Roadmap

Phase 1 : Nada Testnet Chain: A Private SVM Execution Environment (Currently)

The first phase launches the Nada Testnet, a private, permissioned SVM-based blockchain designed to prototype confidential execution while maintaining full compatibility with the Solana Virtual Machine. This environment serves as the foundation for all subsequent phases, enabling rapid iteration on new runtime features, improved validator logic, and experimental verification primitives. Developers can deploy standard Solana programs unmodified, while the chain introduces hooks for future TEE attestation validation and private execution flows. Phase 1 provides the essential infrastructure to test decentralized agent patterns, state verification logic, and off-chain/TEE coordination before exposing these capabilities to public networks.

Phase 2: Nada TEEs SDK: Framework for Confidential Agent Execution

Phase 2 delivers the Nada TEEs SDK, a unified developer toolkit for building, running, and packaging confidential agents inside secure hardware (SGX, SEV, Nitro, and future TEEs). This SDK standardizes how agents structure their execution environment, how they call models or tools, and how they generate attestations and execution receipts. It includes library support for secure key management, enclave-bound signing keys, deterministic environment measurement, and efficient generation of provenance proofs such as context Merkle proofs and attention-selection commitments. The SDK abstracts away hardware complexities, allowing developers to build trust-minimized agents without needing deep knowledge of enclave internals. This phase unlocks the ability to build real confidential applications, paving the way for decentralized agent networks.

Phase 3: On-Chain Verification of TEE Attestations (Nada Verify Protocol)

In Phase 3, Nada introduces full on-chain attestation verification, enabling SVM programs to trustlessly validate that an agent execution genuinely occurred inside an authenticated TEE running approved code. The chain verifies: (1) hardware vendor signatures, (2) enclave measurements (code hashes), (3) agent public keys bound to the enclave, and (4) the execution fingerprint generated by the Nada TEEs SDK. This creates a “trust anchor” for confidential agent computation: programs can condition state transitions, credits, settlements, or oracle updates on verified TEE execution. This phase effectively turns TEEs into first-class cryptographic objects within the SVM runtime, enabling secure agent-powered dApps, autonomous AI services, and cross-chain private oracles.

Phase 4: Nada Confidential Layer for Public SVM Chains (e.g., Solana)

The final phase deploys Nada as a modular confidentiality layer for any SVM chain, starting with Solana. This allows developers to integrate private execution, confidential agents, and TEE-backed state verification directly into existing public networks with no changes to the underlying chain. In this model, Nada operates as a verification and attestation layer, while agents execute inside TEEs off-chain and feed proofs to on-chain programs. The result is end-to-end privacy for Solana applications: private smart contracts, private intents, confidential transactions, and verifiable AI/agent execution — all running in parallel to the high-throughput public chain. This phase brings the full promise of decentralized, privacy-preserving agent systems to the real-world Solana ecosystem, enabling next-generation applications that combine speed, confidentiality, and verifiable AI logic.