Edgeless DB

The next-gen encrypted database

At its heart, EDGELESS DB is a full SQL database. It thus seamlessly integrates with your existing tools and workflows. What sets it apart is that it is built around the concept of Confidential Computing.  

All data stored and processed in EDGELESS DB is always encrypted and isolated – even in system memory at runtime. Thus, your data is protected even from rogue system administrators, rootkits, and other powerful attackers. This makes EDGELESS DB one of the most secure and most versatile options available for storing and processing data.  

In comparison, most other solutions today rely on standard databases to store encrypted data and at most use a hardware security module (HSM) to store the corresponding cryptographic keys. Such approaches can only protect data at rest on disk. Once data is decrypted for access, all bets are off.  

EDGELESS DB is the logical next step in hardware-rooted security: the fusion of relational databases and HSMs that protects your keys and your data at rest and at runtime.


EDGELESS DB is currently in private preview. Please get in touch if you are interested in early access.

To be notified when it becomes generally available
Sign up here

Unique features

EDGELESS DB is not only more secure than legacy database + HSM deployments, it also has unique features that help you unlock the full potential of
your data.

EDGELESS DB can be instantiated with a set of rules written for example in Python. This set of rules is a hybrid between a stored procedure (a term from the database world) and a smart contract (a term from the blockchain world).  

Rules can be both simple and powerful. A typical set could be: “devices with certificates issued by A can send data; clients with certificates issued by B can run analytics algorithms X, Y, and Z on the data without getting direct access; the parties with certificates C and D may jointly update these rules.”

To make this verifiable and trustworthy, each EDGELESS DB instance produces a unique cryptographic fingerprint. By examining the fingerprint, anyone can verify that they are dealing with a real EDGELESS DB that is governed by the expected set of rules and runs on actual confidential computing hardware.  

With this, you can for instance prove that even you cannot see your customers’ individual data and can only run certain analytics. Boost your customers’ trust and comply with regulations!

rules-based data pooling

Jointly process sensitive business data with your partners – for example to compare research results, detect fraud or carry out complex transactions.

The installed rules ensure fair access while protecting every contributor’s data.

“black box” analysis OF IoT data

Run deep analytics on IoT data – for example, sensor data from connected cars – while keeping it secure at all times. 

Prove that even you can only see the final analysis results. Gain valuable insights and create new sources of revenue.

Edgeless RT

Build confidential computing apps with ease

EDGELESS RT is the technological foundation of our product portfolio. It makes it simple for developers to build and debug confidential computing apps. It also enables the porting of existing software to Intel SGX and related hardware with little or no code changes required.

EDGELESS RT supports Go, Rust, Python, and C++17. It features a small and reliable code base and builds on the industry standard Open Enclave. Thus, apps built with EDGELESS RT are not only highly secure, but also future-proof and portable!


EDGELESS RT Community Edition
is available as free open source (permissible MIT license) on GitHub.  

EDGELESS RT Enterprise Edition
comes with priority support, extra features and special “Long Term Support” (LTS) releases.

Get in touch for more information.

Example: Build, run, and debug
HashiCorp Vault within minutes

HashiCorp Vault is a popular cloud-native application for storing and managing secrets. It is written in Go. The principles of confidential computing make it even better! Using our free and open source EDGELESS RT you can build and run it in an Intel SGX enclave in no time.

EDGELESS RT enables source-line debugging of in-enclave Go code. Follow the simple steps described in the documentation and use the familiar and powerful Visual Studio Code to single step your in-enclave go code. How cool is that? (Note that of course only “debug” enclaves can be debugged.)

Edgeless Mesh

Distribute and scale your confidential computing apps

EDGELESS MESH is a framework for creating distributed confidential computing apps. Build your confidential microservices with EDGELESS RT, distribute them with Kubernetes and let EDGELESS MESH take care of the rest. Deploy end-to-end secure and verifiable AI pipelines or crunch on sensitive big data in the cloud. Confidential computing at scale has never been easier.

EDGELESS MESH guarantees that the topology of your distributed app adheres to a manifest specified in simple JSON. EDGELESS MESH verifies the integrity of nodes, bootstraps them, and sets up encrypted connections between them.

If a node fails, EDGELESS MESH will seamlessly substitute it with respect to the rules defined in the manifest.  

To keep things simple, EDGELESS MESH acts as certificate authority and issues one concise remote attestation statement for your whole distributed app. This can be used by anyone to verify the integrity of your distributed app.

EDGELESS MESH is the service mesh for the age of confidential computing.


EDGELESS MESH is currently in private preview. Please get in touch if you are interested in early access.

To be notified when it becomes generally available
Sign up here