> ## Documentation Index
> Fetch the complete documentation index at: https://docs.turnkey.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Secure hardware

Secure hardware provides strong isolation and attestation for sensitive operations:

* Hardware-enforced isolation: secure enclaves have no external networking or persistent storage.
* Root quorum: use ≥3 members with threshold ≥2; each critical user should set up multiple authenticators (e.g., Touch ID, YubiKey).
* Store API keys securely in hardware security modules (HSMs) or encrypted vaults; never hard-code keys in code or client-side.
* Use HPKE-based secure channels for enclave ↔ end-user communication.
* Leverages hardware root-of-trust modules (e.g., AWS Nitro Security Module) for cryptographic attestation.