TEE & Intel SGX

A Trusted Execution Environment (TEE) is a hardware-isolated compute environment. In Intel® SGX, sensitive code runs in an enclave with encrypted memory. Even privileged software (OS/hypervisor) cannot inspect enclave memory.

In Clique:

  • The enclave performs keygen and signing.

  • Raw private keys never leave enclave memory.

  • Data at rest is encrypted and only decryptable from within the enclave.

PreviousSecurityNextRemote Attestation

Last updated