Process encrypted data

Evervault Cages

Process the data you encrypt with Relay or our SDK by deploying your code in Cages — isolated serverless functions hosted on Evervault.

Send encrypted data to a Cage

After encrypting data with Relay or our SDK, pass it to an isolated Cage to be processed.

From Relay
From SDK
server.js
1const evervault = require('@evervault/sdk');
2
3app.post('/', async (req, res) => {
4    // Height and weight values are encrypted by Relay
5    const { height, weight } = req.body;
6    console.log({ height, weight });
7
8    // Process the encrypted data in a Cage
9    const bmiResponse = await evervault.run('calculate-bmi', { height, weight });
10    res.status(200).send(bmiResponse);
11});

$ { height: ev:x4ayHhEbK0nc8eFwfew, weight: ev:aOvIi3FbK1ncCeFwKp1 }

cage.js
1// Height and weight are decrypted by the Cage runtime
2
3exports.handler = async ({ height, weight }) => {
4    const bmi = weight / (height * height);
5    return `Your BMI is ${bmi}.`;
6};
cage.js
...

Process encrypted data

Cages are hardened, isolated serverless functions hosted on Evervault. Encrypted data is decrypted by the Cage runtime as it's passed to your code.

Isolate your code

By deploying your code that processes sensitive data as a Cage, you can isolate it from the rest of your stack. Cages are hosted on Evervault, reducing your breach surface area.

Performant at scale

Cages are instantly deployed across multiple regions so that your server-side code is as close to your users as possible. Our goal is for your code to run within 10 milliseconds of any of your users worldwide.

Minimal configuration

Deploy Cages continuously with our GitHub integration. Cages work as API endpoints and run automatically when triggered by the Evervault SDK or a HTTPS request. There’s no need to provision, maintain, or scale servers.

Variables and versioning

Use environment variables to store secrets securely and use them in your Cage code, and easily rollback to previous Cage versions.

Logging and analytics

Cages have real-time logging to support troubleshooting and debugging.

Secure by default

The data you encrypt with Relay does not exist in plaintext outside of your Cages. Cages only use TLS 1.2 or above, and block all non-HTTPS requests. You can configure Cages to block all domains other than ones you explicitly specify.

How Cages work

Start processing encrypted data in minutes

1
Deploy code in a Cage

Use our GitHub integration to deploy your Node.js code in a Cage. Either import an existing repository or clone a template.

2
Run code automatically

Cages work as API endpoints and run automatically when triggered by our SDK or a HTTPS request. Evervault takes care of automatic scaling. Cage runs are logged in realtime.

3
Continuous deployment

When you push to GitHub, your Cage code is automatically updated. With Cage versioning, you can easily roll-back to previous versions.

Create Cage

Don't use GitHub? Use our CLI instead!

"We believe that the healthcare apps of the future will be built in a private and security-first way. Evervault enables us to encrypt the data we collect from wearables companies and our lab partners, so developers can securely access this critical health information without putting their users at risk."

Maitham Dib, Vital Founder

Never have a data breach

Join 3,000 developers, founders, and businesses ending data breaches

Get started