Security & Research Section

This section offers an in-depth security analysis of dstack’s TEE implementation. For general information, refer to the Core Concepts section.

For Security Researchers

dstack is built on a foundation of hardware-enforced security primitives. This section provides detailed technical analysis of each security-critical component, including:

Source code references with direct links to implementation
Cryptographic protocol analysis and trust boundaries
Attestation flow diagrams and verification procedures
Key management architecture and secure storage mechanisms

Core Security Components

TDX Attestation

Remote attestation implementation using Intel TDX hardware primitives

VMM Security

Virtual Machine Manager security boundaries and isolation guarantees

Gateway Protection

Secure ingress/egress with automated certificate management

KMS Architecture

Decentralized key management with hardware-backed secure storage

CryptographyComplete reference for cryptographic primitives, libraries, and security mechanisms in dStack

For Security Researchers
Core Security Components

DStack crypto

Key Component Infrastructure

Additional Reading

Security & Research Section

For Security Researchers

Core Security Components

TDX Attestation

VMM Security

Gateway Protection

KMS Architecture

DStack crypto

Key Component Infrastructure

Additional Reading

​For Security Researchers

​Core Security Components

TDX Attestation

VMM Security

Gateway Protection

KMS Architecture

For Security Researchers

Core Security Components