How it works

Leveraging cryptography and trusted execution environments to power our decentralised and cloud-native ecosystem.

Privacy by design

Data encrypted at every step
Data is always encrypted at rest, in transit, and even during processing
Secure commercial processing
Data is processed inside secure hardware, no human ever has access to the data
Preventing information leakage
Leverages the latest privacy techniques to prevent information leakage

Next-gen technology

Decentralised and cloud native
Decentralised and cloud native, built for ecosystems
Providing effortless web interfaces
Secure connection protocol uses the latest cryptography and provides effortless web interfaces
Faster than homomorphic cryptography
More flexible and orders of magnitude faster than homomorphic cryptography
Data protected in use

Confidential computing

Confidential Computing protects data during processing by performing computation in a hardware-based Trusted Execution Environment (TEE).

TEE programs are called enclaves. They prevent unauthorised access or modification of applications and data while in use.

Intel SGX comes with remote attestations that provide verification for three things:

Checkthe application's identity
Checkits integrity (that it has not been tampered with)
Checkthat it is running securely within an enclave on an Intel SGX enabled machine

Tamper-proof ledger

If a person, or a rogue program, attempts to tamper with the underlying ledgers, it would be spotted as fraudulent.

If a required piece of information has been tampered with, the system would not reply rather than provide an inaccurate response.

CheckLedgers fully encrypted by default.
CheckProtects data from indiscretion from anyone with direct access.
CheckMerkle tree protection.
Data protected at rest
Data protected in transit

Secure connection protocol

The Secretarium Connection Protocol uses multi-layered TLS to guarantee a secure and inspection-resistant connection to the TEE while providing integration flexibility with routing infrastructures.

Cryptographic evidence is provided at every stage of remote processing, enabling a fully trustworthy service.

This allows organisations that manage sensitive and regulated data to increase their security assurances.

Building on the Secretarium secure cloud

Now, you can build game-changing cloud services off the shelf. The platform makes it simple to deploy trustworthy, privacy-preserving apps powered by tamper-proof technology.

ShapesEasy to use
The Secretarium SDK allows simple creation of confidential computing apps by wrapping cryptographic complexity.
Remotely attestable with out-of-the-box cryptographic evidence of integrity.
Data is encrypted in memory during processing. It is not even visible to cloud engineers.
TreesEnvironmentally friendly
Secretarium only uses low energy machines which, when possible, are hosted at Swisscom's hydroelectricity-powered datacentres.

Trusted processing via smart contract business logic

In the Secretarium environment, a smart contract is business logic that runs inside an Intel SGX enclave.
They have their own ledgers and encryption keys. The platform also provides a mechanism for updates.

FingerprintUnique - Each smart contract, and each enclave, has a unique thumbprint and is remotely verifiable.
PackagePackaged - Creating and testing smart contracts is easy, with all the encryption complexity nicely wrapped in APIs.
CodeCode is law - The output of a smart contract can be trusted because the computation can't be tampered with.
ReportBusiness process automation - Smart contracts contain business logic and are the perfect solution for trusted automation.

Interested to know more?

Get in touch