CONFIDENTIAL COMPUTING
Security TEE
Our aggregator runs inside an AMD SEV-SNP enclave. No one, not even us, can access your individual trades.
What is a TEE?
A Trusted Execution Environment is a hardware-level secure environment that cryptographically isolates code and data, including from the OS and hypervisor.
AMD SEV-SNP is the enterprise standard adopted by major cloud providers. It generates a cryptographic attestation signed by AMD, verifiable by anyone from outside.
Standard server
AMD SEV-SNP Enclave
Data flow
What goes in, what comes out.
Your individual trades stay confined in the enclave. Only aggregated metrics come out, cryptographically signed.
Never leaves
1
API keys + trading data
↓
2
TEE Enclave
↓
3
Signed metrics
Protection architecture.
4 stacked security layers, from hardware foundation to application. Each layer is verifiable via VCEK attestation.
The VCEK attestation cryptographically binds the deployed code hash to the AMD chip. Any code modification invalidates the attestation.
AMD SEV-SNP
Hardware isolation, keys in silicon
TLS Termination
Inside enclave, cert bound to attestation
E2E Encryption
ECDH P-256 + AES-256-GCM
Volatile RAM
Never on disk, wiped on reboot
AMD SEV-SNP
Your API keys never leave the enclave.
Never.
ECDH P-256
TLS key negotiation
4
protection layers
VCEK
verifiable AMD attestation
Anti-Cherry-Picking
Verified unique account.
AuditZK enforces a permanent binding between broker accounts and user profiles for compatible exchanges.
Compatible exchangesPermanent binding
One account = one profile, permanently
No reset
Cannot restart after losses
Verified UID
Unique identifier provided by broker
100% auditable code.
All code running in the enclave is public. Verify deployed code matches the attested hash.
~5,700
TypeScript lines
40
source files
100%
Open source
Verify it yourself.
Retrieve AMD SEV-SNP attestation from your terminal, then verify the VCEK signature.