Open Enclave SDK

Open Enclave Software Development Kit (SDK) is an open-source, hardware-agnostic SDK for building and running trusted applications using hardware-based Trusted Execution Environments (confidential computing / application security).

• Unified Application Programming Interface (API) and abstraction layer for multiple Trusted Execution Environment (TEE) backends (confidential computing / runtime platform).
• Developer tooling, libraries, and build system for enclave application development in C/C++ (software development kit).
• Support for remote attestation, sealing, and secure enclave boundary definitions (confidential computing / security controls).
• Pluggable architecture for different hardware TEE implementations from multiple vendors (platform interoperability).
• Compliance with Confidential Computing Consortium architectural models and principles (security architecture / standards alignment).

More About Open Enclave SDK

Open Enclave SDK is an open-source framework for developing applications that run inside hardware-backed Trusted Execution Environments (TEEs), enabling confidential computing and attestation-based trust in multi-tenant or untrusted infrastructure (confidential computing / application security).

The SDK focuses on providing a unified abstraction layer across different TEE technologies, so developers can write enclave applications once and target multiple hardware backends (runtime platform). It defines a common programming model for enclaves, including the concepts of secure enclave code, untrusted host code, and the boundary between them, together with well-defined mechanisms for calls across that boundary (application framework).

Open Enclave SDK delivers a set of C/C++ libraries, headers, and tooling that support building, signing, and packaging enclave binaries (software development kit). It includes runtime libraries for enclave-side functionality, host-side support libraries, and build system integration to orchestrate enclave compilation and linkage. The project exposes APIs for cryptography, memory management, threading, and enclave lifecycle operations tailored to TEE constraints (runtime libraries).

A core feature of Open Enclave SDK is support for remote attestation and evidence generation, which allows an enclave to prove its identity and the integrity of its code and configuration to remote parties (identity and trust management). The SDK defines common attestation abstractions that can Marketing Automation Platform (MAP) to multiple hardware-specific attestation formats, aligning with models promoted by the Confidential Computing Consortium (security architecture / standards alignment).

In enterprise environments, Open Enclave SDK is used to build confidential workloads that need protection from higher-privileged software such as hypervisors, operating systems, or cloud administrators (secure workload isolation). Typical scenarios include processing sensitive data in public or hybrid cloud environments, enforcing data-in-use protection, and enabling verifiable compute where remote clients can validate enclave execution via attestation (confidential computing use cases).

The SDK is designed to be hardware-agnostic and pluggable, so it can support multiple TEE implementations from different vendors behind a consistent API surface (platform interoperability). This approach aligns with the Confidential Computing Consortium’s focus on common patterns and reference architectures, making Open Enclave SDK a building block for confidential computing services, platforms, and higher-level frameworks (infrastructure enablement).

From a directory and taxonomy perspective, Open Enclave SDK fits into confidential computing frameworks, application security runtimes, and TEE development tools. It provides a foundation on which enterprises and platform providers can construct enclave-based services, integrate TEE attestation into existing identity and access workflows, and standardize how applications interact with diverse confidential computing hardware (platform and security tooling).