Models
PrivateClaw runs inference through a private, attested pipeline. Every model runs on hardware inside a Trusted Execution Environment. Your prompts are never exposed to the host, the cloud provider, or us.
#3
Qwen 3.5 family ranks #3 on PinchBench
90.0% best score on the PinchBench.com OpenClaw model leaderboard, behind only Claude Opus 4.6 and GPT-5.4
Current Model
Qwen 3.5-35B
Active
Part of the Qwen 3.5 family. The specific 35B-A3B-FP8 variant is optimized for private inference. Same model family that scores 90.0% on PinchBench.
| Full name | Qwen/Qwen3.5-35B-A3B-FP8 |
| Architecture | Mixture-of-Experts (35B total params, 3B active) |
| Quantization | FP8 |
| Context window | 32,768 tokens |
| Hardware | NVIDIA H100 GPUs in TEE |
| Attestation | Verified. Every response includes an attestation report |
| Token pricing | $0.25 / 1M input tokens · $2.00 / 1M output tokens |
More Models Coming Soon
We are expanding our model lineup. Additional models are in testing and will be available soon.
New model
In testing
New model
In testing
New model
In testing
Have a specific model request? Reach out at support@privateclaw.dev.
Privacy Guarantees
- Runs in a Trusted Execution Environment. The inference cluster operates inside a TEE with hardware-level isolation.
- Attestation on every response. The inference proxy (tee-proxy) attaches a cryptographic attestation report to every API response, proving it was processed inside a TEE.
- No data stored. Prompts and completions are processed in-memory and never persisted.
- Verifiable by you. Run
privateclaw verifyon your CVM to independently check the inference provider's attestation.