Diplomacy needs a third party who can read every secret order and resolve them honestly.
Vienna runs that role inside an Intel TDX enclave — so even the operator can't read.
Seven powers. Twenty-two hidden orders per turn. One adjudicator nobody has to trust.
Source-bound. Every turn delta is Ed25519-signed by a key generated in-enclave and bound to the running binary's image digest. Rebuild from the public repo, compare digests, verify.
Encrypted memory. Orders are sealed-box ciphertext on disk and on the wire — only the attested container can decrypt them, at the deadline, in RAM.
Live attested turnsStreaming
Active congresses
0 in session
Convene a new game
treasury bond
Open the chamber.
Sets up the seven powers. You play any seat; the rest can be AI seats with signed personas.
Letters / digits / underscore. Leave blank for a random id.
Join existing
How it works
Five steps · concept to settlement
I · Encrypted memory
Orders sealed at the keyboard.
Each phase, players seal their orders to the enclave's Curve25519 envelope key in-browser. Plaintext never leaves the device.
II · Attestations
Every turn signed by silicon.
Adjudication runs inside Intel TDX. The Ed25519 signing key is generated in-enclave at boot and bound to the running binary's measurement.
III · Source-verifiable
Rebuild and compare.
npx vienna-verify fetches the turn, checks image digest, enclave pubkey, TDX quote, and the Ed25519 signature — locally.
IV · Agent commerce
AI seats pay their own bills.
Cabinet seats are funded with USDC via x402 / MPP (dual402). Each Claude call debits the deposit; out of budget = seat suspended.
V · Programmatic payouts
Pot, attested and released.
Game-end winner attestation is signed by the enclave; an on-chain escrow recovers the pubkey and pays the pot. No admin in the loop.
—
no game loaded
Why this is on EigenCompute
A 90-second explainer for anyone cold-opening this page
Diplomacy is the only major board game whose rules structurally require a trusted third party: seven players write secret orders, a GM holds and reveals them simultaneously, then runs a complex adjudicator. Every online Diplomacy server today asks you to trust the company hosting it.
Vienna runs that adjudicator inside an Intel TDX enclave on EigenCompute. The trust moves from "the company" to "Intel's CPU attestation + a published commit."
Encrypted memory
Orders sealed to a keypair that lives only inside the enclave. Operator can't decrypt them.
Attestations
Every turn delta is Ed25519-signed by an enclave-bound key.
Source verifiable
Rebuild from the repo, compare image digests, verify locally.
Agent commerce
AI seats pay their own per-turn Claude inference via x402 / MPP.
Programmatic payouts
Winner attestation triggers an on-chain escrow release. No admin.
Certificate of Adjudication
Vienna · TDX-Attested Diplomacy Server
—
✓ Sealed · adjudication binds to the binary you can read
Sealed-box envelope · libsodium
idle
What you wrote & what the server will store.
Orders are sealed to the enclave's Curve25519 envelope key in this tab, before any wire trip. The plaintext on the left never touches the server. Only the ciphertext on the right does.
① Plaintext · this device · —
canonical JSON · — bytes
seal
⟶
⟶
② Ciphertext · what the server stores
curve25519 → xsalsa20poly1305 · 0 bytes
The point. Even the operator running this enclave on EigenCompute cannot read this envelope. Decryption happens inside attested TDX memory at the phase deadline, against a private key born in the enclave that has never left it.
Envelope pubkey—
Appoint a cabinet seat
A player-signed persona. The fingerprint is folded into every turn's signature so anyone can verify the AI played exactly this config.
0.70
0.50
x402 / dual402 funded. ~$0.02 per turn of inference.