ADVANCED SECURITY
AMD SEV-SNP architecture guaranteeing technical impossibility of extracting your trading strategies, even with full administrator access.
— Definition
Trustless is not 'we promise to be careful with your data.' It is a stronger claim: the proof your report carries does not depend on us being honest, competent, or even still in business when someone reads it.
Concretely, the data flow is structured so that no human at AuditZK can read what you send, modify what was computed, or forge a report after the fact. The hardware enforces those properties; we don't.
— Fundamentals
The aggregator runs in an AMD SEV-SNP enclave where data extraction is technically impossible.
01
Inviolable hardware security perimeter, even in case of system compromise.
02
Verify yourself from your terminal using AMD tools.
YOUR DATA
████████████
██████████████
████████
Permanently encrypted
— Threat model
Most platforms ask you to trust them and everything around them. Trustless removes that requirement. The proof remains valid even if every party below acts in bad faith.
Our engineers cannot read your API keys or your individual trades. The hardware key never leaves the silicon, so even root access to our servers reveals encrypted memory.
We cannot forge a report. The signing key is bound to a specific enclave measurement; any change to the code that produces the report invalidates the attestation.
The hypervisor and the host OS run outside the enclave. They cannot decrypt enclave memory, and that is enforced by the chip, not by policy.
Credentials travel directly to the enclave over an ECDH-negotiated channel whose TLS certificate is bound to the enclave attestation. A man-in-the-middle on our infrastructure cannot reuse those credentials.
If AuditZK is acquired, sold, or shut down, attestations already embedded in old reports remain verifiable. A new owner cannot retroactively sign forged history under our identity.
Run this script from your terminal. Your credentials go directly to the enclave, bypassing our web servers.
#!/bin/bash
# Credentials sent directly to AMD SEV-SNP enclave
# Your terminal -> Enclave (bypasses our servers)
curl -X POST "https://enclave.auditzk.com/connect" \
-H "Content-Type: application/json" \
-d '{
"user_uid": "YOUR_SERVICE_UID",
"exchange": "binance",
"api_key": "YOUR_API_KEY",
"api_secret": "YOUR_API_SECRET"
}'Requires an AuditZK account
— Traditional vs Trustless
A traditional report lives on a platform's servers: the proof depends on the platform. A trustless report carries its proof with it: the platform can disappear, the proof remains.
| Axis | Traditional reporting | Trustless reporting |
|---|---|---|
| Source of proof | Platform-controlled record | Hardware attestation embedded in the report |
| Editable after the fact | The platform can rewrite history | Any change invalidates the signature |
| Offline verification | Requires the platform to be online | Anyone can verify with public AMD tools |
| Dependence on the vendor | Vendor lock, proof dies if the company dies | The proof outlives the vendor |
| Operator access to your data | Full read access | None, even with root privileges |
| Strategy exposure | Often required to verify performance | Aggregated metrics only, trades never leave the enclave |
— Cryptographic properties
Hardware cryptographic properties guaranteeing technical impossibility of extraction.
01
02
03
Generate your cryptographically certified performance reports.