At the highest level, Turnkey runs all critical workloads in “Secure Enclaves,” a type of Trusted Execution Environment. To run our secure enclaves we have built QuorumOS to give us the ability to remotely attest to the integrity of the machines and the code running. Every time we deploy, we attest to the code running in the enclaves prior to posting shares of core secrets into the enclave. This helps to ensure that we can trust the secure applications running in the enclaves, which perform actions such as private key generation, transaction signing, and policy evaluation. QuorumOS gives us end-to-end transparency into the code we’re running and ensures no single developer at Turnkey can alter or deploy enclaves, or reconstruct core secrets. We augment that trust in the application layer by ensuring the applications only act on verifiable data; every single change to a customer’s organization data must be approved and cryptographically stamped within an enclave before it is considered by the policy engine. The system architecture ensures that even if all systems outside of the enclaves fail, your crypto remains safe. Over time, we plan to open source more of this stack to enable other developers to remotely attest to our stack themselves, and to allow clients to bring outside data into the policy engine via their own QuorumOS applications. This, and more, is covered in depth in our whitepaper. Our security architecture is the foundation of the Turnkey product. Read on for deeper dives on each of the topics referenced above.