HomeDocsConfidential Computing

Technical Attestation · February 2026

AmplefAI Enforcement Kernel
Validated in Azure Confidential Computing

Scope

The AmplefAI enforcement kernel (v1-enforced-irreversible) has been executed and validated inside Azure Confidential Computing, using hardware-backed Trusted Execution Environment support via AMD SEV-SNP (Secure Encrypted Virtualization — Secure Nested Paging).

The kernel implements:

  • Deterministic policy evaluation
  • Hash-chained decision logging
  • Ed25519-signed governance token issuance

133 standalone tests passed inside the enclave environment across 12 suites. 3 additional integration tests require cross-package dependencies outside the deployed enclave scope.

Attestation

The validation environment uses Azure Confidential VMs (DCas_v5 series) with AMD SEV-SNP hardware isolation. vTPM is present and PCR values are measured at boot.

The attestation report verifies that the measured enclave identity corresponds to the deployed kernel binary. Full attestation artifacts — including binary hashes, report hashes, and reproducibility procedures — are available under technical NDA.

What This Demonstrates

Hardware-isolated execution.

The enforcement kernel runs inside a hardware-backed confidential enclave. The signing key, policy evaluation, and decision logging all execute within the trust boundary.

Tamper-evident decisions.

Decision evaluation is recorded to a hash-chained ledger inside the enclave. Any modification to the decision record is cryptographically detectable.

Unchanged cryptographic operations.

Ed25519 governance token issuance operates identically within enclave boundaries. No adaptation or degradation.

Deterministic cross-environment parity.

All tests executed inside the enclave produce byte-identical outputs compared to the baseline environment. The governance kernel behaves identically regardless of execution environment.

No measurable TEE overhead.

AMD SEV-SNP memory encryption is transparent to computational workloads. Throughput differences between local and enclave environments reflect hardware class, not TEE overhead.

Full Attestation Artifacts

Binary hashes, attestation report details, benchmark data, and reproducibility procedures are available to qualified partners and investors.

Request Technical Access →

AmplefAI · Because the system being governed cannot govern itself.