Bluethroat Labs

Building the future, one innovation at a time

I. About

Bluethroat Labs is a security research collective focused on making TEE-heavy Web3 protocols actually secure, robust, and reliable.

Trusted Execution Environments (TEEs) are a proven primitive that is now migrating into Web3. They have been used for years in security-critical systems like phones, payments, and embedded environments.

But in Web3, TEEs get held to a different bar. There is an inherent tension between hardware trust and the values of decentralisation and transparency. That tension does not go away by hand-waving it. You either model it honestly, or it bites you in production.

At Bluethroat, we bridge that gap by teaching teams what TEEs really guarantee and what they do not, how they fail, and how to integrate them safely. We help protocols combine TEEs with other privacy-enhancing technologies (PETs) to build architectures that preserve Web3's core values without turning "TEE-backed" into a trust-me-bro claim.

We do this through our open-source TEE Security Handbook, and our client work: audits, architecture reviews, and hands-on security consulting for teams shipping enclave-heavy systems.

Talk to us Write to us

II. Our Mission

At Bluethroat Labs, our mission is to accelerate the security maturity of Trusted Execution Environments (TEEs) in Web3. The smart contract ecosystem only became meaningfully safer once vulnerable patterns and hard-earned lessons were openly documented and best practices were widely internalized. Before that, security knowledge stayed trapped in isolated "security islands," slowing progress while attackers only needed to be right once.

Today, the Web3 TEE landscape feels like a rewind to those early days: powerful tech, high stakes, and not enough shared security foundations. Bluethroat Labs exists to break this cycle.

We identify, document, and openly share TEE failure modes, vulnerable patterns, and risky architectural assumptions through our living TEE Security Handbook. In parallel, we work directly with teams through audits, architecture reviews, and hands-on guidance to help them design and ship robust, production-ready systems.

Client engagements sustainably fund our public-good research so security insights reach the entire ecosystem faster. By bridging private expertise with open knowledge, we help the Web3 TEE space level up securely, together.

III. Our Work

We do three kinds of work. One is public, to raise the baseline for the entire ecosystem. The others are private, where we help teams find and fix real issues before attackers do.

The TEE Security Handbook

Our open-source public good. A living handbook that documents TEE failure modes, vulnerable patterns, and practical guidance for safely designing and deploying TEE-heavy Web3 systems.

Confidential Bug Bounty Work

We do ongoing, private vulnerability research across TEE-backed protocols. Details stay confidential by default, but the security lessons and patterns eventually flow back into the ecosystem through the Handbook.

TEE Vulnerability Reasoning LLM

We are building a specialized LLM agent designed to reason about vulnerabilities in Web3 protocols that leverage TEEs in different roles and architectures. The goal is to accelerate threat modeling, surface risky assumptions early, and help teams converge on safer designs faster.

IV. Our Team

We are a small but dedicated team of researchers and builders, united by a passion for security and a commitment to making TEE-backed systems safer.

RS

Rahul Saxena

Founder · ex-ZKSync

TG

Tanmay Goel

Researcher · ex-NVIDIA

AG

Abhimanyu Gupta

Researcher · Malware Analyst

V. Join Us

We're always looking for people who take security seriously and enjoy going deep.

If you have real experience with TEEs, in Web3 or outside it, or you're the kind of person who likes tinkering, breaking systems, and learning new security paradigms, we'd love to hear from you.

Email us at saxenism@bluethroatlabs.com with a short intro and what you've been working on.