The client side SDK we provide manage the security for you. As the client side is open-source, as well as the server you can verify the claims I will make. In those simple lines of code we:

- The enclave uses primitives from AWS that we cannot fake to create a certificate containing a hash of the code loaded, a public key to exchange keys, and other security information. This certificate is signed by a hardware derived key from AWS, and therefore we cannot forge such certificates. Here I talk about AWS but it can be Intel or AMD depending on the solution you choose.

- You receive the certificate, check it's valid locally using AWS public key.

- Once you know locally on your machine that we are using a secure enclave without backdoor that will handle your data properly (because it is a valid enclave and you can check that the hash you see in the certificate is the same as the audited open-source code), you can finish setting up the TLS channel using the public key inside the certificate

- Data is encrypted locally and sent through this TLS to the enclave

- Data is decrypted there, where we cannot peek due to isolation

- AI model is applied inside

- Output is encrypted inside enclave

- Output is sent back to you for you to decrypt it

I hope it makes it clear!