Dstack: A Zero Trust Framework for Confidential Containers

Highlights

• Portable containers migrate across heterogeneous TEEs
• Smart-contract code governance, no central authority
• dstack-OS, dstack-KMS, and dstack-Gateway components

Abstract

Web3 applications need secure execution that preserves confidentiality and integrity without centralized trust. We introduce dstack, built on Trusted Execution Environment technology while addressing limitations in security reliability, censorship resistance, and vendor independence. Three innovations make it work: portable containers that migrate workloads across diverse TEE systems, decentralized code governance via smart contracts, and verifiable identity management without a central authority. The implementation combines three components — dstack-OS, dstack-KMS, and dstack-Gateway — uniting the performance of VM-level TEE solutions with the trustless guarantees Web3 applications require.