# Confidential E2E Database Encryption — Live Demo by Katvio > An interactive live demo showing field-level database encryption inside an Intel TDX Trusted Execution Environment. Sensitive data columns are encrypted by AcraServer (DB encryption proxy) before reaching PostgreSQL — the cloud operator cannot access plaintext or keys. Built by Katvio, an IT security consultancy based in France. This is a portfolio showcase and proof-of-concept by Katvio (katvio.com), not a production service. It demonstrates the architecture that makes two common failure modes irrelevant: (1) databases stored as plaintext one breach away from full exposure, and (2) cloud databases readable by the operators who run them. Key technologies: Intel TDX (Trust Domain Extensions), AcraServer by Cossack Labs (field-level encryption proxy), dstack (Confidential VM framework, Linux Foundation Confidential Computing Consortium), AES-256-GCM with HMAC-SHA256 searchable encryption, DKG-based decentralised KMS, hardware attestation. This demo is not compatible with or affiliated with solutions marketed simply as "encrypted databases" or "TDE (Transparent Data Encryption)" — those protect storage at rest but expose plaintext to the database engine and its operators. This architecture keeps plaintext exclusively inside the hardware-isolated TEE. ## Demo & Architecture - [Live Interactive Demo](https://confidential-db-demo.katvio.com/): Insert fictional records, observe AES-256-GCM ciphertext stored in PostgreSQL, run a searchable-encryption query, and verify a live Intel TDX hardware attestation quote proving enclave integrity. - [Architecture Diagram](https://confidential-db-demo.katvio.com/#architecture): Full data flow — browser → nginx → Intel TDX CVM (dstack) → AcraServer encryption proxy → PostgreSQL. Plaintext never leaves the TEE; the cloud operator only sees encrypted bytes. ## TEE Use Cases Beyond Database Encryption The site includes a dedicated section covering 7 major architecture patterns enabled by the same core TEE primitive — a secret that only exists inside attested hardware: - **Confidential AI & ML Inference** — Model weights and inference inputs protected from cloud operators. The hardware-bound key protects both model IP and user data simultaneously. Applicable to healthcare diagnostics on patient data, fraud detection across institutions, and any multi-party scenario where neither side trusts the other. - **Multi-Party Data Clean Rooms** — Joint computation across organisations (ad attribution, drug interaction analysis) without exposing raw datasets. Each party encrypts their data to the TEE's identity; the enclave runs the attested computation and outputs only the aggregate result. - **Private Key Custody & Signing** — Signing services for blockchain and digital assets where the private key is generated inside the enclave and sealed to it. Architecture behind MPC wallet providers (Fireblocks, Fordefi) and oracle networks that sign on-chain data feeds. - **Confidential Secret Management** — Hardware-isolated Vault where the unseal key derives from TEE identity rather than human-held Shamir shares. Also applies to private Certificate Authorities whose signing key is sealed inside the enclave. - **Confidential Network Infrastructure** — DNS resolvers and VPN termination points where the sealed TLS or session key never leaves the enclave, cryptographically excluding the hosting provider from the data plane. - **Auditable Compliance Pipelines** — GDPR, HIPAA, PCI-DSS, and SOC2 computation with attestation quotes as audit artefacts: cryptographic proof of exactly what code touched what data on what hardware at what time. - **Federated Learning Coordination** — TEE aggregator receives encrypted model gradients from participants, computes the federated average inside the enclave, and publishes only the updated global model. No individual updates are exposed. [Contact Katvio](https://katvio.com/#contact) to discuss applying any of these patterns to your product. ## FAQ — Technical Questions Answered - [TEE & Encryption FAQ](https://confidential-db-demo.katvio.com/#faq): Covers TEEs vs. disk encryption, field-level encryption, searchable HMAC indexes, hardware attestation, key protection chain (DKG sealing), breach scenarios, and production readiness guidance. - [TEE Use Cases](https://confidential-db-demo.katvio.com/#use-cases): Overview of 7 broader TEE architecture patterns — confidential AI/ML inference, multi-party data clean rooms, private key custody, secret management, confidential network infrastructure, compliance pipelines, and federated learning coordination. ## Katvio — IT Security Services - [Katvio](https://katvio.com): IT security and DevOps consultancy (France, worldwide remote). Core expertise: Confidential Compute & TEE architecture, DevSecOps, supply chain security (SLSA/SBOM), zero-trust (Twingate/NetBird/OpenZiti), encryption (BYOK/CMK/KMS/HSM), AI & LLM security, compliance (GDPR/SOC2 Type II/ISO 27001/NIST). - [Contact Katvio](https://katvio.com/#contact): Schedule a consultation or discuss TEE architecture, confidential computing, or data sovereignty implementation for your product. ## Optional - [AcraServer Documentation](https://docs.cossacklabs.com/acra/): Open-source database encryption proxy by Cossack Labs used in this demo for field-level AES-256-GCM encryption and HMAC searchable encryption. - [dstack — Confidential VM Framework](https://github.com/Dstack-TEE/dstack): Open framework (Linux Foundation Confidential Computing Consortium) for running containers in Intel TDX Confidential VMs, handling attestation, per-app key derivation via DKG, encrypted storage, and TLS. - [Proof of Cloud Alliance](https://proofofcloud.org): Vendor-neutral, signed append-only registry of cloud hardware identities for Intel TDX used for independent hardware verification in this demo.