Klave AI: Securing Every Layer | Klave Newsletter July 2025
NEWS
Klave AI Starts Now
Confidential Computing for Real-World AI
Klave AI is designed to protect data end to end for AI and AI Agents. Models are built on generic data, but enterprises are looking for specialised AI. The difference is private data, private documents, private databases and private APIs.
To get useful outcomes, your AI needs access to private resources. Protecting just the inference layer is not enough. True end-to-end security requires the entire stack to run inside Confidential Computing environments, from input to output, with a provable, unbroken chain of encryption.
We've built Klave to deliver exactly that. Our OS for Trusted Execution Environments secures all data flows including sockets, files, and databases, ensuring data remains protected throughout processing.
There is no AI Agent without action, and there is no action without an MCP Server, which is exactly what Klave is designed to secure. In fact, Klave is the only platform that makes privacy-enabled and verifiable MCP Servers easy to build and deploy in a few clicks.
Enterprise-grade AI also demands secure integration with private infrastructure, and access to on-prem and cloud databases must be encrypted and auditable. Credentials and API tokens must be protected, Klave’s TEEs offer the perfect security.
Klave gives developers the tools to build secure, scalable AI Agents from the ground up with end-to-end confidentiality.
Protect Against Leaks and Ransomwares with Klave DB
Klave DB offers a fast, seamless way to secure your existing databases without requiring major changes to your architecture.
It is built to target and protect only what matters most: critical, high-value data, while leaving the rest of your system untouched. It defends against both external threats and insider risks by ensuring sensitive information stays encrypted at every layer.
All databases should be protected with encryption in transit and at rest. This eliminates many common vulnerabilities, but it doesn’t fully protect your data. Once an attacker gains access, or if a privileged user turns rogue, decrypted data is exposed. Klave DB closes this gap by managing encryption keys inside a secure enclave that no user or system can access.
Acting as a proxy for SQL queries, Klave DB enables secure operations on encrypted data while keeping the rest of your infrastructure intact. There is no need to refactor existing systems. It brings advanced, zero-trust security to traditional database environments with minimal effort.
You can start today with our PostGreSQL DB Management template. It connects directly to your external PostGreSQL database through the Klave DB service, applies deterministic encryption to sensitive fields like PIIs, and lets you build encrypted queries without exposing private data to system, cloud, or database administrators.
Explore the Klave DB page to see how we’re making secure data handling practical. Try the template and start building.
Build Securely with the Klave SDK
Explore what’s possible with the Klave SDK, now easier than ever on our refreshed homepage.
Klave gives developers everything they need to build privacy-preserving, verifiable apps on a secure-by-design foundation. Key features include:
Secure Ledger Storage: An encrypted, tamper-evident NoSQL database for each app.
API Connectivity: Safely interact with Web2 and Web3 services from within the enclave.
Cryptography: Access enclave-backed tools for signing, hashing, and encryption.
Attestation: Programmatically generate and verify TEE attestation quotes.
Database Access: Connect, query and operate with external encrypted databases without exposing data.
AI, Agent & Inference: Run LLMs, build agents, protect data and models, and run RAG inside the enclave, securely.
Explore the homepage for details, docs, and code snippets: https://klave.com/
TECH
Klave v3.5.0 Release
This latest release brings powerful new features that enhance secure connectivity, streamlined attestation and advanced cryptographic capabilities, making the developer experience better than ever. Here’s what’s included:
PostgreSQL DB connectivity: Securely connect to and operate on external PostgreSQL databases from within the enclave with no data exposure.
Simplified Attestation: Easily obtain and verify SGX and TDX quotes using our updated Rust and AssemblyScript SDKs.
Advanced Cryptography: Derive Keys with ECDH and HKDF, now hardware-accelerated in the latest SDK.
Explore everything new in Klave v3.5.0 by visiting klave.com.
NEW APP TEMPLATES
Klave Template Library
PostGreSQL DB Management
Our latest template, built in Rust, gives developers a streamlined way to integrate with external PostgreSQL databases using the Klave DB service. It includes a Rust implementation of key APIs that allow you to connect securely, apply deterministic encryption to sensitive data such as PIIs, and run encrypted queries without exposing that data to any administrators, whether trusted or not, including server, cloud, or database admins.
Our brand new template is ready to use, offering an AssemblyScript implementation of confidential computing attestation management. By leveraging the Klave SDK you can get, parse and verify attestation quotes, and it is compatible with Intel SGX and TDX quotes.
Explore the Klave Template Library to discover other pre-built solutions that showcase what’s possible with confidential computing. Browse existing templates and jumpstart your development by visiting: Klave Template Library.
FEATURED ARTICLES
Discover New Reads
On The Klave Blog
Trusted Execution Environments (TEEs) Attestation Management with the Klave SDK
Written by Etienné Bossé, Head of Platform at Secretarium.
Confidential Computing just became more accessible with attestation management now built into the Klave SDK. Our latest blog post explores how Klave leverages TEEs to securely generate, parse, and verify attestation quotes, enabling trust in distributed systems and supporting secure architectures like Intel SGX and TDX.
Secure Payment vs. Payment: Introducing the Klave PvP Orchestrator Template
Written by Jérémie Labbé, Senior Software Engineer at Secretarium.
Secure payments just became more streamlined with the new Klave PvP Orchestrator Template. This blog post explores how centralised multi-party settlements significantly reduce counterparty risk and streamline complex financial transactions atomically, bringing efficiency to global financial operations.
Securely Manage Your Assets: Introducing the Klave EVM Wallet Template
Written by Jérémie Labbé, Senior Software Engineer at Secretarium.
The Klave EVM Wallet Template is here. This blog post shows how developers can build secure, user-friendly EVM-compatible wallets on a Rust-based foundation. By combining confidential computing with customisable wallet logic, Klave empowers you to create flexible wallets, enabling the same private key to securely connect to and manage assets on various EVM chains without sacrificing privacy or user control.
Empowering Secure and Efficient Blockchain Interactions with Klave
Written by Jérémie Labbé, Senior Software Engineer at Secretarium.
Our blog post explores how our new EVM Light Client and JSON-RPC API templates are transforming blockchain integration. By enabling secure, efficient, and decentralised access to on-chain data, Klave empowers developers to build more resilient Web3 applications without relying on centralised infrastructure.
WebSummit Vancouver (27 – 30 May 2025) - North America’s edition of WebSummit, connecting global tech leaders, startups, and investors to drive innovation.
Rust Paris (25 June 2025) - A conference bringing together users and developers of Rust, the programming language, to explore its growing role and practical applications across the industry.
If you’re interested in working with us, please email: contact@klave.com
If you like these monthly updates from Klave, feel free to share this link with your network. Our monthly newsletter can also be found via our LinkedIn page.
Feel free to browse our previous newsletter editions here.
