Secure Enclaves vs. Other TEEs: What’s the Difference?

When it comes to trusted execution environments (TEEs), secure enclaves are unique. 

While all TEEs provide hardware-enforced isolation, their implementations vary dramatically in terms of performance, scalability, and practical deployment considerations. Choosing the right TEE can make the difference between a system that scales and one that doesn't. 

In this post, we'll provide a comprehensive comparison of the most popular TEE implementations, explore what gives secure enclaves specific advantages over other TEE solutions, and explain why Turnkey chose AWS Nitro Enclaves for our wallet infrastructure.

What are trusted execution environments?

Trusted execution environments create an isolated area within a processor or memory where programs can execute securely. This isolation happens at the hardware level, ensuring that code and data inside the TEE remain invisible and inaccessible to anything outside of it—including the operating system itself.

This hardware-enforced isolation provides a high-integrity environment that remains secure even when the host system is compromised. 

TEEs can also generate cryptographic attestations that verify both their authenticity and the integrity of the code running inside them, making them particularly valuable for sensitive operations like cryptographic key management and transaction signing.

What TEE solutions exist today?

The three major approaches to TEEs include Intel SGX, ARM TrustZone, and AWS Nitro Enclaves. Let’s explore each of these solutions and detail some of their strengths and weaknesses.

Intel SGX: CPU-level isolation

Intel Software Guard Extensions (SGX) represents one of the most mature TEE implementations. Available on certain Intel processors, SGX uses special instruction codes to create secure enclaves directly on the CPU.

SGX has found applications across multiple industries. In the cryptocurrency space, it powers private smart contracts on Secret Network.  Microsoft's Azure Confidential Computing and various DRM systems also rely on SGX technology, and Signal famously used it for private contact discovery.

However, SGX comes with significant constraints. Memory is severely limited (typically ~256MB), development complexity is high, and the technology has faced various security vulnerabilities documented on sites like sgx.fail. 

Despite these challenges, SGX remains widely supported, with teams like Flashbots providing detailed analysis of its security considerations for MEV infrastructure.

ARM TrustZone: The mobile standard

ARM TrustZone takes a different approach, dividing the computing environment into two parallel "worlds" — secure and normal. Code and data cannot cross from the normal world into the secure world, creating a clear security boundary.

This architecture has achieved massive adoption in mobile devices. Billions of Android users rely on ARM TrustZone daily for biometric processing, including fingerprint and face recognition. The technology's efficiency and low overhead make it ideal for embedded and IoT applications where resources are constrained.

Both Google and Apple have developed their own TEE implementations (Titan M Chip and Secure Enclaves, respectively) that build on similar principles but are optimized for their specific hardware ecosystems.

AWS Nitro Enclaves: Cloud-native security

AWS Nitro Enclaves represent a fundamentally different approach designed specifically for cloud computing. Rather than relying solely on CPU-based isolation, Nitro Enclaves combine standard compute resources with dedicated security hardware that manages attestation, secure boot, and security boundary enforcement.

This architecture separates concerns effectively — if the main CPU is compromised, the isolation mechanism continues to function independently. It also frees up CPU resources for actual computation rather than security management, enabling better performance for compute-intensive applications.

Comparing TEE implementations

Each TEE type offers distinct advantages and trade-offs:

Intel SGX provides a small attack surface and strong cryptographic attestation with wide CPU support and a mature ecosystem. However, it's limited by very small memory constraints (~256MB), complex development requirements, and performance overhead from memory paging.

ARM TrustZone offers low overhead and ubiquitous mobile deployment with simple secure/normal world separation and hardware-backed storage. Its limitations include fixed resource allocation, primarily embedded/mobile focus, and platform-specific implementations that limit scalability.

AWS Nitro Enclaves provide flexible resource allocation (multi-GB RAM), strong VM-level isolation, and cloud-native design with custom OS support. The trade-offs include higher initial overhead, AWS vendor lock-in, and more complex networking restrictions.

TEEs in cryptocurrency infrastructure

The unique properties of TEEs make them particularly valuable for cryptocurrency applications, where they can bridge the gap between self-custodial and custodial wallet solutions. Traditional approaches force users to choose between managing their own private keys (with associated security risks) or trusting a third party with custody.

TEEs enable a middle ground where wallet infrastructure providers can manage the user experience while ensuring that raw private keys are never exposed, not even to the service provider themselves. This creates opportunities for custom recovery mechanisms and enhanced security models while maintaining the scalability needed for enterprise applications.

For transaction signing and other sensitive operations, TEEs offer several advantages over alternatives like Multi-Party Computation (MPC), including lower latency and the ability to scale to hundreds of thousands of operations efficiently.

Why Turnkey chose AWS Nitro Enclaves

At Turnkey, we provide wallet infrastructure that supports thousands of embedded wallets and millions of transaction signatures. Our choice of AWS Nitro Enclaves was driven by several key factors that align with our cloud-native, scalable approach.

Resource flexibility and scaling

Unlike CPU-based TEEs that are limited to small portions of processor resources, Nitro Enclaves can utilize entire EC2 instances. For example, a 16-vCPU instance can allocate 8 vCPUs and 12GB of RAM to the enclave, providing the resources needed for high-throughput applications.

This flexibility is crucial for handling tens of thousands of daily operations while maintaining the performance advantages that TEEs offer over MPC solutions.

Superior isolation model

Nitro Enclaves run as completely separate virtual machines with their own kernels. This provides robust isolation boundaries that are well-suited to cloud environments where multiple tenants share underlying hardware.

Restrictive network design

Enclaves are designed with security in mind: no persistent storage, no external network access, and no SSH access. They can only communicate with their parent EC2 instance through a secure channel, creating a highly restrictive security boundary that's essential for cloud-deployed TEEs.

Custom operating system support

Nitro Enclaves support custom Enclave Image Files (EIFs), allowing different operating systems for the parent instance and the enclave itself. This enables additional security layers. At Turnkey, we've developed QuorumOS, an open-sourced custom Linux unikernel built in Rust specifically for our enclave environments.

Cloud-first architecture

As a cloud-native platform, AWS Nitro Enclaves integrate seamlessly with the broader AWS ecosystem. This tight integration provides the reliability and support infrastructure necessary for API-driven services like Turnkey, where developers interact with our wallet infrastructure through web APIs backed by AWS instances.

Choosing the right TEE for your use case

Today, teams like Dropp, Parallel Studios, and Spectral use Turnkey to create embedded wallets and automate onchain transactions while maintaining the security guarantees that only TEE-based infrastructure can provide.

The optimal TEE choice depends entirely on your specific requirements and constraints. ARM TrustZone excels in mobile and embedded applications where efficiency is paramount. Intel SGX suits applications with strict memory constraints that can work within its limitations. 

For cloud-native applications requiring flexible resources, strong isolation, and horizontal scalability — like modern wallet infrastructure — AWS Nitro Enclaves provide the optimal balance of security and performance.

The Turnkey advantage: secure infrastructure at scale

By building on AWS Nitro Enclaves, Turnkey delivers wallet infrastructure that ensures no raw private keys are ever exposed to developers or even to Turnkey itself. 

Our architecture enables non-custodial wallet solutions where not even Turnkey can access private keys or modify developer code running within the secure enclave.

Learn more about how Turnkey leverages AWS Nitro Enclaves for secure wallet infrastructure: read our whitepaper, create a Turnkey account,  and get started today.

‍