Documentation
Concepts
Trustless App

What is a Trustless App?

A Trustless app combines an application built on Klave and a frontend user interface. Like open APIs, on Klave, public applications are accessible, transparent and can be leverage on by your Trustless app.

Characteristics of a Trustless App

Applications deployed on Klave inherit the characteristic of the platform and more.

  • Turing complete - Klave provides a simple Software Development Kit (SDK) to facilitate the development of distributed confidentiality-driven applications (Trustless applications) resulting in programs that can be deployed on Klave. These programs can use free-form business logic, including loops, and can perform any action given the required resources.

  • Stateful - Applications deployed on Klave are provided with a private ledger to manage their state. These ledgers allow for complex state management through multiple tables, ensure integrity and stay encrypted at all time.

  • Deterministic - Given a set of input, transactions of applications deployed on Klave will eventually execute, perform the same function and provide the same outcomes.

  • Confidentiality - Applications are provided with a unique identity known only by the application runtime. This identity is leveraged on to keep data secret at all time (in transit, at rest and in use) ensuring confidentiality and privacy by design (even from the platform provider). However, Trustless applications are the final frontier in terms of privacy boundary. If needed, data could be exposed by the application.

  • Integrity - Computational and data integrity are inherited autmatically from Klave. All data stored on Klave are tamper-proof and code execution is falsification resistant thanks to secure hardware and cryptographic primitives.

  • Isolated - All applications deployed on Klave benefit from two layer of isolation. Klave leverage WebAssembly and each applications run within their own WASM runtime completely isolated from others. In addition, all applications on Klave are deployed with secure hardware enclave running in complete isolation of the OS.

  • Verifiability - Applications code, deployment, transactions can be analyzed and are guaranteed to execute a predictable ways. In addition, application's ledger structure and secure hardware enclave hosting the application can be attested.

Bringing Back Accountability to Business Code

Ultimately, the accountability and privacy boundary are brought back to the application. The platform prevents interference from third-parties, however if the application deployed is extracting the data, they are not secret anymore. Depending on use cases, this will push application developers to follow trustless computing principles and bring transparency by sharing their source code for community inspection and validation. Application developers following these principles could protect themselves from the legal liability of seeing their clients’ data. They can moreover demonstrate this to their clients, and it can be a key driver in many business propositions, even from a strictly commercial point of view.

Trustless PaaSSecure Enclaves