From 5fcf2330d392cc58f6d74179ba79245d9928fa9b Mon Sep 17 00:00:00 2001
From: kylexqian <kylexqian@gmail.com>
Date: Fri, 13 Mar 2026 00:53:27 -0700
Subject: [PATCH 1/2] Add verify_ssl parameter to LLM client for self-signed
 cert support

Adds a `verify_ssl: bool = True` parameter to `LLM.__init__` so callers
can disable TLS certificate verification when connecting directly to a
TEE via `llm_server_url` (e.g. a server with a self-signed certificate).
Updates docstring and CLAUDE_SDK_USERS.md accordingly.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 docs/CLAUDE_SDK_USERS.md       |  4 ++++
 src/opengradient/client/llm.py | 15 ++++++++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/docs/CLAUDE_SDK_USERS.md b/docs/CLAUDE_SDK_USERS.md
index f65a8e7..feba80c 100644
--- a/docs/CLAUDE_SDK_USERS.md
+++ b/docs/CLAUDE_SDK_USERS.md
@@ -40,6 +40,10 @@ Each service has its own client class:
 # LLM inference (Base Sepolia OPG tokens for x402 payments)
 llm = og.LLM(private_key="0x...")
 
+# Connect directly to a known TEE IP instead of using the on-chain registry.
+# Set verify_ssl=False when the server uses a self-signed certificate.
+llm = og.LLM(private_key="0x...", llm_server_url="https://1.2.3.4", verify_ssl=False)
+
 # On-chain model inference (OpenGradient testnet gas tokens)
 alpha = og.Alpha(private_key="0x...")
 
diff --git a/src/opengradient/client/llm.py b/src/opengradient/client/llm.py
index a345caa..791e7d3 100644
--- a/src/opengradient/client/llm.py
+++ b/src/opengradient/client/llm.py
@@ -68,6 +68,18 @@ class LLM:
 
         result = await llm.chat(model=TEE_LLM.CLAUDE_HAIKU_4_5, messages=[...])
         result = await llm.completion(model=TEE_LLM.CLAUDE_HAIKU_4_5, prompt="Hello")
+
+    Args:
+        private_key (str): Ethereum private key for signing x402 payments.
+        rpc_url (str): RPC URL for the OpenGradient network. Used to fetch the
+            active TEE endpoint from the on-chain registry when ``llm_server_url``
+            is not provided.
+        tee_registry_address (str): Address of the on-chain TEE registry contract.
+        llm_server_url (str, optional): Bypass the registry and connect directly
+            to this TEE endpoint URL (e.g. ``"https://1.2.3.4"``).
+        verify_ssl (bool): Whether to verify the server's TLS certificate.
+            Defaults to ``True``. Set to ``False`` when connecting directly via
+            ``llm_server_url`` to a TEE with a self-signed certificate.
     """
 
     def __init__(
@@ -76,6 +88,7 @@ def __init__(
         rpc_url: str = DEFAULT_RPC_URL,
         tee_registry_address: str = DEFAULT_TEE_REGISTRY_ADDRESS,
         llm_server_url: Optional[str] = None,
+        verify_ssl: bool = True,
     ):
         self._wallet_account: LocalAccount = Account.from_key(private_key)
 
@@ -90,7 +103,7 @@ def __init__(
         self._tee_payment_address = tee_payment_address
 
         ssl_ctx = build_ssl_context_from_der(tls_cert_der) if tls_cert_der else None
-        self._tls_verify: Union[ssl.SSLContext, bool] = ssl_ctx if ssl_ctx else True
+        self._tls_verify: Union[ssl.SSLContext, bool] = ssl_ctx if ssl_ctx else verify_ssl
 
         # x402 client and signer
         signer = EthAccountSignerv2(self._wallet_account)

From 1aceb7261babd5a9165069ea225368014d80303a Mon Sep 17 00:00:00 2001
From: kylexqian <kylexqian@gmail.com>
Date: Fri, 13 Mar 2026 01:08:49 -0700
Subject: [PATCH 2/2] Add security warning for verify_ssl=False in docs and
 docstring

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 docs/CLAUDE_SDK_USERS.md       | 5 ++++-
 src/opengradient/client/llm.py | 8 ++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/docs/CLAUDE_SDK_USERS.md b/docs/CLAUDE_SDK_USERS.md
index feba80c..f2930be 100644
--- a/docs/CLAUDE_SDK_USERS.md
+++ b/docs/CLAUDE_SDK_USERS.md
@@ -41,7 +41,10 @@ Each service has its own client class:
 llm = og.LLM(private_key="0x...")
 
 # Connect directly to a known TEE IP instead of using the on-chain registry.
-# Set verify_ssl=False when the server uses a self-signed certificate.
+# WARNING: verify_ssl=False disables TLS certificate verification and exposes
+# the connection to man-in-the-middle attacks. Only use this when you trust
+# the network path to the server. Never use in production without understanding
+# the risks.
 llm = og.LLM(private_key="0x...", llm_server_url="https://1.2.3.4", verify_ssl=False)
 
 # On-chain model inference (OpenGradient testnet gas tokens)
diff --git a/src/opengradient/client/llm.py b/src/opengradient/client/llm.py
index 791e7d3..8a3b47f 100644
--- a/src/opengradient/client/llm.py
+++ b/src/opengradient/client/llm.py
@@ -80,6 +80,14 @@ class LLM:
         verify_ssl (bool): Whether to verify the server's TLS certificate.
             Defaults to ``True``. Set to ``False`` when connecting directly via
             ``llm_server_url`` to a TEE with a self-signed certificate.
+
+            .. warning::
+                Disabling SSL verification (``verify_ssl=False``) removes
+                protection against man-in-the-middle attacks. Only use this
+                when you trust the network path to the TEE and have verified
+                the server identity through another means (e.g. the on-chain
+                registry). Never use in production without understanding the
+                risks.
     """
 
     def __init__(