I build secure production systems spanning AI engineering, confidential computing, and applied cryptography. Recently, I developed a confidential AI agent running inside Intel SGX enclaves with remote attestation and cryptographic verification.
Designed and built a LangGraph-based AI agent where the Anthropic API key and ECDSA signing key live inside an Intel SGX enclave — sealed to hardware using the CPU's fuse secret and the enclave's MRENCLAVE measurement. The host process never holds secrets. Every response is cryptographically signed and independently verifiable.
What the enclave protects:
/sealed/ using _sgx_mrenclave, unreadable outside this exact enclave on this exact CPUapi.anthropic.com originates from inside SGX; the host forwards ciphertext it cannot readWhat a verifier can prove without trusting the host:
report_data in the quote contains SHA256(signing_public_key) — the signing key was present inside that specific enclaveSHA256(prompt ‖ result ‖ timestamp ‖ MRENCLAVE) is valid — the response was not tampered with in transit2024 – 2025 · Caslano, Switzerland
Agentic AI
Built an AI-agent test automation system (OpenAI SDK, Python, Gradio, SendGrid) that runs satellite-processing test suites via a chat interface and auto-generates email reports. Presented to the CEO as the foundation of the company's future internal testing platform.
Engineered a multi-agent web application (CrewAI, OpenAI API, Claude API) using a crew of specialized agents (frontend, backend, lead engineer, tester) to build an ML training data editor — reducing delivery from months to under one week.
Cloud Migration (ESA initiative)
Migrated SNAP and MAPscape satellite-processing systems to the CGI cloud platform; built Python/Docker pipelines for multi-terabyte datasets, eliminating 5 hours/week of manual work.
2022 – 2023 · New York, USA (Remote)
Architected enclave-based key management for Bitcoin and Ethereum, preventing plaintext exposure and protecting over $2 billion in digital assets.
Migrated and redesigned Ethereum bridge infrastructure from Intel SGX SDK to OpenEnclave, eliminating memory corruption and preventing daily bridge restarts.
Stabilized integration tests by resolving Docker and Linux system-level issues, reducing deployment failures by 50%.
Hardened Shamir secret sharing CLI for secure handling of mnemonic-based cryptographic secrets.
2019 – 2021 · Milan, Italy
Led the implementation of arithmetic and cryptographic primitives for Ginger-lib, a Rust library for zk-SNARKs.
Implemented the Poseidon hash function optimized for zk-SNARK systems across elliptic curves (MNT4, MNT6, BN382), achieving a 246× performance improvement in production.
Integrated hash primitives into large-scale Merkle tree constructions, enabling efficient zero-knowledge proof generation at scale.
Optimized multi-scalar multiplication using Pippenger's algorithm with signed-digit recoding.
1st Place — Horizen Labs Private Proof of Ownership Hackathon Track (ZeroKnowledgeVoting)
2019 · Geneva, Switzerland
Integrated the TON blockchain and developed a secure wallet on a Hardware Security Module (HSM).
2018 – 2019 · Sion, Switzerland
2011 – 2016 · Bern, Switzerland
Designed banknote recognition algorithms using machine learning and image processing for embedded systems. Implementation in C++; simulation in MATLAB.
2006 – 2011 · Lausanne, Switzerland
Set a computational record by solving a 112-bit elliptic curve discrete logarithm problem on a cluster of 200 PlayStation 3s, in collaboration with Microsoft Research.
General Chair of the 11th Workshop on Cryptographic Hardware and Embedded Systems — CHES 2009 (300+ attendees).
Implemented cryptographic algorithms on GPUs using CUDA and OpenCL.
2000 – 2006 · Nagoya, Japan
Designed massively parallel algorithms for cryptography in hardware. RTL simulation in Verilog for ASICs.
Best Paper Award — CHES 2005
Computer Arithmetic and Cryptography
"Studies on Modular Arithmetic Hardware Algorithms for Public-Key Cryptography"
Computer Arithmetic and Cryptography
"A VLSI Algorithm for Modular Multiplication/Division"
Ask me about Marcelo's background