Bastionchip silicon in evaluation — now accepting qualified partner requests. Request Eval Kit →
Bastionchip Platform

Confidential Compute Silicon

TEE-enabling silicon block that provides hardware-isolated execution environments with cryptographic attestation — immune to hypervisor-level adversaries.

Isolation model HW TEE
TEE Isolation Model

Execution isolation that survives hypervisor compromise

The Bastionchip confidential compute block enforces memory encryption and execution isolation at the silicon level. Workloads running in the TEE are protected against a compromised hypervisor, privileged OS, or firmware adversary. Attestation tokens chain from the silicon root of trust — no software layer can forge them.

Hardware Memory Encryption
Enclave memory is encrypted with per-enclave keys managed by the secure silicon block. Host DRAM is ciphertext outside the TEE.
Side-Channel Mitigations
Cache timing and power analysis mitigations hardened in RTL. ECDSA and AES implementations designed to eliminate key-observable side channels.
HOST SYSTEM HYPERVISOR / OS (untrusted) HARDWARE TEE BOUNDARY ENCLAVE Workload + Keys ATTEST HW-signed token Bastionchip CC Silicon
Attestation Protocol

Four-step attestation from silicon to workload

1
PUF Identity
Silicon PUF derives unique device key. No factory injection, no shared secrets.
2
Enclave Launch
Workload loaded into hardware-isolated TEE. Memory encrypted in silicon.
3
Token Generation
Hardware generates signed attestation report binding workload measurement to device identity.
4
Remote Verify
Verifier checks token against Bastionchip certificate chain. No trust in host software required.
Architecture Comparison

Hardware TEE vs. alternatives

Capability Bastionchip CC Silicon Software TEE (e.g. SGX sw) Off-chip Network HSM
Key isolation from hypervisorHardware enforcedSoftware boundaryHardware enforced
Memory encryptionOn-dieHost-CPU dependentNot applicable
Attestation rootPUF siliconCPU microcodeHSM hardware
Latency to workloadOn-SoC (ns)On-host (ns)Network (>ms)
Side-channel hardeningRTL mitigationsVaries by CPUDedicated silicon
No factory key injectionPUF-onlyRoot CA dependentFactory provisioned

Evaluate confidential compute silicon

Integration support for cloud infrastructure and hypervisor teams. NDA-gated evaluation program.

Schedule Technical Briefing Attestation Protocol