Show HN: Nova Stack – Verifiable TEE Apps on AWS Nitro with ZKP Attestation (github.com) 2 points by justinzhangmit 3 hours ago 2 comments Copy Link View on Hacker News
Copy Link justinzhangmit 3 hours ago Collapse Comment - We open-sourced the toolkit we use to build verifiable TEE applications on AWS Nitro Enclaves.Problem: TEEs provide hardware isolation, but without public attestation, users have no practical way to verify what code is actually running.Nova Stack provides the full pipeline:* Enclaver – build/run Nitro Enclave apps* App Hub – CI/CD with SLSA Level 3 signed builds* App Registry – on-chain registration with ZKP-verified attestations* ZKP CLI – generate proofs and register on-chainEverything is open source. We use this in production.Happy to answer questions on TEE architecture, ZKP verification, or Nitro quirks. Reply View | 1 reply Copy Link wmf 2 hours ago Parent Collapse Comment - What is the purpose of the ZKP here? Why not put the attestation on chain directly? Reply View | 0 replies
Copy Link wmf 2 hours ago Parent Collapse Comment - What is the purpose of the ZKP here? Why not put the attestation on chain directly? Reply View | 0 replies
We open-sourced the toolkit we use to build verifiable TEE applications on AWS Nitro Enclaves.
Problem: TEEs provide hardware isolation, but without public attestation, users have no practical way to verify what code is actually running.
Nova Stack provides the full pipeline:
* Enclaver – build/run Nitro Enclave apps
* App Hub – CI/CD with SLSA Level 3 signed builds
* App Registry – on-chain registration with ZKP-verified attestations
* ZKP CLI – generate proofs and register on-chain
Everything is open source. We use this in production.
Happy to answer questions on TEE architecture, ZKP verification, or Nitro quirks.