I design, build, and ship products end-to-end.
Sashwat Karuvayil is a Senior Engineer at IBM India Systems Development Lab (ISDL) in Bengaluru, India, where he builds IaaS product & open-source tooling for IBM Confidential Computing on LinuxONE — including contract-go, contract-cli, and terraform-provider-hpcr.
Products, Linux automation, and confidential computing — built end-to-end, from a blank page to something running in production. Open to open source, consulting, and full-time roles.
Building Confidential Computing Products at IBM on LinuxONE.
Years building things end-to-end
Years in enterprise engineering
Open source projects in production
More than shipping code — I build products and the systems they run on.
From Confidential Computing at IBM to silicon-level DevOps at AMD–Xilinx — I own the full build, from requirements to a deploy that survives real traffic.
What I’m working on
From enterprise to side projects.
IBM Confidential Computing by day — OS, Go SDKs, Terraform providers, and CLIs used by enterprise teams. IoT, hardware, and apps by night.
- IBM · Public
ibm-hyper-protect/contract-go
Go SDK for generating confidential workload contracts — signing, attestation, and encryption end-to-end.
- IBM · Public
ibm-hyper-protect/terraform-provider-hpcr
Declarative contract generation for IBM Confidential Computing Container Runtime.
- Personal
sashuu69/iot-water-level-indicator
IoT-based water level indicator — Raspberry Pi, Arduino, Firebase, and an Android app.
- Personal
sashuu69/portfolio-website-infrastructure
Terraform and Ansible code to self-host a portfolio website on AWS with automated SSL.
Selected work
Things I’ve shipped end-to-end.
- Confidential Computing
IBM Confidential Computing — Contract Tooling
Built as part of my role at IBM India Systems Development Lab (ISDL) in Bengaluru: a Go SDK, a CLI, and a Terraform provider for generating signed and encrypted contracts for IBM Confidential Computing workloads.
IBM Confidential ComputingOpenSSLGoTerraform Provider - Web
Portfolio Website — Self-Hosted
An open source portfolio site I host myself — Python on the back, Docker Compose for the runtime, Terraform and Ansible for the cloud, and automated SSL.
PythonDocker ComposeTerraformAnsible
From the build
Recent writing.
Field notes from production — backend systems, Linux automation, and the seams where they meet.
Building the IBM Confidential Computing Contract Toolchain
Why we built contract-go, contract-cli, and a Terraform provider — and what that meant for shipping confidential workloads on IBM Confidential Computing products without anyone hand-rolling cryptography.
Confidential Computing: Securing Data During Processing
A practical introduction to confidential computing: why encryption at rest and in transit are not enough, what trusted execution environments add, and where the technology fits.
Building something you think I’d enjoy?
Open for open source, consulting, and full-time roles.