Client-Side Secure Deployment with RAM-Only Executionο
Note: This is an Upcoming Feature.
Deploy your code on client premises or untrusted cloud servers without revealing your source code.
Problemο
You are a software vendor deploying a proprietary ML model or trading bot on a clientβs server. You need the code to run, but you donβt want the client to steal your algorithm.
Workflow (Planned)ο
1. Initializationο
You initialize the project on the clientβs server using ENC.
enc project init proprietary-algo
2. Secure Mountο
The ENC client mounts the project. The code is decrypted in-memory using a FUSE filesystem.
enc project mount proprietary-algo --read-only
3. Executionο
You point your runtime (Python, Docker, Node.js) to the mounted directory.
python3 ~/enc/projects/proprietary-algo/main.py
4. Protection Modelο
Disk: Identify purely random ciphertext.
RAM: Decrypted code exists only in the volatile memory of the ENC process.
Teardown: When the process stops or
enc project unmountis called, the memory is wiped.
The client never sees the plaintext source code on their disk storage.