Skip to content

Confidential Computing & TEEs

Confidential Computing is the protection of data in use by performing computation in a hardware-based, attested Trusted Execution Environment (TEE).

What is a TEE?

A Trusted Execution Environment (TEE), or Enclave, is a secure area of a main processor. It guarantees that code and data loaded inside are protected with respect to confidentiality and integrity.

Key properties include: - Data-in-use encryption: Memory used by the enclave is encrypted. - Isolation: The OS, Hypervisor, and other processes cannot peek inside the TEE. - Attestation: The hardware provides a cryptographic proof that a specific piece of code is running on genuine hardware.

Attestation in Lucid

Lucid leverages remote attestation to provide users with an AI Passport. This passport contains: 1. Hardware Quote: Proof it's a real TEE (e.g., Intel SGX, AMD SEV-SNP, AWS Nitro). 2. Software Measurement (MRENCLAVE): A hash of the exact code running. 3. Public Key: Used to verify subsequent results signed by the enclave.

Mock Mode

Since TEE hardware is specialized, Lucid provides a Mock Mode for local development. It simulates the attestation handshake using software-based keys, allowing you to build and test your logic before deploying to expensive cloud infrastructure.