Nex Runtime

The Confidential OS.

A hyper-optimized runtime for Trusted Execution Environments. Nex Runtime abstracts SGX and TDX into a standard Docker interface with supercomputer-grade security.

Explore the Architecture

The Architecture of Trust

Hardware security, exposed as software.

Supervisor

Manages the lifecycle of the guest VM and enforces enclave boundaries.

KMS

Handles key generation and rotation inside the enclave, automatically.

RA-TLS

Secures networking by authenticating code identity before opening a connection.

Exploded View

We abstract the hardware so you can focus on the code.

Your App

Standard Docker container

Layer 1

Nex Runtime

Supervisor + KMS + RA-TLS

Layer 2

Hardware

Intel SGX / TDX secure silicon

Layer 3

Build on the engine

Bring your runtime into the enclave.

Nex Runtime gives you deterministic security without forcing you to rewrite your stack.

Deploy on Nex Cloud