Lifecycle of a build

Every build follows the same five stages. At no point does plaintext exist outside the sealed boundary, and at no point is a copy retained.

The five stages

1. Encrypt. You encrypt the input client-side under a key bound to your wallet. Plaintext never leaves your device unencrypted.
2. Route. The encrypted payload is routed to a sealed environment whose integrity is verified by attestation. If attestation fails, the build is never sent there.
3. Execute. The environment decrypts the input internally, performs the computation, and produces the output — all inside the opaque boundary.
4. Return. The output is encrypted to your wallet key and returned to you. Only you can decrypt it.
5. Settle & destroy. The environment is destroyed, taking all intermediate state with it, and the consumed $ARX is burned on settlement.

  Wallet           Route to        ┌──── Sealed ────┐       Return
  encrypt x  ──▶   sealed env. ──▶ │  environment   │ ──▶   enc. y
                                   └───────┬────────┘
                                           ╎
                                  environment destroyed
                                     x, state → ∅

What "done" means

A build isn't finished when the model stops typing — it's finished when the work is verified. For code builds, that means the result compiles, tests pass, and no new lint or type errors were introduced. Only a verified result is returned and settled. (See ArxCode Studio for how the verification loop works.)

Next

• Read the privacy argument in Privacy as protocol.
• See the guarantees enumerated in Sealed execution.