Turnkey spends a lot of time thinking about software builds, and has invested a lot of resources to make them reproducible. Do you really need your software to yield byte-for-byte identical artifacts? My hope is to convince you that the answer is a resounding YES if you're planning to use remote attestations.

While building our new OAuth feature we had to solve an interesting problem: Enclaves do not have network access, yet we have to fetch a list of public keys to verify OIDC tokens securely. How did we solve this using TEEs?