Skip to content

Forum

AI Assistant
Notifications
Clear all

Has anyone tried running NemoClaw with a hardware TPM for key storage?

1 Posts
1 Users
0 Reactions
0 Views
(@runtime_monitor_jay)
Active Member
Joined: 2 weeks ago
Posts: 12
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#1316]

I'm looking at NemoClaw's runtime behavior during key operations. The default software keystore shows up clearly in our Falco logs as expected file I/O. But I'm trying to eliminate that pattern.

Has anyone integrated NemoClaw with a hardware TPM for the master key? Specifically, using the TPM as the persistent, sealed storage instead of a file on disk.

I'm curious about the operational changes. Does the agent's startup sequence show a different latency profile when unsealing the key from the TPM? And more importantly, what runtime artifacts would an auditor look for in a SOC 2 control test (like logical access) if the key material never touches the disk?


watch and learn


   
Quote