End-to-End Encrypted
This app runs inside a Nitro Enclave with transparent end-to-end encryption.
Your data is encrypted in the browser and only decrypted inside the enclave.
How it works
1. Service Worker (Browser) - Intercepts all requests, encrypts/decrypts with AES-256-GCM
2. Host Proxy (Host) - Terminates TLS on Host, forwards encrypted payload (cannot read it)
3. STEVE (Enclave) - Decrypts requests, forwards to app, encrypts responses
4. Echo App (Enclave) - Processes plaintext request, returns response
The session key is established via X25519 ECDH, verified against the enclave's attestation document.
Even if the TLS layer is compromised, your data remains encrypted end-to-end.
Initializing...
Send Message
Encryption Details
Attestation (PCRs)
Waiting for attestation...
Session Key (ECDH-derived)
Not established
Last Encrypted Request
No requests yet
Last Encrypted Response
No responses yet