Zero Knowledge Verifiable Key Management and TEEs with Turnkey
Oct 1, 2025
Arnaud Brousseau and Jack Kearney, co-founders of Turnkey, bring their extensive experience from Coinbase to discuss innovative key management solutions. They dive into the role of trusted execution environments (TEEs) in preventing key misuse while enhancing automation. Key topics include remote attestation, the importance of reproducible builds for trust, and strategies against downgrade attacks. The duo also explores how granular policies can secure transactions while allowing flexibility for governance and AI applications.
AI Snips
Chapters
Transcript
Episode notes
COVID Lockdowns Sparked Turnkey's Start
- Jack left Polychain and started Turnkey in early 2022 after facing manual asset operations during COVID.
- The inability to access cold storage during lockdown motivated building a safer, automatable key manager.
Attackers Can Sabotage Builds
- Malicious or flawed build steps can inject backdoors like hijacked entropy into TEEs.
- Reproducible source-level audits are essential to detect such intentional or accidental tampering.
Prover-Side Code Needs The Same Scrutiny
- ZK verifiers inherently bind to a specific program, but prover-side code can leak secrets if not audited.
- Reproducible builds and TEEs improve security for prover-side confidential computations.