Solutions roadmap

Products built on the Canopy foundation.

Canopy provides the universal interface layer. SovereignTEE Ltd packages it into deployable products that solve specific trust, sovereignty, and integration problems.

The shared foundation

Every SovereignTEE product is built on the same principle: service interfaces defined once in Canopy IDL, enforced at every boundary, verifiable in hardware. The products differ in which trust problem they solve, not in their underlying architecture.

Interface contracts are the source of truth — not documentation, not convention. Where trust matters, TEE attestation makes the enforcement cryptographic rather than contractual. Callers are not locked to a language or transport; the same service is reachable from native code, a browser, a mobile client, or another service without rebuilding anything.

Layer 7 Gateway In development

A policy-enforced application gateway that understands service interfaces, not just URL routes.

Conventional API gateways operate on HTTP verbs and URL patterns. They can route POST /inference/generate but they cannot distinguish a safe read-only call from a sensitive compute call on the same service — because that distinction lives in the interface contract, not the URL.

The SovereignTEE L7 gateway operates on the Canopy IDL layer. Policy is expressed in terms of interfaces and methods: which callers may invoke which methods, under what conditions, and whether the call must originate from or terminate in an attested enclave. The gateway's policy enforcement itself runs inside a TEE, so its behaviour is hardware-attested by both the service operator and the caller.

Call flow
4 · response returns to the caller Caller L7 Gateway runs in a TEE Policy Backend service Rejected Audit log attested record 1 2 3a · allow 3b · deny audit

Where this applies

  • Multi-tenant platforms Enforce per-tenant method-level permissions without modifying the service implementation.
  • Regulated services Demonstrate to auditors that only attested, policy-compliant calls reach sensitive compute.
  • Zero-trust architecture Replace network perimeters with interface-level call attestation at each service boundary.
  • Cross-organisation integration Expose a narrow attested subset of your service catalogue to partners without opening internal infrastructure.

Honest Broker In development

A neutral trusted intermediary for data exchange between parties who cannot expose raw data to a common operator.

Many valuable data problems require multiple parties to contribute data they cannot share with each other. A hospital network cannot share patient records with a research institution even for anonymised analysis. A bank cannot share transaction history with a fraud consortium without exposing customers. A supply chain consortium cannot share margins with a shared analytics platform without revealing competitive information.

The honest broker runs inside a TEE. Each contributing party independently attests the broker's code before sharing data — verifying that the code matches the agreed computation and that no data exfiltration path exists. The broker is "honest" not because of a contract or a reputation, but because its behaviour is cryptographically provable.

Protocol
Organisation A Honest Broker · TEE Organisation B 1 · attest broker code 2 · attest broker code both parties confirm the agreed code before sharing any data 3 · encrypted data 4 · encrypted data computes on combined inputs in the TEE 5 · result only only the result leaves — raw inputs never leave the enclave

Where this applies

  • Healthcare analytics Compute aggregate statistics across patient populations from multiple providers without sharing records.
  • Financial reconciliation Reconcile positions between counterparties without revealing individual books to each other or the operator.
  • Supply chain verification Attest provenance claims across a supply chain without exposing each participant's costs or suppliers.
  • Privacy-preserving ML Train or evaluate models on combined datasets from multiple data owners without pooling the raw data.

Hardware-attested DRM Planned

Content protection where enforcement is hardware-attested, not software-promised.

Conventional DRM systems enforce usage rules in software that runs on hardware the content consumer controls. Given enough motivation, software protections can be reversed or bypassed. The harder the protection, the more friction for legitimate users — an unsatisfying trade-off.

Hardware-attested DRM moves the enforcement boundary into a TEE. Decryption keys are only released to enclaves running code that the rights holder has attested. The machine operator — including a cloud provider — cannot extract protected content even with full OS access. The attacker cannot win by controlling the machine, because the machine's TEE enforces the rules independently of the OS.

Key release flow
Consumer enclave · TEE Key service · TEE 1 · attest — prove verified, unmodified code 2 · verify attestation 3 · release key — attested enclave only 4 · decrypt + process in the TEE no plaintext ever leaves the enclave

Where this applies

  • AI model protection Distribute model weights for inference without exposing them. Weights are decrypted inside the TEE and never leave it.
  • Premium content distribution Stream or deliver content with usage rules enforced in hardware rather than in a reversible software layer.
  • Software licensing Tie software execution to attested hardware and code identity rather than to licence keys that can be copied.
  • IP protection in distributed pipelines Process sensitive assets — financial models, drug compounds, proprietary algorithms — in third-party infrastructure without exposing them to the operator.

Building something that fits this space?

These products are in active development. If you have a use case that requires trust boundaries, confidential computation, or cross-organisation data exchange, early conversations shape the roadmap.

Talk to us About SovereignTEE