fields are rejected before customer balance reservation so
plaintext cannot be smuggled into D1 under encrypted_request.
Job Lifecycle
Client verifies policy
For current private transport, the client selects an enrolled node and transport key. Future verified-confidential jobs also verify TEE attestation before encryption.
Client seals payload
The plaintext request is encrypted to the node transport key and bound with
associated data such as b3iq-private-inference:<job_id>.
Control plane queues ciphertext
B3IQ stores job state, billing reservation, ciphertext envelope, and public metadata. It does not store the plaintext prompt or output.
Node claims and executes
The host agent receives the encrypted job through command polling, decrypts, executes against local runtime, and returns an encrypted result envelope.
Receipt and billing settle
The result can include a signed receipt hash. Billing release, debit, payout, and settlement evidence follow the receipt policy.
Read Job State
textGET /v1/private-inference/jobs/{job_id}
The response returns job status and encrypted result fields. It must not return plaintext request or response bodies.
Privacy Classes
| Class | Status | Meaning |
|---|---|---|
| private_transport | Active | Client encrypts to node transport key. Protects content from B3IQ services and public surfaces, not from the node operator. |
| verified_confidential_cpu | Planned | Requires verified TEE attestation, transport key binding, freshness policy, and receipt evidence. |
| verified_confidential_gpu | Later | Requires practical confidential GPU hardware, drivers, and attestation tooling. |
See Protocol privacy for the full privacy boundary.