Enclave Vaults v0.19: Typed Keys and Policy-Driven Operations
B Foing·
A few weeks ago we wrote about rethinking secrets management for the age of confidential computing. …
Read more →Blog
Insights and updates from the Privasys team.
Bringing Attestation to the Browser: The Session-Relay Pattern
B Foing·
Confidential computing makes a strong promise. The hardware can prove, cryptographically, what code …
Read more →Confidential AI on H100: The CPU/GPU Ceremony, and the Patches Nobody Talks About
B Foing·
The previous post in this series described the base images we build for confidential VMs: minimal Ub…
Read more →CVM Base Images: What We Build, and Why We Don't Use the Cloud Provider's
B Foing·
Every confidential workload we run starts from the same boring artefact: a few hundred megabytes of …
Read more →Per-Function Auth for WASM Enclaves: From WIT Annotations to Hardware-Enforced Access Control
B Foing·
In our last post we introduced Privasys Wallet, a mobile authenticator that verifies enclave attesta…
Read more →FIDO2 for Attested Enclaves: Two-Way Trust Between Your Phone and the Cloud
Privasys Engineering Team·
Authentication has always been a one-way street. You prove who you are to the server. The server tel…
Read more →From WIT to MCP: How WASM Enclaves Become Attested Tool Servers
B Foing·
One of the things we love about WebAssembly is that it finally gives us a proper type system at the …
Read more →Enclave Vaults: Rethinking Secrets Management for the Age of Confidential Computing
B Foing·
Every secrets management system, from a €100,000 HSM appliance to a HashiCorp Vault cluster, faces t…
Read more →Hardened Guest Images for Confidential VMs: Closing the Gap Between Memory Encryption and Verifiability
B Foing·
Intel TDX and AMD SEV-SNP encrypt a virtual machine's memory so that even the hypervisor and cloud p…
Read more →Beyond Code Identity: Why Attestation Must Cover Configuration
B Foing·
Remote attestation is the mechanism that makes Confidential Computing trustworthy. Without it, a TEE…
Read more →WebAssembly Inside Enclaves: A New Model for Confidential Applications
Privasys Engineering Team·
For the past decade, Confidential Computing has focused on one core promise: protect data while it i…
Read more →A Practical Guide for an Attested Web
Privasys Engineering Team·
The Trust Problem in Confidential Computing Confidential Computing promises that data stays encrypte…
Read more →Confidential AI: From Isolated Enclaves to a Unified Fabric
B Foing·
It has been ten years since the introduction of Confidential Computing with Intel SGX. As someone wh…
Read more →Why Confidential Computing Matters for AI
Privasys Team·
Artificial intelligence is transforming every industry, but it comes with a critical challenge: how …
Read more →