Lets understand ephemeral vs persistent storage in TEE When building privacy-preserving co-processors with TEEs, ephemeral vs persistent ciphertext storage becomes a security-critical design choice. At Encifher we chose ephemeral. Here’s why: Most TEE-based systems rely on persistent encrypted storage for secrets — but this opens the door to forensic attacks, key extraction etc. Instead, we implemented a threshold ElGamal encryption scheme where: • Decryption never requires the full key • Each ciphertext triggers fresh, unique partial decryptions • All operations happen only in enclave memory • And everything is wiped after computation The result? No reusable secrets, no disk I/O residue, and no long-term attack surface. Privacy isn’t just about encryption — it’s about designing systems that forget.