Skip to content

System Design

The SDK executes locally and outputs structured, non-identifying context. Raw input never leaves the host.

flowchart LR
  rawData[RawLocalData] --> distill[Distill]
  distill --> abstract[Abstract]
  abstract --> mask[Mask]
  mask --> validate[BoundaryValidation]
  validate --> output[TransformedContext]
  output --> consumer[ExternalConsumer]

Transformation pipeline

  • Distill: extract salient facts and normalize structure
  • Abstract: produce role-based entities and relations
  • Mask: remove identifiers and replace with synthetic IDs
  • Boundary validation: block leakage of raw data or identifiers

Canonicalization and hashing

The transformed output is serialized into a canonical form and hashed. This enables deterministic comparisons and binds evidence to a specific output.

Tiers

  • Standard tier: software-only pipeline, deterministic output
  • Attested tier (preview): TEE-backed execution with attestation evidence

Roadmap (future work)

  • ZKP/zkML proofs for transformation correctness
  • Broader evidence formats for external compliance tooling

Prev: Types | Next: Native Enclave Runtime