What is a Trusted Execution Environment?
Trusted Execution Environments (TEEs) are secure, isolated regions within a processor that protect both code and data from external access.
TEEs the industry standard for handling sensitive operations like transaction signing in financial applications. Think of them as "fortresses" within computer hardware that shield sensitive operations from everything else - even from the operating system itself.
Why use TEEs?
Trusted Execution Environments (TEEs) have a number of benefits:
Security: Your keys remain protected even if server security is breached
Transparency: The system can be verified through attestation
Peace of mind: Hardware-based security goes beyond what software alone can provide
From a technical perspective, TEEs have a lot of properties that make them ideal for high-security financial applications:
Hardware isolation: Not even server administrators can access the protected data
Attestation: Cryptographic proof that the environment hasn't been tampered with
Controlled execution: Only authorized code can run in the environment
Where does Stackup use TEEs?
Stackup uses TEEs for two applications: verifying permissions and approving automations.
Stackup uses AWS Nitro Enclaves, a hardware-based TEE solution, to ensure that your automations and policies cannot be tampered with.
Who else uses TEEs?
TEEs are used by Stripe, Okta, Fireblocks, Crypto.com, Evervault, and many more.