> For the complete documentation index, see [llms.txt](https://docs.nerve-protocol.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.nerve-protocol.com/architecture/tee-nodes.md). # TEE Nodes **TEE Nodes** are the compute units of the Nerve Protocol network. Each node provisions one or more hardware-protected enclaves where missions execute, data is processed, and agents operate under continuous attestation. No plaintext data exits the enclave boundary at any point in the execution cycle. TEE Nodes are operated by independent node operators who bond stake and earn $NPX rewards for verified, policy-compliant execution. *** ## Core Responsibilities **Secure Data Connector hosting.** Nodes run circuit-level connectors that retrieve data from SaaS APIs, blockchains, and air-gapped stores. All ingestion happens inside the enclave. Raw API responses, credentials, and processed data never touch the host OS. **LLM inference.** On-device and near-edge models (including Myelin) run inference entirely inside enclave memory. Model parameters remain encrypted; only the operator's session key can decrypt outputs. **Executor runtime.** Autonomous agents, workflow orchestration logic, and policy enforcement all operate inside the node. Policy guardrails are enforced at the hardware boundary — they cannot be bypassed by a compromised application layer. **Enclave Integrity Monitor checkpoints.** Nodes report to Enclave Integrity Monitors at each task stage boundary. The Monitor re-verifies the node's attestation quote before authorizing the next step. A node that fails mid-mission attestation is quarantined and the mission is halted pending operator review. *** ## Verification Lifecycle 1. **Provisioning.** Each node boots with a measured firmware stack. The hardware manufacturer signs attestation certificates describing the node's capabilities, firmware version, and enclave configuration. 2. **Remote attestation.** Before the node accepts any work, it generates a fresh attestation quote — a hardware-signed statement that the enclave is running the correct, untampered software on certified hardware. This quote is verified by the Mission Scheduler before the node enters the active pool. 3. **Policy injection.** The Mission Scheduler injects mission-specific policy capsules and cryptographic keys bound to that enclave instance. Keys are derived inside the enclave and cannot be extracted. 4. **Step-level proof emission.** During execution, the node emits per-step cryptographic proof bundles: a remote attestation quote, an execution hash, and a policy compliance receipt. These are anchored to the Coordination Ledger. 5. **Key rotation and revocation.** Keys and policy capsules rotate between missions. A node that fails attestation at any stage, or that is flagged by an Enclave Integrity Monitor for anomalous behavior, is automatically quarantined and removed from the active pool. *** ## Supported TEE Platforms Nerve Protocol currently supports and is actively extending support across the following hardware TEE implementations: | Platform | Technology | Notes | | -------- | ---------------------------------- | ------------------------------------------ | | Intel | Intel TDX, Intel SGX | Supported in current production deployment | | AMD | AMD SEV-SNP | Supported in current production deployment | | ARM | ARM TrustZone | Targeted for mobile and edge node support | | NVIDIA | NVIDIA H100 Confidential Computing | Targeted for GPU inference node support | Attestation quote formats differ by platform. The Nerve attestation service normalizes quotes into a canonical format before verification, allowing multi-platform enclave meshes to operate transparently within a single mission. *** ## Accountability and Incentives **Stake-backed reliability.** Node operators bond $NPX stake before entering the active pool. Stake is subject to slashing if the node fails attestation, violates a policy capsule, or is found to have tampered with execution proofs. **Reputation scoring.** Each node accumulates a public performance score derived from attestation success rate, mission completion rate, execution latency, and Enclave Integrity Monitor grades. Higher scores improve priority in the Mission Scheduler's bid assignment. **Encrypted performance telemetry.** Operators can inspect node performance metrics via encrypted dashboards within their Console session. Metrics are aggregated inside the enclave — individual mission data is never exposed. **Reward distribution.** Nodes that complete verified, policy-compliant missions earn $NPX rewards drawn from mission fees. Reward rates scale with reputation score and mission complexity. *** For details on the full verification chain from the client layer through the Coordination Ledger, see the [Secure Computing Infrastructure](/architecture/secure-computing-infrastructure-in-nerve-protocol.md) reference. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.nerve-protocol.com/architecture/tee-nodes.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.