Introducing Nautilus: Bringing Verifiable Offchain Privacy to Sui

Nautilus, a powerful new addition to Sui’s growing security toolkit, is now live on Sui Testnet. Purpose-built to empower Web3 developers with confidential, verifiable offchain computation, Nautilus applications run in developer-managed Trusted Execution Environments (TEE) like AWS Nitro Enclaves, and its verification capability bridges the gap between offchain performance and onchain trust.

As Web3 use cases evolve, the need for privacy, trust, and data integrity continues to grow. With Nautilus, builders can unlock secure, privacy-first applications without compromising decentralization. This release marks another important milestone in Sui’s ongoing commitment to security and trust, one of the network’s foundational pillars.

Nautilus overview

Nautilus on Sui allows developers to execute sensitive or high-cost computations offchain in isolated, tamper-proof trusted execution environments (TEEs) managed by them. Additionally, it allows TEEs to generate cryptographic attestations that prove the computation was executed as intended. Clients or users utilizing such TEE based applications could then submit results onchain, where Move smart contracts could verify the attestation before acting on the data.

This paradigm enables a new class of hybrid applications that balance performance, privacy, and trust - all while preserving decentralization.

Its key components are:

• Move integration: Smart contract patterns and functions for verifying TEE attestations, signatures, and processed outputs on Sui.
• TEE templates: Pre-built, reproducible templates to help developers easily deploy applications to their self-managed TEEs.

The first version of Nautilus will support AWS Nitro enclaves.

Use cases

Nautilus gives builders a powerful new toolkit for secure offchain execution. Below are just a few ways it can be used to deliver privacy, trust, and scalability:

• Tamper-proof oracles for real-world data, such as prices, weather, and sports
• AI inference with agentic workflows and onchain provenance
• Hidden metadata and logic for fair competitive Web3 games
• Private identity verification for KYC/AML without exposing user details

When used in tandem, Nautilus and Seal unlock powerful privacy-preserving use cases that span both secure computation and secure data access. A challenge when utilizing TEEs is the persistence of secret keys between restarts. This challenge can be addressed by using Seal to store long-term keys, ensuring that only properly attested TEEs can access them. Through this combination, TEE solves the "how can I compute on encrypted data" question, while Seal solves the "who should access a key" one. Applications requiring a shared encrypted state can leverage Seal and Nautilus to privately process user requests and update an encrypted state onchain.

Below is a reimagination of a couple of earlier mentioned use cases:

• Private oracles: Run pricing or identity logic in a Nautilus enclave, then encrypt the result with Seal for selective, token-gated decryption onchain.
• Private AI agent with controlled access: Run AI agents privately using Nautilus, ensuring both data and model confidentiality. Then use Seal to encrypt and selectively reveal the inference output, such as a recommendation or prediction, only to authorized parties.

Sui's security vision: Trust by design

Sui was designed from first principles to deliver robust, end-to-end security at every layer of the stack. Its architecture prioritizes safety, correctness, and resilience, providing developers and users with the tools to build and interact with confidence.

Considerations for Sui's security model

• Object-centric data model: Sui’s unique model treats all onchain data as programmable objects with explicit ownership and access control, enabling fine-grained permissioning and eliminating many classes of smart contract vulnerabilities.
• Consensus and transaction execution: Sui ensures high performance, consistency, and resilience by combining causally ordered execution with the Mysticeti consensus protocol, enabling deterministic outcomes even under adversarial conditions.
• Secure smart contracts with Move: Sui uses the Move smart contract language, designed for safe and secure asset management. Move’s strong static typing, resource-oriented model, and bytecode safety checks help developers write more secure code and prevent common vulnerabilities like re-entrancy and integer overflows.

These foundational choices make Sui inherently more secure and performant for large-scale, data-rich applications.

Built-in cryptographic strength

Sui also provides a wide range of cryptographic primitives and capabilities that support robust, secure, and scalable decentralized applications:

• MultiSig Accounts with threshold cryptography: Built-in support for multi-signature accounts enhances security for shared control and institutional access.
• zk-SNARK Support: Sui is optimized for zero-knowledge proofs, making it easy to integrate privacy-preserving logic directly into smart contracts.
• zkLogin: A native authentication mechanism that allows users to log into Web3 applications using familiar Web2 credentials, like those provided by Google and Apple, all while maintaining user privacy and decentralization using zero-knowledge proofs.
• Passkey: Enhances wallet and transaction signing security by enabling biometric-based, WebAuthn-based passkey login flows that eliminate the need for traditional seed phrases.
• Onchain Secure Randomness: Native, verifiable randomness generation on Sui enables fair and unpredictable outcomes for gaming, NFTs, and more.

Also, Seal adds decentralized encryption and programmable access control to Sui, enabling developers to protect sensitive data or enable event and time-based logic with flexible onchain policies. Seal ensures that only authorized users can decrypt and access the underlying data, without depending on centralized key management.

With the addition of Nautilus, Sui takes another step forward in enabling privacy-preserving and verifiable offchain computation. Smart contracts gain users' trust through the verifiability of their source code. This same guarantee is provided by TEE reproducibility, as users can confirm that they are interacting with a specific program based on its source code.

Try Nautilus on Sui Testnet

Developers can start exploring Nautilus now on Sui Testnet. The GitHub repo includes the reproducible template needed to build, deploy, and register self-managed AWS Nitro enclaves, and a reference application to showcase end-to-end attestation generation and onchain verification.

Contact us on Discord for any developer-oriented questions.

By combining the power of self-managed TEEs with the verifiability of onchain logic, Nautilus expands what’s possible for Web3 developers building on Sui.