Scaling Confidential Compute on Sui: Nautilus and Marlin Oyster Integration
Marlin Oyster has integrated with the Sui Nautilus framework. This integration removes the operational overhead of managing TEE infrastructure, making confidential compute accessible to every Sui builder.
Applications on Sui sometimes require forms of computation that are not suited to any blockchain. High-frequency trading bots, AI agents, and sophisticated game logic need processing capacity beyond what onchain environments are designed to provide. Blockchains excel at decentralized state, settlement, and consensus, but they are intentionally not built for scalable, long-running compute that modern backend systems rely on.
The solution is to move complex and sensitive logic offchain. This enables scale but introduces a trust problem: the offchain machine becomes an untrusted black box, vulnerable to tampering and difficult to verify.
Hardware-Backed Trust with TEEs
Trusted Execution Environments (TEEs) address this challenge. A TEE, such as AWS Nitro Enclaves prevents tampering through memory isolation, restricted I/O, and cryptographic measurement (PCRs), and the TEE generates a cryptographic attestation proving exactly what binary is running inside. TEEs provide a practical way to balance performance, confidentiality, and verifiability for offchain workloads.
Nautilus: Foundational Confidentiality on Sui
Sui's Nautilus framework enables verifiable offchain computation. Developers can delegate complex tasks to an offchain TEE while maintaining cryptographic trust onchain through reproducible builds and verifiable attestation. Nautilus provides the foundation for verifiable offchain computation on Sui, enabling secure and attestable interactions between TEEs and Move smart contracts.
Marlin Oyster: Simplifying Access
With the integration, developers can access confidential compute without the operational overhead of managing AWS infrastructure. Nautilus provides the cryptographic foundation for hardware-backed proof. Marlin Oyster provides the execution layer that transforms this into a decentralized marketplace.
How it works
The workflow follows four steps:
This workflow preserves the same cryptographic guarantees as a self-managed Nautilus deployment, since operators cannot tamper with enclave execution or attestation.
Even though Oyster operators provision and run the enclaves, they cannot alter the application logic inside. Security comes from the following properties:
Operational Comparison
Marlin plans to extend the workflow so that enclave registration and attestation verification can happen automatically onchain. This will let Sui applications confirm enclave identity and integrity without any direct interaction from developers.
By removing the operational complexity of managing TEEs directly, Nautilus and Marlin Oyster enable developers to build secure, attested offchain logic through a straightforward workflow. This opens new possibilities for verifiable AI, agentic automation, and applications that combine secure offchain execution with high-performance onchain coordination. Confidential compute on Sui is no longer limited to infrastructure experts. Developers can now focus on building innovative applications while retaining strong cryptographic guarantees for privacy and correctness.
Developers can start building today with a reference implementation that demonstrates a decentralized price oracle using Oyster enclaves. The demo shows how to fetch data securely, sign it within a Nitro Enclave, and verify the signatures onchain using PCR attestation: https://github.com/marlinprotocol/sui-oyster-demo
Follow our official social media channels to get the latest updates as and when they come out!
Twitter | Telegram Announcements | Telegram Chat | Discord | Website
Subscribe to our newsletter.
