Deterministic signing in 42µs. Verifiable attestation. Turing-complete policy engine. Zero vendor access.
From deployment to first signature in under an hour.
Launch the pre-configured AMI in your AWS account. Sentinel runs as a separate Nitro Enclave on a dedicated EC2 instance. Your VPC. Your control.
On startup, Sentinel verifies its own integrity via AWS Nitro attestation. The enclave generates a hardware-signed certificate proving it's running unmodified code.
Your trading keys (ECDSA, EdDSA, or custom algorithms) are generated and stored exclusively within the enclave's isolated memory. Never sent over the network. Never logged to disk outside the enclave.
Your trading application sends signing requests to Sentinel via vsock (virtual socket). Requests pass through the policy engine. If approved, the enclave signs in 42µs. Response returned immediately.
Performance metrics, isolation guarantees, and capabilities.
| Specification | Value | Notes |
|---|---|---|
| Signing Latency (p50) | 14µs | Median case, optimal conditions |
| Signing Latency (p95) | 31µs | 95th percentile observed |
| Signing Latency (p99) | 42µs | 99th percentile observed |
| Key Isolation | AWS Nitro | Hardware-enforced isolation |
| Communication Protocol | vsock IPC | Host ↔ Enclave, no network overhead |
| Policy Engine | Turing-complete Rust | Arbitrary transaction validation |
| Attestation | PCR + Software signature | AWS Nitro verified |
| Halt Time | <1ms | Emergency shutdown latency |
| Audit Log (Max entries) | Unlimited | SEC 17a-4 immutable |
| Signatures/day (typical) | 1M-10M+ | Depends on policy evaluation |
Threat model: adversary control of the host OS and all AWS personnel.
Keys are isolated in the Nitro enclave. Even with root access, an attacker cannot extract them.
AWS cannot access keys. Nitro isolation is enforced at the hardware layer, not the OS.
ZeroCopy has zero access to your keys. We can't audit them. We can't disable them.
vsock communication is internal to the host. No network exposure. No TLS needed.
All Sentinel code is open-sourced. You can audit and deploy your own build.
Immutable audit log cryptographically prevents retroactive modifications. SEC 17a-4 compliant.
Why Sentinel is the best choice for trading infrastructure.
Integration is straightforward. Sentinel handles signing. Your app handles logic.
Spin up the Sentinel AMI in your VPC on c6i.2xlarge EC2 instance. Takes 3 minutes.
Create vsock endpoint from your app host to Sentinel. Set security group rules. Takes 5 minutes.
Sentinel initializes keys. Generates attestation certificate. Takes 2 minutes.
Run integration tests against your trading app. Goes live. Takes 30 minutes.
Start with a 30-day pilot. No credit card required. Our team handles deployment.