πŸ§ͺ TESTNETΒ·Base Sepolia Β· No real funds Β· Subject to reset

Trust & Safety

A product that handles inference keys and payments has to be verifiable, not just trusted. This page gathers the proofs, the limits, and who is responsible β€” in one place.

β€œDon't trust, verify.”

Project status

Live on Base mainnetExperimental betaNo SLA yet

Carpe Diem is deployed and live on Base mainnet, and is currently in an experimental beta ahead of its public launch. Treat it as such: use small limits, and do not connect critical keys. What is testnet, mainnet, and beta is stated explicitly rather than blurred.

Who is behind Carpe Diem

Carpe Diem is a project of Lumen Labs, a Swiss non-profit association (art. 60 ff. of the Swiss Civil Code) based in Geneva. The association is the legal entity responsible for the protocol β€” not an anonymous team. Detailed team and governance communication will follow.

We identify the responsible legal entity and jurisdiction. Internal documents (e.g. the association's statutes) are not published, which is standard practice.

Your funds β€” non-custodial by design

Carpe Diem does not hold your funds. You keep your own wallet. When you buy credits, you purchase a service (AI inference): the escrow records non-refundable credits, it is not a deposit account managed on your behalf. There is no custody of user money β€” which keeps the protocol outside heavier financial-intermediary regimes.

  • You control your wallet and your spending.
  • The escrow contract holds purchased credits on-chain.
  • Providers earn DIEM, withdrawable to their own wallet.
  • Venice serves the inference; Phala secures the keys.

On-chain contracts (Base mainnet)

All official addresses in one place β€” beware of look-alikes. The escrow source is verified and reproducible from the repository: Sourcify reports a full bytecode match against the deployed contract.

CarpeEscrow (UUPS proxy)
0x15917768b31CB1DC61d9d858f2419BF45044005d
0x53344b3b0a89CaeACD9D0B50bf5B1D21C4A1e9b4
USDC (Base)
0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913
DIEM (Venice)
0xF4d97F2da56e8c3098f3a8D538DB630A2606a024

Contract governance & upgradeability

The escrow is upgradeable (UUPS) so security fixes can ship without migrating user balances. Upgrade and admin rights are being migrated from the deploying account to a Gnosis Safe multisig governed by a Timelock with a public delay. Once in place, no single party can change the contracts instantly β€” every change passes through a multi-signature approval and an announced, on-chain waiting period.

On-chain roles (admin, operator, guardian) are readable directly from the contract on BaseScan.

Key protection & TEE attestation

Provider keys are sealed inside a hardware Trusted Execution Environment (Intel TDX on Phala Cloud). They are never written to disk, never logged, and cannot be extracted from the enclave β€” not by the host, not by the Carpe Diem team. The running enclave is cryptographically attested against a published image digest, so anyone can verify what code is actually running.

Verify the live attestation

Audit status

To date, the protocol has undergone an internal security review (AudiBot, Lumen Labs β€” May 2026). An independent external audit is planned, funded by accumulated protocol revenue. There is no external audit report yet β€” so we do not present the protocol as β€œexternally audited.” The public report (scope, commit, findings, remediations) will be published when that audit is complete.

Provider key safety

  • Use an inference-only Venice key β€” never an admin key.
  • Scope it with a consumption limit and an expiry; this stays entirely under your control.
  • Choose RAM-only (re-provision after reboot) or encrypted-at-rest persistence.
  • Revoke anytime β€” from the provider page (removed from the TEE immediately) or from Venice.

Known risks β€” read before using

For providers

  • Your Venice capacity is consumed by buyers; start with low limits.
  • DIEM earnings are variable and depend on demand.
  • Venice may change its own rules, pricing or models.

For buyers

  • Availability and latency depend on live provider capacity.
  • Credits are non-refundable; buy what you expect to use.
  • Beta software with no SLA yet β€” not for mission-critical workloads.

Report a vulnerability

Found a security issue? We welcome responsible disclosure. Please report privately first and give us reasonable time to remediate. A public bug-bounty program is planned.

security@carpe-diem.xyz

Entity: Lumen Labs (Swiss association) β€’ Infrastructure: Phala Cloud (Intel TDX) β€’ Frontend: Vercel β€’ Inference: Venice AI

Internal security audit (AudiBot, Lumen Labs) β€” May 2026 β€’ Independent external audit planned