TEE & Intel SGX

Trusted Execution Environment (TEE)

The Trusted Execution Environment (TEE) is a secure, isolated area within the main processor that acts as a hardware-protected vault. TEE is a security technology standard that provides a secure area of execution within a processor, ensuring that code and data loaded inside are protected with respect to confidentiality and integrity. Unlike software-based security solutions that rely on operating system permissions or application-level encryption, TEE provides hardware-level isolation that protects code and data from unauthorized access at the CPU level. TEE implementations create isolated execution environments where sensitive operations can be performed securely, even when the host operating system, hypervisor, or other system components are compromised.

TEE technology addresses a critical security challenge known as the "trust boundary" problem. In traditional systems, any code running with sufficient privileges can access all memory and data, meaning users must trust not just the application, but also the OS, hypervisor, cloud provider, and all software in between. TEE eliminates this trust dependency by creating a hardware-enforced trust boundary that even the most privileged software cannot cross.

For custodial wallet services like Clique Wallet, TEE is particularly valuable because it allows the service to manage user wallets (providing convenience) while ensuring that private keys remain inaccessible even to the service operators themselves (providing security). This hardware-level protection is fundamental to Clique Wallet's security model, ensuring that sensitive cryptographic operations are protected at the silicon level rather than relying solely on software safeguards, or trust in system administrators.

Intel SGX (Software Guard Extensions)

Intel SGX (Software Guard Extensions) is Intel's implementation of TEE technology and is widely used in production environments across various industries. SGX provides a set of CPU instructions that allow applications to create protected areas of memory called Enclave. SGX creates encrypted memory enclaves—isolated regions of memory that are cryptographically protected. Code and data within an SGX enclave are encrypted using keys derived from the CPU itself, and can only be decrypted by the CPU when executing within that specific enclave. This encryption happens transparently at the hardware level, meaning that even if an attacker has root access to the system, physical access to the server, or control over the hypervisor, they cannot read or modify the contents of an SGX enclave.

SGX enclaves operate through a hardware-based security model. When an enclave is created, the CPU allocates a protected region of memory (EPC - Enclave Page Cache) that is encrypted using keys stored within the CPU's secure key hierarchy. The enclave's memory pages are encrypted with a unique key derived from the CPU's root key, the enclave's measurement (cryptographic hash of code and data), and the enclave's identity. The CPU automatically decrypts data when it enters the enclave and re-encrypts it when it leaves, all at the hardware level without exposing plaintext to any software layer.

SGX provides cryptographic attestation capabilities that allow verification that code is running in a genuine SGX enclave on an authentic Intel processor. The enclave generates a cryptographic report signed by the CPU, which can be verified remotely through Intel's Attestation Service to confirm the enclave is running expected code on a genuine processor. Enclaves can also "seal" data (encrypt it) using keys derived from the enclave's identity and the CPU, allowing sealed data to persist securely across system reboots.

Clique Wallet leverages Intel SGX to protect all critical cryptographic operations. Private keys are generated entirely within an SGX enclave, stored in encrypted form using SGX's sealing mechanism, and used for transaction signing without ever leaving the enclave in plaintext. When signing transactions, only the signature is returned—the private key remains sealed within the enclave. All key derivation operations for sub-wallets also occur within the enclave, ensuring derived keys are equally protected. This multi-layered protection (hardware, enclave, and application levels) ensures private keys remain secure even when the host OS is compromised, cloud providers have system access, or attackers gain root privileges.