New research highlights attacks on certain Trusted Execution Environments (TEEs). Here’s why Turnkey’s secure key infrastructure remains unaffected and protected. 🧵

1/ Recent findings describe physical-access exploits against Intel SGX, with possible implications for AMD SEV-SNP and Intel TDX. These are not the TEEs Turnkey uses.

2/ Turnkey is built on AWS Nitro Enclaves. Nitro is architecturally distinct from SGX, SEV-SNP, and TDX, and provides guarantees on both the hardware and its operation.

3/ Remote attestations in Nitro Enclaves prove that Turnkey enclaves are running inside AWS data centers, managed by world-class operators. This operational attestation is unique.

4/ By contrast, SGX, TDX, and similar TEEs only attest to the secure chip itself, not where or how the hardware runs, meaning there’s no guarantee on which physical security measures are in place.

5/ Turnkey uses Nitro Enclaves to their fullest extent and implements critical protections: - Remote attestation during deployments ensures code and machines are as expected - End-to-end reproducibility ensures verifiable trust

6/ Turnkey continues to deliver verifiable, reliable security 🔑✅