Verification by Default: SCRT Labs Integrates Intel® Trust Authority Into Every SecretVM

, /PRNewswire/ — Confidential computing has spent the last decade solving a hard problem: helping keep data protected even while it’s actively being used. With Intel TDX and hardware-enforced execution environments, that battle is largely won. The harder, and ultimately more important question is the one that follows: how does the party relying on a confidential workload verify independently, without taking anyone’s word for it, that the workload is actually running where it’s supposed to, on hardware in the state it’s supposed to be in?

That is the question Intel Trust Authority answers. As of today, it’s a built-in capability of every SecretVM.

What’s actually shipping

SCRT Labs has integrated Intel Trust Authority (ITA) directly into the SecretVM platform. The integration has three properties worth highlighting, because together they define the developer experience:

Attestation is on by default. Every SecretVM now exposes an /ita_jwt endpoint that returns an Intel-signed attestation token on demand. There is no separate sign-up flow, no API key to provision, no SDK to integrate. SCRT Labs ships its own ITA credentials and a Secret-defined appraisal policy bundled into the platform, so the simplest possible flow works immediately, with nothing for the developer to configure. Boot a SecretVM, fetch the token, verify it. That is it.

Custom policies are a one-field addition. Operators who want their VMs attested against their own ITA accounts and policies can add API keys directly in the SecretVM configuration. The endpoint then issues tokens against each configured policy, returned as an array. Relying parties can verify against multiple independent appraisals at once, a layered defense model that maps cleanly onto regulated workloads where multiple parties (operator, auditor, customer) each need their own verification path.

Tokens are bound to the TLS connection. The report_data field of each attestation token carries the fingerprint of the SecretVM’s TLS certificate. A relying party that fetches a token over TLS and checks the binding has strong assurance that the channel they are talking on terminates inside the attested VM, not merely that a genuine TDX VM exists somewhere on the network. This is designed to mitigate a category of impersonation and proxying attacks that bare attestation flows leave open.

Why independent appraisal matters

The shift Intel Trust Authority enables is subtle but consequential. In a conventional cloud confidential-computing setup, the same provider that hosts a workload also signs the documents asserting that the workload is genuine. The math works, but the trust model concentrates a great deal of authority in one party. ITA decouples those roles: Intel itself is the appraiser, the host is only the host, and the relying party receives a token signed by an independent third party with no operational stake in the workload.

This matches a principle that has guided Secret Network from its earliest days: verification should not require trusting the operator. Embedding ITA as a default capability of SecretVM, rather than gating it behind an enterprise tier, extends that principle to every developer building on the platform.

Where this unlocks new workloads

Several categories of work need exactly this kind of independent, hardware-rooted verification before they can move into shared infrastructure.

Confidential AI inference. Users of hosted models, particularly proprietary or sensitive ones, can verify that the node serving their requests is the genuine TEE it claims to be, with prompts and weights designed to help prevent operator access. This is foundational for the trusted-inference services that are now becoming a category in their own right, including the confidential model hosting SCRT Labs is building on top of SecretVM.

Financial services. Trade execution, market-data clean rooms, cross-institutional settlement, model-driven risk and compliance, anywhere competing parties need to share computation without sharing data, attestation that auditors and counterparties can verify themselves replaces an awkward chain of contractual assurances.

Healthcare and life sciences. Multi-party clinical research, federated training on patient data across institutions, and processing of PHI under HIPAA, GDPR, and equivalent regimes all benefit from being able to demonstrate, with hardware-backed cryptographic evidence, that processing occurred inside an attested environment under a known policy.

Regulated and audited compute. For SOC 2, ISO 27001, and similar frameworks, an Intel-signed attestation token is something an auditor can validate without taking the platform’s word for anything. That changes what is defensible, and how quickly it can be defended.

A note from SCRT Labs

“Confidential computing is only half the battle; verification is what enterprises actually buy. I am glad to strengthen our Intel TDX Confidential VM offering with Intel Trust Authority integration. By making Intel Trust Authority a standard feature of every Intel TDX-powered SecretVM, we’re making verifiable trust the baseline for the industry. We are proud to ship this deep integration and grateful to Intel for providing the independent attestation infrastructure this market has long required.”

— Alex Zaidelson, CEO, SCRT Labs

What’s next

The current integration covers the foundation: on-demand attestation, custom policies, and TLS-bound tokens. The roadmap from here goes deeper, richer policy templates for common compliance regimes, tighter integration with our confidential AI inference layer so attestation can be requested per session rather than per VM, and additional binding modes for relying parties that need finer control over freshness requirements.

If you build workloads where trust needs to be demonstrable rather than assumed in AI, in finance, in healthcare, or anywhere else, Intel Trust Authority on SecretVM is available now, with the bundled SCRT Labs credentials, at no additional cost.

Get started