AMD SEV-SNP
AuditZK runs its aggregation enclave on AMD SEV-SNP. Credentials are decrypted only inside an encrypted, integrity-protected VM, inaccessible to the hypervisor, the host OS, and AuditZK operators.
Every page of enclave RAM is encrypted with a hardware key that never leaves the CPU.
Each enclave ships a signed SNP report proving its measurement before any secret is released.
Nested paging blocks replay and remap attacks, so the runtime state stays exactly as measured at boot.
An AuditZK report is signed by a hardware enclave. Return, drawdown, Sharpe, without exposing a single individual trade.