> For the complete documentation index, see [llms.txt](https://docs.nerve-protocol.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.nerve-protocol.com/overview/data-integrators.md). # Secure Data Connectors **Secure Data Connectors** (referred to as circuit-level connectors in the protocol internals) are TEE-resident software modules that retrieve, normalize, and encrypt data from external sources before it contacts the host operating system. They interface with Web2 platforms (Google, Apple, Meta, Amazon), Web3 protocols (MetaMask, Phantom), and air-gapped hardware — pulling data into the enclave, transforming it, and routing it directly to your Personal AI or autonomous executors. No decrypted payload exits the TEE. The host can observe that a network connection occurred; it cannot observe what was retrieved, processed, or stored. Connectors also structure retrieved data into a **personal knowledge graph** — a private, operator-owned semantic index stored encrypted under the operator's key and optimized for on-device LLM queries. *** ## Security Guarantees **Least-privilege retrieval.** Each connector operates under a purpose-bound policy capsule specifying which data fields it may access, the declared intent for that access, and the retention window. Expanding scope requires explicit operator re-authorization — connectors cannot self-elevate. **Hermetic storage.** Processed data is stored encrypted under operator-held keys. It is never written to the host filesystem in plaintext or routed through a shared cloud storage layer. **Attestation-gated data release.** A Personal AI or executor must present a valid remote attestation quote before a connector releases data to it. Agents that fail attestation are denied access automatically and flagged to the [Enclave Integrity Monitors](/overview/guardian-models.md). **On-chain verification.** After each retrieval cycle, the connector submits a hardware-generated attestation report to the Nerve Protocol Network confirming: (1) the retrieval task completed inside a verified TEE, (2) the enclave code matches the certified version, and (3) the declared policy capsule was honored throughout. The report proves why data moved without revealing what moved. *** ## How Connectors Operate 1. **Authorization.** The operator specifies which data sources to connect and grants permission through the Integration Grid. OAuth tokens and API credentials are authorized via the in-enclave browser — they are sealed to the enclave on issuance and never touch the host browser or OS session. 2. **Retrieval.** The connector establishes an attested connection to the source. It pulls only the fields declared in its policy capsule, using the sealed credentials. Raw API responses never leave the TEE. 3. **Normalization and indexing.** Retrieved data is cleaned, structured, and merged into the personal knowledge graph inside the enclave. The schema is optimized for on-device LLM embedding queries. 4. **Attestation submission.** The connector submits an attestation report to the Coordination Ledger confirming the retrieval ran inside a certified TEE and honored the policy capsule. 5. **Encrypted storage.** The processed data is written to the operator's designated trusted storage location — local device, private cloud volume, or dedicated secure storage — under the operator's encryption key. *** ## Supported Sources | Category | Platforms | | ---------------------------------- | ---------------------------------------------------------------------------- | | **Productivity and Communication** | Slack, Notion, Gmail, Google Drive, Google Calendar, Google Meet | | **Commerce and Logistics** | Amazon, Uber | | **On-Chain Protocols** | MetaMask, Phantom, and custom EVM-compatible chains via the Nerve SDK | | **Device and Sensor Data** | IoT endpoints via the Nerve SDK hardware adapter | | **Air-Gapped Systems** | Custom integrations via the Nerve SDK with on-premise connector registration | For platform-specific setup steps, see the [Integration Matrix](/guides/integration-matrix.md). *** ## Custom Connectors Operators can build and register custom connectors using the Nerve SDK. Custom connectors must: * Declare a complete policy capsule before registration, specifying all data fields, intent labels, retention limits, and expiration windows. * Pass Enclave Integrity Monitor evaluation to receive an attestation fingerprint and be listed in the Integration Registry. * Operate within the same TEE boundary constraints as first-party connectors — no privileged host access is permitted. Registered custom connectors receive a reputation score derived from attestation success rate, policy adherence history, and Enclave Integrity Monitor grades. Higher reputation scores improve priority in the Agent Exchange. {% hint style="info" %} A **TEE** (Trusted Execution Environment) is a hardware-isolated memory region within the device's main processor. Code and data inside a TEE are inaccessible to the host OS, hypervisor, and other processes — including those with root or administrator privileges. {% endhint %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.nerve-protocol.com/overview/data-integrators.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.