Currently, the TEE is implemented only at a logical level, which is sufficient if you fully control all the custom code you deploy.
However, if you are running unknown or untrusted code, a separate execution environment is required.
A WASM-based solution provides strong isolation, but the Docker Agent VM also fits well into our architecture. Keep in mind, though, that the ANCP protocol will have some limitations until Docker Agent VM reaches a more mature release.
Finally, if you ever execute custom code on your self-deployed system, it’s crucial to use only certified Nodes provided by the community.