Start building Web 3.0 today

Integritee provides developers with a platform to deploy trusted execution applications. It also provides an SDK that takes care of all the groundwork of trusted execution and remote attestation and lets you focus on the application you are developing. This page provides a quick intro on how to get started with our Rust SDK.

Meeting your requirements to a TEE

Integritee provides a shardable, second-layer sidechain on Polkadot that can leverage trusted execution environments. Here are the technical benefits for developers at a glance:

Unrivalled speed at scale

Our shardable second-layer sidechains deliver unrivalled transaction speeds and volumes.

Superior Interoperability

Integritee can interface with any light-client capable blockchain or web2 API.


All transactions are publicly auditable, fostering user trust, while open-source code provides transparency on how the underlying dataset is processed.


Our parachain will be open to third-party developers who wish to access the Polkadot ecosystem. This fosters innovation and diversity and increases the liquidity of our token.

Pay-as-you-go deployment

Unlike competing TEE-based decentralized solutions, you are not reliant on third-parties to access compute, and are not required to stake any collateral.

Flexible Deployment

You are free to either run TEEs on your own hardware or rent it at standard market rates, resulting in greater flexibility and more predictable costs.

Reach out to us and get started!

Invoking the power

Integritee enables developers to directly invoke hardware enclaves for trusted execution using a highly scalable, second-layer blockchain solution.

Integritee Off-chain Workers

Off-chain workers (not to be confused with parity substrate off-chain workers) execute a custom state-transition function or oracle service in a TEE. State transitions are triggered through on-chain extrinsics with encrypted payloads (indirect invocation)

Indirect Invocation

With indirect invocation, a requester calls a confidential dispatchable function (state transition) by signing a trusted call and encrypting it with the worker enclave’s shielding key. She then wraps the cyphertext into an extrinsic which she sends to the chain.
The worker forwards all new blocks to the light client within the worker enclave where the cyphertext gets decrypted and the trusted call is executed in encrypted state.

Integritee Sidechains

When using indirect invocation, all trusted calls need to pass through the chain. Thus, it is not a very scalable solution. While it would be preferable to interface with enclaves directly, this gives rise to the problem of transaction ordering consensus. This is why a 2nd-layer solution is needed.

Develop TEE-validated sidechains

The Integritee SDK empowers you to develop TEE-validated sidechains with sub-second blocktimes. Because sidechain validators are running in TEEs, all validators trust each other, greatly reducing the complexity of the consensus protocol.

Direct Invocation

With direct invocation, a requester chooses one of the sidechain validators to send her trusted call to. The next time that validator produces a block, that call will be executed. The block gets committed onto the Integritee parachain and the state diff is broadcast to the other validators, who simply apply the diff to their copy of the state. The sidechain validators produce blocks in an unpredictable order (to avoid DDoS attacks) with a target block time T and broadcast them to the other validators. Should a validator fail to broadcast a block (or the block doesn’t reach the next validator) that validator is skipped after waiting until t = T*2^k  where k is the number of missed blocks.

Sidechain blocks are produced asynchronously to layer one at a higher block rate.  Despite the integrity guarantees provided by the TEEs, these blocks are not final  because forks on the sidechain can happen. Every sidechain block hash is anchored to the layer-one blockchain and gets finalized on layer one along with the block that includes its anchoring extrinsic.

Deployment Options

Substrate Runtime Compatibility

Have you already developed substrate pallets for your (para-)chain but now want to add confidentiality and scalability?

The Integritee SDK is compatible with substrate runtime pallets. With a few lines of glue-code you can reuse your pallets and instantiate them inside an Integritee off-chain worker or sidechain. It is even possible to trustlessly interact between on- and off-chain runtimes. Please see our deployment options below:

Unpermissioned operation

Even if we trust the TEE manufacturer’s ability and integrity, a decentralized application (dApp) should be operated by an unpermissioned set of infrastructure providers. Anyone who owns suitable TEE hardware should be able to support the dApp. Integritee allows you to establish unpermissioned operation of your off-chain workers or sidechain validators, while still ensuring integrity and confidentiality through remote attestation.

Permissioned operation

You may choose to operate all TEE hardware yourself or rent it with an SLA in a jurisdiction of your choice. It is up to you to define who may validate on your sidechain or run your off-chain workers. In any case, the Integritee parachain provides a remote attestation registry for public auditability of your services.


Reach out to us and get up and running!

Want to get started?

Reach out to us and get up and running!