Secure Enclaves
Run sensitive AI workloads in hardware-isolated confidential computing environments. Data is encrypted in use, with cryptographic attestation.
Overview
Tenzro Secure Enclaves use AMD SEV-SNP and Intel TDX to provide:
- Memory Encryption: Data encrypted in RAM
- Hardware Isolation: Protected from host OS
- Attestation: Cryptographic proof of code integrity
- Key Protection: Secrets never exposed in plaintext
Use Cases
- Processing healthcare data (HIPAA compliance)
- Financial model inference
- Multi-party computation
- Secure AI training on sensitive data
- Privacy-preserving analytics
Creating an Enclave
import { Tenzro } from 'tenzro';const tenzro = new Tenzro();const enclave = await tenzro.enclaves.create({name: 'secure-inference',type: 'amd-sev-snp', // or 'intel-tdx'size: 'medium', // small, medium, largeregion: 'us-central1',});console.log('Enclave ID:', enclave.id);console.log('Status:', enclave.status);
Attestation
Verify the enclave before sending sensitive data:
// Get attestation reportconst attestation = await tenzro.enclaves.attest(enclave.id);console.log('Report:', attestation.report);console.log('Measurement:', attestation.measurement);console.log('Platform:', attestation.platform);// Verify attestation (client-side)const isValid = await tenzro.enclaves.verifyAttestation(attestation, {expectedMeasurement: 'sha384:abc123...',trustedPlatformKeys: ['key1', 'key2'],});if (!isValid) {throw new Error('Attestation verification failed');}
Running Code in Enclaves
// Deploy a function to the enclaveconst deployment = await tenzro.enclaves.deploy(enclave.id, {runtime: 'nodejs20',code: `export async function handler(input) {// This code runs inside the enclaveconst result = await processSecureData(input.data);return { result };}`,memory: 512,});// Invoke the enclave functionconst result = await tenzro.enclaves.invoke(enclave.id, {function: 'handler',input: {data: encryptedData,},});
Secure Key Management
// Generate keys inside enclaveconst keyPair = await tenzro.enclaves.generateKey(enclave.id, {algorithm: 'ed25519',exportable: false, // Key never leaves enclave});// Sign data with enclave-protected keyconst signature = await tenzro.enclaves.sign(enclave.id, {keyId: keyPair.id,data: dataToSign,});// Encrypt data with enclave keyconst encrypted = await tenzro.enclaves.encrypt(enclave.id, {keyId: keyPair.id,plaintext: sensitiveData,});
AI Inference in Enclaves
// Run AI inference on sensitive dataconst response = await tenzro.enclaves.inference(enclave.id, {model: 'gemini-2.5-flash',messages: [{ role: 'user', content: sensitivePrompt },],// Data is decrypted only inside the enclaveencryptedContext: encryptedPatientRecords,});// Response is encrypted before leaving enclaveconst decryptedResponse = await decrypt(response.encrypted);
Enclave Sizes
| Size | vCPUs | Memory | Price/hour |
|---|---|---|---|
| small | 2 | 4 GB | $0.15 |
| medium | 4 | 16 GB | $0.45 |
| large | 8 | 32 GB | $0.90 |
| xlarge | 16 | 64 GB | $1.80 |
Managing Enclaves
// List enclavesconst enclaves = await tenzro.enclaves.list();// Get enclave detailsconst details = await tenzro.enclaves.get(enclaveId);// Update enclaveawait tenzro.enclaves.update(enclaveId, {size: 'large',});// Delete enclaveawait tenzro.enclaves.delete(enclaveId);
Compliance
Secure Enclaves help meet compliance requirements:
| Standard | Requirement | Enclave Support |
|---|---|---|
| HIPAA | Data encryption | Memory encryption |
| PCI DSS | Key protection | Hardware key storage |
| GDPR | Data minimization | Isolated processing |
| SOC 2 | Access controls | Attestation audit |
Best Practices
- Always verify attestation before sending sensitive data
- Use the smallest enclave size that meets your needs
- Keep enclave code minimal and audited
- Rotate enclave instances regularly
- Enable audit logging for compliance