Welcome to Penglai-Enclave’s documentation!

Penglai is a set of security solutions based on Trusted Execution Environment. This website contains an overview of the whole project.

It currently supports RISC-V platforms, including both high-performant MMU RISC-V64 arch and MCU (RISC-V32, no MMU).


Penglai contains a set of systems satisfying different scenarios.

  • Penglai-TVM: it is based on OpenSBI, supports fine-grained isolation (page-level isolation) between untrusted host and enclaves. The code is maintained in Penglai-TVM.

  • Penglai-sPMP/PMP: it can utilize either PMP or our sPMP (S-mode PMP) proposal to provide basic enclave functionalities. Refer Penglai-sPMP for more info. A version based on OpenSBI for Nuclei devices is maintained in Nuclei-SDK.

  • Penglai-MCU: it supports Global Platform, and PSA now. Not open-sourced. Refer Penglai-MCU for more info.

Getting Started