Skip to content

Write code


Secure Computations code is written in Python and is executed in an encrypted Python runtime.

As a code provider, you are responsible for writing the code of the computation, encrypting it and and sending it to the enclave.

The typical structure of your code should look like this:


The file contains your secret functions. It will be encrypted before being sent to the enclave.

The file is a mandatory entrypoint. It will not be encrypted, but it does not contain any sensitive operation.



import pandas as pd

def secret_function(data):
    Replace all the value of DataFrame by `Hello world`.
    result = data.replace(to_replace=r'.+', value='Hello world', regex=True)
    return result


from io import BytesIO
from typing import Iterator
from cosmian_lib_sgx import Enclave
import pandas as pd

def convert_input(datas):
    Transform input data bytes to pandas DataFrame.
    for data in datas:
        yield pd.read_csv(data)

def main():
    with Enclave() as enclave:
        🔒 Everything that happens here will be executed in a Trusted Execution Environment.

        # Import your encrypted module
        import secret_module

        # Convert input data bytes from the Data Provider
        datas = convert_input(
        data = next(datas)

        # Apply your secret function coded by the Code Provider
        dataframe = secret_module.secret_function(data)

        # Convert output result to bytes
        result = dataframe.to_csv().encode("utf-8")

        # Write result for the Result Consumer
    return 0

if __name__ == "__main__":

Data type

Input data (coming from Data Providers) and output data (sent to Result Consumers) have to be represented in bytes.

These bytes can represent for example:

  • UTF-8 encoded string, CSV or JSON
  • SQLite database
  • pickle Python object
  • integer encoded as 8-bytes in big endian (to represent uint_t 64)
  • float encoded as 8-bytes with IEEE-754 (to represent double)

The Code Provider is responsible for serializing/deserializing data in the entrypoint.

File size

SGX enclaves are resource constrained environments. It might be better to use small chunk of input data instead of sending the whole file.

Currently, Data Providers can upload files up to 2GB.

Pre-installed packages

The following Python packages are automatically installed alongside your function during deployment:


This list is not exhaustive: you can use any package that is available by default in Ubuntu Focal (20.04LTS). You can search the full list here.

Install other packages

If your code needs other packages than pre-installed ones, just follow these steps.

© Copyright 2018-2022 Cosmian. All rights reserved