A key concept behind Klave are the secure hardware enclave. Actually the name Klave comes from the word enclave (on-klave, enclave, get it?). Klave leverage Trusted Execution Environments (TEEs) to run your workloads, ensuring that your business logic and data stay confidential (also in use) and tamper-proof at all times.
TEEs are hardware based and platform related. Klave leverage on Intel SGX for the TEEs. Klave is powered by bare-metal machines located in different datacenters (only in Switzerland at the moment). We do not rely on virtual machines or hypervisor to keep the root of trust as close to the silicon as possible.
TEEs operate at platform level (bare metal machine), to introduce resilience and scalability Klave provides a network of TEEs to manage your workload. It means that behind the veil there is a network of TEEs organised and synchronised through a consensus algorithm.
TEEs ensure segregation from the host OS by utilizing encrypted memory specifically allocated. Physical access to the server won't allow access, spying, or tampering with this secured memory at all time. While enclaves create a secure ecosystem, they have limitations. Communication with enclaves is restricted to using enclave calls (ecall) from the host and obtaining feedback through out calls (ocall). Enclave security actively prevents network calls, resources access (disk, etc.), and OS local access but provides access to powerful cryptographic primitives and leverages CPU speed within a secure environment. The Klave platform, through the Klave SDK, addresses these limitations by providing essential capabilities to enclaves, including network calls, ledger access, cryptographic primitives, etc.
Klave is a zero-trust platform and therefore protect you from interferences of third-party and platform provider (us). All of the above, especially apply to us, we can't spy, access, or tamper with enclaves. Your apps deployed within enclave have their own identity from which derives the connection handshake and ledger encryption preventing us from being able to decipher your data and payload in transit, in use and at rest.
The zero-trust approach is a paradigm shift that, when not fully grasped, can complicate or entirely hinder standard cloud development practices like logging, debugging, and recovery.