Skip to main content
Wraith Protocol runs inside Trusted Execution Environment (TEE) hardware. This gives you a specific, verifiable set of security guarantees about how your agent’s private keys are handled — guarantees that no software-only system can provide.

What TEE means for your keys

A TEE is a hardware-isolated compute environment. The processor physically separates TEE memory from the rest of the system. The host operating system, cloud provider, and even Wraith’s own infrastructure team cannot read what is happening inside the enclave. For you, this means:
  • Keys are never stored on disk. Your agent’s private keys are derived on demand for each operation and discarded from memory immediately after. There is no database entry, no file, no encrypted backup containing your key material.
  • Keys are derived from hardware. Key derivation uses the TEE’s hardware root secret — a value burned into the processor at manufacture that cannot be extracted or copied.
  • Only your wallet can authorize key export. If you need to export your agent’s private key, you must sign a message with the owner wallet you registered at creation. Without that signature, nobody — including Wraith — can release the key.

Remote attestation: verify the code yourself

TEE hardware can produce a cryptographic proof — called an attestation — that describes exactly what code is running inside the enclave and that it has not been modified. You can request this proof for any agent: 
// GET /tee/attest/{agentId}
const attestation = await fetch(`${baseUrl}/tee/attest/${agentId}`);
// Returns cryptographic proof of code integrity
The attestation proves:
  • The code inside the TEE matches the published Wraith source
  • Your agent’s keys were derived by the legitimate Wraith software
  • No unauthorized modifications have been made to the running code
This lets you verify Wraith’s security claims independently, without trusting Wraith’s word.

What you are protected against

ThreatProtection
Cloud provider reads your keysTEE memory encryption — hardware prevents host OS access
Wraith employee extracts your keysKeys never leave the enclave; no storage to query
Wraith infrastructure is compromisedAttestation lets you verify code integrity before use
Someone exports your key without permissionExport requires a fresh signature from your owner wallet
Key material persists after agent operationsKeys are re-derived per operation and garbage collected

The privacy guardian

Beyond key security, the AI agent running inside the TEE actively monitors for on-chain privacy risks and warns you before you make a mistake:
  • Timing analysis — warns if transactions happen too close together
  • Amount patterns — flags identical payment amounts that could correlate payments
  • Address correlation — warns about withdrawing to a known wallet
  • Consolidation risk — alerts when too many stealth addresses are unspent
await agent.chat("withdraw all to 0xMyMainWallet");
// "Privacy concern — withdrawing all stealth addresses to a single
//  known wallet links every payment to your identity..."
The AI agent’s privacy warnings are informational. You can proceed after reviewing them. The agent will not block a transaction — it will make sure you understand the privacy implications first.

Key export

If you need to take your agent’s private key out of the TEE for any reason, use exportKey with a fresh owner wallet signature: 
import { Wraith, Chain } from "@wraith-protocol/sdk";

const wraith = new Wraith({ apiKey: "wraith_..." });
const agent = await wraith.getAgentByName("alice");

// Requires a fresh signature from the owner wallet
const sig = await wallet.signMessage("Export private key for agent " + agent.info.id);
const { secret } = await agent.exportKey(sig, "Export private key for agent " + agent.info.id);
The TEE verifies the signature matches the registered owner wallet before releasing the key. The message must match exactly — the TEE will reject replayed or mismatched signatures.
Once you export a private key and store it outside the TEE, the hardware security guarantees no longer apply to that key. Keep exported keys in secure, encrypted storage.