From 72b0d510d3b95a94655d41915086afc99980c6e8 Mon Sep 17 00:00:00 2001
From: paypes <43441600+abbesBenayache@users.noreply.github.com>
Date: Wed, 22 Apr 2026 16:43:09 +0200
Subject: [PATCH 01/10] docs: migrate documentation from SGX/Bellecour to
 TDX/Arbitrum

- Remove all SGX, Scone, Gramine, and Bellecour references from
  user-facing documentation and application code
- Update chain.utils.ts and wagmiNetworks.ts: drop Bellecour network,
  add TDX workerpool addresses and TDX tool addresses for Arbitrum
  mainnet and Sepolia
- Fix SMS URLs (sms.labs.iex.ec for Sepolia, sms.arbitrum-mainnet.iex.ec
  for mainnet), workerpool addresses, and deploy output field names
- Rewrite build-your-first-sgx-iapp.md as a TDX SDK CLI guide
- Update sidebar: replace SGX entries with TDX equivalents
- Add [TDX] link at first mention in every page that references it
- Update PoCo tag table: keep only 0x0001 (TEE) and 0x0009 (TEE TDX)
- Update important-addresses.md with current TDX contract addresses
---
 .vitepress/sidebar.ts                         |  10 +-
 src/get-started/helloWorld/2-protectData.md   |   2 +-
 src/get-started/helloWorld/3-buildIApp.md     |  95 +--
 src/get-started/overview/privacy-iapp.md      |  14 +-
 src/get-started/overview/rlc.md               |   1 -
 src/get-started/overview/what-is-iexec.md     |  27 +-
 .../blockchain-explorer.md                    |  15 +-
 .../tooling-and-explorers/bridge.md           |  56 +-
 .../tooling-and-explorers/iexec-explorer.md   |   2 +-
 .../important-addresses.md                    |  36 +-
 .../subgraph-explorer.md                      |  26 +-
 src/get-started/use-cases.md                  |   2 +-
 .../advanced/access-confidential-assets.md    |  10 +-
 .../advanced/build-your-first-sgx-iapp.md     | 578 ------------------
 .../advanced/build-your-first-tdx-iapp.md     | 109 ++--
 .../build-iapp/advanced/protect-the-result.md |  33 +-
 src/guides/build-iapp/advanced/quick-start.md |   2 +-
 src/guides/build-iapp/deploy-&-run.md         | 203 +-----
 src/guides/build-iapp/manage-access.md        |   8 +-
 src/guides/manage-data/manage-access.md       |   5 +-
 src/modules/helloWorld/ProtectData.vue        |  14 +-
 src/protocol/ai.md                            |  73 +--
 src/protocol/proof-of-contribution.md         |  34 +-
 src/protocol/tee/intel-sgx.md                 | 147 -----
 src/protocol/tee/intel-tdx.md                 |  48 +-
 src/protocol/tee/introduction.md              |  35 +-
 src/protocol/tee/sgx-vs-tdx.md                |  85 ---
 src/protocol/worker/manage-access.md          |  35 +-
 .../dataProtector/advanced-configuration.md   |  12 +-
 .../dataProtector/getting-started.md          |  15 -
 .../methods/processProtectedData.md           |  15 +-
 .../dataProtector/methods/protectData.md      |  12 +-
 src/references/glossary.md                    |  87 +--
 src/references/iapp-generator.md              |  11 +-
 .../iapp-generator/building-your-iexec-app.md |  26 +-
 src/utils/chain.utils.ts                      |  39 +-
 src/utils/wagmiNetworks.ts                    |  24 +-
 37 files changed, 267 insertions(+), 1679 deletions(-)
 delete mode 100644 src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md
 delete mode 100644 src/protocol/tee/intel-sgx.md
 delete mode 100644 src/protocol/tee/sgx-vs-tdx.md

diff --git a/.vitepress/sidebar.ts b/.vitepress/sidebar.ts
index e6ae5ae4..8268ce32 100644
--- a/.vitepress/sidebar.ts
+++ b/.vitepress/sidebar.ts
@@ -157,10 +157,6 @@ export function getSidebar() {
                 text: 'Quick Start',
                 link: '/guides/build-iapp/advanced/quick-start',
               },
-              {
-                text: 'Build your first SGX app',
-                link: '/guides/build-iapp/advanced/build-your-first-sgx-iapp',
-              },
               {
                 text: 'End-to-end Encryption',
                 link: '/guides/build-iapp/advanced/protect-the-result',
@@ -425,16 +421,12 @@ export function getSidebar() {
                 text: 'Introduction to TEE Technologies',
                 link: '/protocol/tee/introduction',
               },
-              {
-                text: 'Intel SGX Technology',
-                link: '/protocol/tee/intel-sgx',
-              },
               {
                 text: 'Intel TDX Technology',
                 link: '/protocol/tee/intel-tdx',
               },
               {
-                text: 'SGX vs TDX Comparison',
+                text: 'Why Intel TDX?',
                 link: '/protocol/tee/sgx-vs-tdx',
               },
             ],
diff --git a/src/get-started/helloWorld/2-protectData.md b/src/get-started/helloWorld/2-protectData.md
index b86aa15a..527ccdb4 100644
--- a/src/get-started/helloWorld/2-protectData.md
+++ b/src/get-started/helloWorld/2-protectData.md
@@ -110,7 +110,7 @@ button:
   </div>
   <div class="flex items-center gap-3">
     <span class="bg-gray-950 text-sm text-white w-6 h-6 rounded-full flex items-center justify-center font-medium">4</span>
-    <span>iExec's protocol stores the symmetric key in a secure enclave (TEE) in the Secret Management Service</span>
+    <span>iExec's protocol stores the symmetric key in a [TDX](/protocol/tee/intel-tdx) Trust Domain (TEE) in the Secret Management Service</span>
   </div>
   <div class="flex items-center gap-3">
     <span class="bg-gray-950 text-sm text-white w-6 h-6 rounded-full flex items-center justify-center font-medium">5</span>
diff --git a/src/get-started/helloWorld/3-buildIApp.md b/src/get-started/helloWorld/3-buildIApp.md
index cbcd83cd..c849735b 100644
--- a/src/get-started/helloWorld/3-buildIApp.md
+++ b/src/get-started/helloWorld/3-buildIApp.md
@@ -364,19 +364,6 @@ Once you have your token, you can deploy your iApp.
   />
 </template>
 
-<template v-else>
-  <CLIDemo
-    initialCommand="iapp deploy"
-    asciiText="Deploy"
-    :steps="bellecourSteps"
-    :completionStep="14"
-    :completionMessage="'Deployment of your iApp completed successfully:'"
-    :completionItems="bellecourCompletionItems"
-    :successMessage="'Run iapp run 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923 to execute your iApp on an iExec TEE worker'"
-    :autoRestart="true"
-  />
-</template>
-
 ::: tip <i></i>
 
 📝 Make sure to save your **iApp address** after deployment - you'll need it
@@ -533,7 +520,7 @@ const arbitrumSteps = [
   },
   {
     showAt: 13,
-    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7 on dockerhub',
+    question: 'Pushed TEE image bob/hello-world:0.0.1-tdx-a53fc4c480f4 on dockerhub',
     answer: '',
     showTyping: false,
     isComplete: true
@@ -547,82 +534,8 @@ const arbitrumSteps = [
   }
 ];
 
-const bellecourSteps = [
-  {
-    showAt: 2,
-    question: 'Using chain bellecour',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 3,
-    question: 'Using saved walletPrivateKey (from iapp.config.json)',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 4,
-    completeAt: 6,
-    question: 'What is your username on DockerHub? (It will be used to properly tag the Docker image)',
-    answer: 'bob',
-    showTyping: true,
-    isComplete: false
-  },
-  {
-    showAt: 6,
-    completeAt: 8,
-    question: 'What is your DockerHub access token?',
-    answer: '**********************',
-    showTyping: true,
-    isComplete: false
-  },
-  {
-    showAt: 8,
-    completeAt: 10,
-    question: 'What is the version of your iApp?',
-    answer: '0.0.1',
-    showTyping: true,
-    isComplete: false
-  },
-  {
-    showAt: 10,
-    question: 'Docker image built (sha256:a53fc4c480f482c384a13266ea2cb6cc5572733c866c44a5f604f4bfab3a744a) and tagged bob/hello-world:0.0.1',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 11,
-    question: 'Pushed image bob/hello-world:0.0.1 on dockerhub',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 12,
-    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7 on dockerhub',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 13,
-    question: 'TEE app deployed',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  }
-];
-
 const arbitrumCompletionItems = [
-  '└ Docker image: bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7',
-  '└ iApp address: 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923'
-];
-
-const bellecourCompletionItems = [
-  '└ Docker image: bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7',
+  '└ Docker image: bob/hello-world:0.0.1-tdx-a53fc4c480f4',
   '└ iApp address: 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923'
 ];
 
@@ -693,7 +606,7 @@ const arbitrumSepoliaSteps = [
   },
   {
     showAt: 13,
-    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7 on dockerhub',
+    question: 'Pushed TEE image bob/hello-world:0.0.1-tdx-a53fc4c480f4 on dockerhub',
     answer: '',
     showTyping: false,
     isComplete: true
@@ -708,7 +621,7 @@ const arbitrumSepoliaSteps = [
 ];
 
 const arbitrumSepoliaCompletionItems = [
-  '└ Docker image: bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7',
+  '└ Docker image: bob/hello-world:0.0.1-tdx-a53fc4c480f4',
   '└ iApp address: 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923'
 ];
 </script>
diff --git a/src/get-started/overview/privacy-iapp.md b/src/get-started/overview/privacy-iapp.md
index ceedfedf..264097a2 100644
--- a/src/get-started/overview/privacy-iapp.md
+++ b/src/get-started/overview/privacy-iapp.md
@@ -47,7 +47,7 @@ Privacy iApp, they will.**
 <CardWithBorder>
 
 ✅ **True Privacy:** Users never expose their raw data. Your app processes it
-privately inside secure enclaves.
+privately inside hardware-isolated Trust Domains.
 
 ✅ **Trusted Execution:** iExec ensures your code runs inside a Trusted
 Execution Environment (TEE), guaranteeing only the specified Docker image
@@ -64,10 +64,12 @@ operating system during execution.
 
 ## How it Works
 
-Your code runs in a Trusted Execution Environment (TEE). This secure area exists
-inside specific processors (Intel Software Guard Extensions (SGX) or Trust
-Domain Extensions (TDX) chipsets). Everything stays private and protected there,
-even from the operating system.
+Your code runs in a Trusted Execution Environment (TEE) powered by **Intel Trust
+Domain Extensions ([TDX](/protocol/tee/intel-tdx))**. TDX is a hardware-based
+confidential computing technology built into Intel processors. It isolates
+entire virtual machines — called **Trust Domains** — from the host hypervisor,
+the cloud provider, and the operating system itself. Everything inside a Trust
+Domain stays private and protected, even from infrastructure administrators.
 
 Authorized users trigger an iApp that processes protected data inside this
 private environment. Your iApp uses the data but never exposes it, not even to
@@ -163,7 +165,7 @@ see what you can build!
 
 - **Docker**: Your application must be containerized
 - **Input/Output**: Define clear input and output schemas
-- **TEE Compatibility**: Ensure your code runs in secure enclaves
+- **TEE Compatibility**: Ensure your code runs inside a TDX Trust Domain
 - **Network Access**: Configure any external API calls or dependencies
 
 ## Next Steps
diff --git a/src/get-started/overview/rlc.md b/src/get-started/overview/rlc.md
index 211e5799..29c3be8c 100644
--- a/src/get-started/overview/rlc.md
+++ b/src/get-started/overview/rlc.md
@@ -119,7 +119,6 @@ You can acquire RLC tokens through several methods:
   <FeatureCard
     title="Cross-Chain Bridging"
     :features="[
-      { text: 'Bellecour Bridge', link: 'https://bridge-bellecour.iex.ec/' },
       { text: 'Stargate Bridge (Arbitrum)', link: 'https://stargate.finance/bridge' }
     ]"
   />
diff --git a/src/get-started/overview/what-is-iexec.md b/src/get-started/overview/what-is-iexec.md
index c8f75e5d..ccbb9394 100644
--- a/src/get-started/overview/what-is-iexec.md
+++ b/src/get-started/overview/what-is-iexec.md
@@ -24,9 +24,10 @@ developers build privacy-preserving apps.
 
 ### Step 2: Create a Deal
 
-**Requester** submits a computation request. The **PoCo smart contract**
-automatically matches and brings together all required resources: the iApp,
-protected data, and available workerpool.
+**Requester** submits a computation request. The
+**[PoCo](/protocol/proof-of-contribution) (Proof of Contribution) smart
+contract** automatically matches and brings together all required resources: the
+iApp, protected data, and available workerpool.
 
 → **Guides**:
 [Run iApp with ProtectedData](/guides/use-iapp/run-iapp-with-ProtectedData),
@@ -35,12 +36,15 @@ protected data, and available workerpool.
 ### Step 3: Execute in TEE
 
 **Workers** from the selected workerpool download the iApp and execute it inside
-**secure enclaves** (TEEs). Your data is processed confidentially - workers can
-run computations but never access raw data outside the TEE.
+**[TDX](/protocol/tee/intel-tdx) Trust Domains** — hardware-isolated
+[TEEs](/protocol/tee/introduction) (Trusted Execution Environments). Your data
+is processed confidentially: workers can run computations but never access raw
+data outside the Trust Domain.
 
 ### Step 4: Deliver Results & Pay
 
-Results are encrypted and delivered back to the requester. **RLC tokens** are
+Results are encrypted and delivered back to the requester.
+**[RLC](/get-started/overview/rlc) tokens** (the protocol's native currency) are
 automatically distributed to all participants (app provider, data provider,
 workerpool) based on their contribution.
 
@@ -56,11 +60,12 @@ these purposes."
 Your code, packaged to run on workers. Can be AI models, data processing
 scripts, any computation.
 
-### **Workers (Secure Enclaves)**
+### **Workers ([TDX](/protocol/tee/intel-tdx) Trust Domains)**
 
-Computers that process your data inside privacy-safe TEE environments. They can
-access your data to work with it, but the TEE ensures it stays confidential and
-tamper-proof.
+Computers that process your data inside hardware-isolated
+[TEE](/protocol/tee/introduction) environments (Trusted Execution Environments).
+They can access your data to work with it, but the TEE ensures it stays
+confidential and tamper-proof.
 
 ### **Deals**
 
@@ -76,7 +81,7 @@ protocol takes care of worker allocation and secure coordination.
 2. **Deploy**: AI company packages their model → becomes iApp
 3. **Execute**: Someone submits Task → "Train model on this data"
 4. **Result**: Model gets trained, researcher gets insights, raw data never
-   leaves enclave
+   leaves the Trust Domain
 
 **Web3 Email**
 
diff --git a/src/get-started/tooling-and-explorers/blockchain-explorer.md b/src/get-started/tooling-and-explorers/blockchain-explorer.md
index c928d7f8..168058ab 100644
--- a/src/get-started/tooling-and-explorers/blockchain-explorer.md
+++ b/src/get-started/tooling-and-explorers/blockchain-explorer.md
@@ -1,8 +1,8 @@
 ---
 title: Blockchain Explorers
 description:
-  Explore iExec smart contracts on verified blockchain explorers for both
-  Arbitrum mainnet and Bellecour network.
+  Explore iExec smart contracts on verified blockchain explorers for Arbitrum
+  mainnet and Arbitrum Sepolia testnet.
 ---
 
 # Blockchain Explorers
@@ -36,16 +36,6 @@ publicly auditable.
     demo-label="Visit Arbiscan"
   />
   
-  <UseCaseCard
-    title="⚡ Bellecour"
-    description="iExec's dedicated sidechain for optimized performance with native integration and enhanced protocol analytics."
-    :image-url="bellecourExplorerImage"
-    image-alt="Bellecour Explorer"
-    :features="['Verified Contracts', 'Transaction History', 'Token Tracking', 'Contract Interactions']"
-    demo-url="https://blockscout-bellecour.iex.ec/"
-    demo-icon="mdi:eye"
-    demo-label="Visit Blockscout"
-  />
 </div>
 
 ::: tip 💡 Dev Tip
@@ -60,5 +50,4 @@ import UseCaseCard from '@/components/UseCaseCard.vue';
 
 // Assets
 import arbitrumExplorerImage from '@/assets/tooling-&-explorers/blockchain-explorer/arbitrum-explorer.png';
-import bellecourExplorerImage from '@/assets/tooling-&-explorers/blockchain-explorer/bellecour-explorer.png';
 </script>
diff --git a/src/get-started/tooling-and-explorers/bridge.md b/src/get-started/tooling-and-explorers/bridge.md
index 28f80409..04ee2330 100644
--- a/src/get-started/tooling-and-explorers/bridge.md
+++ b/src/get-started/tooling-and-explorers/bridge.md
@@ -2,7 +2,7 @@
 title: iExec RLC Bridge
 description:
   Bridge RLC tokens between networks to interact with the iExec protocol.
-  Transfer RLC to Bellecour (xRLC) and Arbitrum networks using dedicated bridges
+  Transfer RLC to Arbitrum networks using the Stargate Bridge
 ---
 
 # RLC Bridge
@@ -11,8 +11,8 @@ description:
 whether you're executing tasks, accessing protected data, or participating in
 the iExec confidential computing network.
 
-This guide helps you bridge RLC tokens to **Bellecour** (becoming xRLC) and
-**Arbitrum** networks using the Bellecour Bridge and Stargate Bridge.
+This guide helps you bridge RLC tokens to **Arbitrum** using the Stargate
+Bridge.
 
 ::: tip 🧪 Testing on Arbitrum Sepolia
 
@@ -30,18 +30,6 @@ iExec provides officially supported bridges for seamless token transfer across
 networks:
 
 <CardGrid>
-  <ProjectCard
-    title="Bellecour Bridge"
-    description="Bridge RLC tokens between Ethereum mainnet and Bellecour sidechain"
-    :icon-image="iexecLogoIcon"
-    status="available"
-    status-label="Live"
-    button-label="Access Bridge"
-    button-icon="mdi:bridge"
-    button-href="https://bridge-bellecour.iex.ec/"
-    button-rel="noreferrer"
-  />
-  
   <ProjectCard
     title="Stargate Bridge"
     description="Bridge RLC tokens between Ethereum and Arbitrum using LayerZero protocol"
@@ -77,42 +65,6 @@ RLC tokens between Ethereum and Arbitrum mainnet in both directions.
   link-url="https://stargate.finance/bridge"
 />
 
-## Bellecour Bridge
-
-The **Bellecour Bridge** enables seamless transfer of RLC tokens between
-Ethereum mainnet and the Bellecour sidechain in both directions. When bridged to
-Bellecour, RLC becomes xRLC, the native asset of the Bellecour network.
-
-### Ethereum <> Bellecour (RLC <> xRLC)
-
-1. **Connect Wallet**: Visit
-   [Bellecour Bridge UI](https://bridge-bellecour.iex.ec/) and connect your
-   wallet
-2. **Select Source Network**: The bridge automatically detects your current
-   network and available tokens (RLC on Ethereum or xRLC on Bellecour)
-3. **Choose Destination**: The bridge will show the opposite network as
-   destination automatically
-4. **Select Amount**: Choose the amount of tokens you want to bridge
-5. **Confirm Transaction**: Approve the bridge transaction and wait for
-   confirmation
-6. **Receive Tokens**: Your tokens will be available on the destination network
-
-<ImageViewer
-  :image-url-dark="bellecourBridgeImage"
-  image-alt="Bellecour Bridge Process"
-  link-url="https://bridge-bellecour.iex.ec/"
-/>
-
-::: tip 🔄 Bidirectional Bridge
-
-The bridge interface automatically detects your wallet's network and available
-tokens. The process is similar in both directions - simply switch to the
-appropriate network (source chain) in your wallet and refresh the page to update
-the bridge direction, then the bridge will handle the conversion between RLC and
-xRLC seamlessly.
-
-:::
-
 ## Security & Audits
 
 The **Stargate Bridge** uses the **LayerZero protocol** under the hood, which
@@ -152,9 +104,7 @@ import CardGrid from '@/components/CardGrid.vue';
 import ProjectCard from '@/components/ProjectCard.vue';
 
 // Assets
-import iexecLogoIcon from '@/assets/icons/iexec-logo.png';
 import arbitrumLogoIcon from '@/assets/icons/arbitrum.svg';
-import bellecourBridgeImage from '@/assets/tooling-&-explorers/bridge/bellecour-bridge.png';
 import stargateBridgeImage from '@/assets/tooling-&-explorers/bridge/stargate-bridge.png';
 import halbornLogoIcon from '@/assets/icons/halborn.svg';
 </script>
diff --git a/src/get-started/tooling-and-explorers/iexec-explorer.md b/src/get-started/tooling-and-explorers/iexec-explorer.md
index 4e98c55d..df4eb614 100644
--- a/src/get-started/tooling-and-explorers/iexec-explorer.md
+++ b/src/get-started/tooling-and-explorers/iexec-explorer.md
@@ -131,7 +131,7 @@ Browse and analyze all tasks across the iExec network:
 - **Real-time Progress**: Monitor task status from queued → running → completed
   with detailed state transitions
 - **Execution Environment**: See which workers are processing your tasks and
-  their TEE capabilities (SGX, TDX)
+  their TEE capabilities ([TDX](/protocol/tee/intel-tdx))
 - **Data Flow**: Track which protected datasets are securely accessed by
   authorized iApp
 - **Result Management**:
diff --git a/src/get-started/tooling-and-explorers/important-addresses.md b/src/get-started/tooling-and-explorers/important-addresses.md
index 0c4ed318..71fb52a8 100644
--- a/src/get-started/tooling-and-explorers/important-addresses.md
+++ b/src/get-started/tooling-and-explorers/important-addresses.md
@@ -8,8 +8,8 @@ description:
 # Important Addresses
 
 Quick reference guide to all important iExec protocol addresses. Find RLC token
-addresses, PoCo smart contracts, and application addresses for Ethereum,
-Arbitrum, and Bellecour networks.
+addresses, PoCo smart contracts, and application addresses for Ethereum and
+Arbitrum networks.
 
 ::: tip 💡 Quick Access
 
@@ -28,14 +28,6 @@ these addresses to interact with RLC tokens on each network.
 | **Ethereum Mainnet** | 1        | `0x607F4C5BB672230e8672085532f7e901544a7375` |
 | **Arbitrum Mainnet** | 42161    | `0xe649e6a1F2afc63ca268C2363691ceCAF75CF47C` |
 | **Arbitrum Sepolia** | 421614   | `0x9923eD3cbd90CD78b910c475f9A731A6e0b8C963` |
-| **Bellecour**        | 134      | `xRLC` (Native token)                        |
-
-::: info
-
-On **Bellecour**, RLC tokens are bridged from Ethereum and become **xRLC**
-(native token). No contract address is needed as it's the native currency.
-
-:::
 
 ## PoCo Smart Contracts
 
@@ -69,15 +61,6 @@ decentralized computing marketplace.
 | **DatasetRegistry**    | `0x07Cc4E1EA30dD02796795876509A3BfC5053128D` |
 | **WorkerpoolRegistry** | `0xe3c13bb4A5068601c6A08041Cb50887B07B5F398` |
 
-### Bellecour
-
-| Contract               | Address                                      |
-| ---------------------- | -------------------------------------------- |
-| **Diamond Proxy**      | `0x3eca1B216A7DF1C7689aEb259fFB83ADFB894E7f` |
-| **AppRegistry**        | `0xB1C52075b276f87b1834919167312221d50c9D16` |
-| **DatasetRegistry**    | `0x799DAa22654128d0C64d5b79eac9283008158730` |
-| **WorkerpoolRegistry** | `0xC76A18c78B7e530A165c5683CB1aB134E21938B4` |
-
 ## Data Protector Contracts
 
 Smart contracts for managing protected data and access control.
@@ -107,9 +90,8 @@ features.
 
 | Network              | Whitelist Address                            |
 | -------------------- | -------------------------------------------- |
-| **Arbitrum Mainnet** | `0xD5054a18565c4a9E5c1aa3cEB53258bd59d4c78C` |
-| **Arbitrum Sepolia** | `0x8d46d40840f1Aa2264F96184Ffadf04e5D573B9B` |
-| **Bellecour**        | `0x781482C39CcE25546583EaC4957Fb7Bf04C277D2` |
+| **Arbitrum Mainnet** | `0xfa9cceff9431ee0e2a3fe58911073f1357f24e31` |
+| **Arbitrum Sepolia** | `0x09d59e1b696d0cb69f46bf762412636e8652ab58` |
 
 ### Web3Telegram
 
@@ -117,9 +99,8 @@ Web3Telegram enables decentralized Telegram messaging with Web3 integration.
 
 | Network              | Whitelist Address                            |
 | -------------------- | -------------------------------------------- |
-| **Arbitrum Mainnet** | `0x53AFc09a647e7D5Fa9BDC784Eb3623385C45eF89` |
-| **Arbitrum Sepolia** | `0x7291ff96100DA6CF97933C225B86124ef95aEc9b` |
-| **Bellecour**        | `0x192C6f5AccE52c81Fcc2670f10611a3665AAA98F` |
+| **Arbitrum Mainnet** | `0xa7101cf61d4602d55a715be4f2b9e1bc71d22301` |
+| **Arbitrum Sepolia** | `0x7f67e78a4b0a98c50333b8b72851952c396601a1` |
 
 ## Workerpool Addresses
 
@@ -127,9 +108,8 @@ Default workerpool addresses for each network.
 
 | Network              | Workerpool Address                           |
 | -------------------- | -------------------------------------------- |
-| **Arbitrum Mainnet** | `0x2C06263943180Cc024dAFfeEe15612DB6e5fD248` |
-| **Arbitrum Sepolia** | `0xB967057a21dc6A66A29721d96b8Aa7454B7c383F` |
-| **Bellecour**        | `prod-v8-bellecour.main.pools.iexec.eth`     |
+| **Arbitrum Mainnet** | `0x8ef2ec3ef9535d4b4349bfec7d8b31a580e60244` |
+| **Arbitrum Sepolia** | `0x2956f0cb779904795a5f30d3b3ea88b714c3123f` |
 
 ::: tip
 
diff --git a/src/get-started/tooling-and-explorers/subgraph-explorer.md b/src/get-started/tooling-and-explorers/subgraph-explorer.md
index c58e7b75..fc25ec5d 100644
--- a/src/get-started/tooling-and-explorers/subgraph-explorer.md
+++ b/src/get-started/tooling-and-explorers/subgraph-explorer.md
@@ -2,8 +2,7 @@
 title: The Graph Explorer
 description:
   Explore and query blockchain data using The Graph's decentralized indexing
-  protocol. Access iExec subgraphs on Arbitrum, Arbitrum Sepolia, and Bellecour
-  networks.
+  protocol. Access iExec subgraphs on Arbitrum and Arbitrum Sepolia networks.
 ---
 
 # The Graph Explorer
@@ -93,28 +92,6 @@ protocol.
   button-rel="noreferrer"
 />
 
-<ProjectCard
-  title="iExec PoCo - Bellecour"
-  description="Indexes Proof of Contribution (PoCo) data on Bellecour mainnet, including apps, deals, tasks and workerpools"
-  :icon-image="iexecLogoIcon"
-  status="available"
-  status-label="Live"
-  button-label="Explore Subgraph"
-  button-href="https://thegraph.bellecour.iex.ec/subgraphs/name/bellecour/poco-v5/graphql?query=query+MyQuery+%7B%0A++apps+%7B%0A++++name%0A++++id%0A++++owner+%7B%0A++++++id%0A++++%7D%0A++%7D%0A%7D"
-  button-rel="noreferrer"
-/>
-
-<ProjectCard
-  title="iExec DataProtector - Bellecour"
-  description="Comprehensive indexing service for iExec DataProtector on Bellecour, tracking protected data assets, their schemas and owner"
-  :icon-image="iexecLogoIcon"
-  status="available"
-  status-label="Live"
-  button-label="Explore Subgraph"
-  button-href="https://thegraph.iex.ec/subgraphs/name/bellecour/dataProtector-v2/graphql?query=query+MyQuery+%7B%0A++protectedDatas+%7B%0A++++id%0A++++name%0A++++owner+%7B%0A++++++id%0A++++%7D%0A++%7D%0A%7D"
-  button-rel="noreferrer"
-/>
-
 </CardGrid>
 
 ## GraphQL Explorer Interface
@@ -218,6 +195,5 @@ import ProjectCard from '@/components/ProjectCard.vue';
 import theGraphLogoImage from '@/assets/tooling-&-explorers/the-graph/image-logo.jpg';
 import theGraphProtocolImage from '@/assets/tooling-&-explorers/the-graph/protocol-view.jpg';
 import arbitrumIcon from '@/assets/icons/arbitrum.svg';
-import iexecLogoIcon from '@/assets/icons/iexec-logo.png';
 import graphqlExplorerImage from '@/assets/tooling-&-explorers/the-graph/graphql-explorer.png';
 </script>
diff --git a/src/get-started/use-cases.md b/src/get-started/use-cases.md
index 55131653..8975cf1f 100644
--- a/src/get-started/use-cases.md
+++ b/src/get-started/use-cases.md
@@ -50,7 +50,7 @@ AI framework, you can:
 
 <UseCaseCard
     title="AI Agent"
-    description="Execute ElizaOS AI agents with full confidentiality in iExec TDX Trusted Execution Environments (TEEs)"
+    description="Execute ElizaOS AI agents with full confidentiality in iExec [TDX](/protocol/tee/intel-tdx) Trusted Execution Environments (TEEs)"
     :imageUrl="elizaosImage"
     imageAlt="AI Applications Demo Screenshot"
     :features="['AI Agents', 'TDX TEE', 'Confidential Computing']"
diff --git a/src/guides/build-iapp/advanced/access-confidential-assets.md b/src/guides/build-iapp/advanced/access-confidential-assets.md
index e713ecf5..cfdf9a01 100644
--- a/src/guides/build-iapp/advanced/access-confidential-assets.md
+++ b/src/guides/build-iapp/advanced/access-confidential-assets.md
@@ -10,18 +10,18 @@ description:
 ::: warning
 
 Before going any further, make sure you managed to
-[Build your first iApp with Scone framework](build-your-first-sgx-iapp.md).
+[Build your first TDX iApp](build-your-first-tdx-iapp.md).
 
 :::
 
 ## Secret Management Service (SMS)
 
 You can use confidential assets on iExec thanks to the _iExec Secret Management
-Service_. This service verifies that the enclave asking for secrets is
+Service_. This service verifies that the Trust Domain requesting secrets is
 authorized to do so. Any user - as a confidential asset provider - declares on
-the blockchain which enclaves are authorized to access it. For each task, the
-SMS will query the blockchain to determine if the enclave requesting secrets is
-indeed whitelisted for it.
+the blockchain which Trust Domains are authorized to access it. For each task,
+the SMS will query the blockchain to determine if the Trust Domain requesting
+secrets is indeed whitelisted for it.
 
 The SMS currently supports 3 types of secrets:
 
diff --git a/src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md
deleted file mode 100644
index 9c043053..00000000
--- a/src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md
+++ /dev/null
@@ -1,578 +0,0 @@
----
-title: Build Your First Application with Scone Framework
-description:
-  Learn how to build and run Confidential Computing apps with the Scone TEE
-  framework for secure, privacy-preserving computation
----
-
-# Build your first app with Scone framework
-
-In this tutorial, you will learn how to build and run a Confidential Computing
-app with the Scone TEE framework.
-
-::: tip Prerequisites:
-
-- [Docker](https://docs.docker.com/install/) 17.05 or higher on the daemon and
-  client.
-- [iExec SDK](https://www.npmjs.com/package/iexec) 8.0.0 or higher.
-- Familiarity with the basic concepts of [Intel® SGX](/protocol/tee/intel-sgx)
-  and [SCONE](https://scontain.com) framework.
-
-:::
-
-In order to follow this tutorial, you will need to register a
-[free SCONE Account](https://scontain.com) to access SCONE build tools and
-curated images from the [SCONE registry](https://gitlab.scontain.com/).
-
-Once your account is activated, you need to
-[request access to the SCONE build tools for iExec](mailto:info@scontain.com?cc=scone-access@iex.ec&subject=iExec%20Build%20Tools&body=Hi%20SCONE%20Team%2C%0D%0A%0D%0AI%20would%20like%20to%20get%20access%20to%20the%20SCONE%20build%20tools%20for%20iExec:%0A%20-%20scone-production/iexec-sconify-image%0A%20-%20sconecuratedimages%20%28all%20curated%20images%20such%20as%20nodejs%2C%20python...%29%0A%0AMy%20DockerID%20is%20...%0A%0ABest%20regards%0A%0A...).
-
-```bash
-# when your account is ready, run `docker login` to connect the SCONE registry
-docker login registry.scontain.com
-```
-
-## Prepare your app
-
-Before going further, your `<docker-hub-user>/hello-world:1.0.0` image built
-previously is required.
-
-For this tutorial, create a new directory tree. Execute the following commands
-in `~/iexec-projects/`:
-
-```bash
-cd ~/iexec-projects
-mkdir tee-hello-world-app && cd tee-hello-world-app
-iexec init --skip-wallet
-mkdir src
-touch Dockerfile
-touch sconify.sh
-chmod +x sconify.sh
-```
-
-### Write the iApp logic
-
-Develop your code logic like the content below.The following examples only
-feature Javascript and Python use cases for simplicity concerns but remember
-that you can run on iExec anything which is Dockerizable.
-
-**Copy the following content** in `src/` .
-
-::: code-group
-
-```javascript [src/app.js]
-const fsPromises = require('fs').promises;
-
-(async () => {
-  try {
-    const iexecOut = process.env.IEXEC_OUT;
-    // Do whatever you want (let's write hello world here)
-    const message = process.argv.length > 2 ? process.argv[2] : 'World';
-
-    const text = `Hello, ${message}!`;
-    console.log(text);
-    // Append some results in /iexec_out/
-    await fsPromises.writeFile(`${iexecOut}/result.txt`, text);
-    // Declare everything is computed
-    const computedJsonObj = {
-      'deterministic-output-path': `${iexecOut}/result.txt`,
-    };
-    await fsPromises.writeFile(
-      `${iexecOut}/computed.json`,
-      JSON.stringify(computedJsonObj)
-    );
-  } catch (e) {
-    console.log(e);
-    process.exit(1);
-  }
-})();
-```
-
-```python [src/app.py]
-import os
-import sys
-import json
-
-iexec_out = os.environ['IEXEC_OUT']
-
-# Do whatever you want (let's write hello world here)
-text = 'Hello, {}!'.format(sys.argv[1] if len(sys.argv) > 1 else "World")
-print(text)
-
-# Append some results in /iexec_out/
-with open(iexec_out + '/result.txt', 'w+') as fout:
-    fout.write(text)
-
-# Declare everything is computed
-with open(iexec_out + '/computed.json', 'w+') as f:
-    json.dump({ "deterministic-output-path" : iexec_out + '/result.txt' }, f)
-```
-
-:::
-
-::: warning
-
-As a developer, make it a rule to never log sensitive information in your
-application. Execution logs are accessible by:
-
-- worker(s) involved in the task
-- the workerpool manager
-- the requester of the task
-
-:::
-
-### Dockerize your iApp
-
-**Copy the following content** in `Dockerfile` .
-
-::: code-group
-
-```bash [Dockerfile for JavaScript]
-FROM node:22-alpine3.21
-### install your dependencies if you have some
-RUN mkdir /app && cd /app
-COPY ./src /app
-ENTRYPOINT [ "node", "/app/app.js"]
-```
-
-```bash [Dockerfile for Python]
-FROM python:3.13.3-alpine3.21
-### install python dependencies if you have some
-COPY ./src /app
-ENTRYPOINT ["python3", "/app/app.py"]
-```
-
-:::
-
-Build the docker image.
-
-::: warning
-
-iExec expects your Docker container to be built for the `linux/amd64` platform.
-However, if you develop on a **Mac** with Apple **M processor**, the platform is
-`linux/arm64`, which is different. To prepare your application, you will need to
-install `buildkit` and then prepare your docker image for both platforms.
-
-```bash
-brew install buildkit
-# ARM64 variant for local testing only
-docker buildx build --platform linux/arm64 --tag <docker-hub-user>/hello-world .
-# AMD64 variant to deploy on iExec
-docker buildx build --platform linux/amd64 --tag <docker-hub-user>/hello-world .
-```
-
-:::
-
-```bash
-docker build --tag hello-world .
-```
-
-::: tip
-
-`docker build` produce an image id, using `--tag <name>` option is a convenient
-way to name the image to reuse it in the next steps.
-
-:::
-
-**Congratulations you built your first docker image for iExec!**
-
-## Test your iApp locally
-
-### Basic test
-
-Create local volumes to simulate input and output directories.
-
-```bash
-mkdir -p ./tmp/iexec_in
-mkdir -p ./tmp/iexec_out
-```
-
-Run your application locally \(container volumes bound with local volumes\).
-
-```bash
-docker run --rm \
-    -v ./tmp/iexec_in:/iexec_in \
-    -v ./tmp/iexec_out:/iexec_out \
-    -e IEXEC_IN=/iexec_in \
-    -e IEXEC_OUT=/iexec_out \
-    hello-world arg1 arg2 arg3
-```
-
-::: tip Docker run \[options\] image \[args\]
-
-**docker run usage:**
-
-`docker run [OPTIONS] IMAGE [COMMAND] [ARGS...]`
-
-Use `[COMMAND]` and `[ARGS...]` to simulate the requester arguments
-
-**useful options for iExec:**
-
-`-v` : Bind mount a volume. Use it to bind input and output directories
-(`/iexec_in` and `/iexec_out`)
-
-`-e`: Set environnement variable. Use it to simulate iExec Runtime variables
-
-:::
-
-### Test with input files
-
-Starting with the basic test you can simulate input files.
-
-For each input file:
-
-- Copy it in the local volume bound to `/iexec_in` .
-- Add `-e IEXEC_INPUT_FILE_NAME_x=NAME` to docker run options \(`x` is the index
-  of the file starting by 1 and `NAME` is the name of the file\)
-
-Add `-e IEXEC_INPUT_FILES_NUMBER=n` to docker run options \(`n` is the total
-number of input files\).
-
-Example with two inputs files:
-
-```bash
-touch ./tmp/iexec_in/file1 && \
-touch ./tmp/iexec_in/file2 && \
-docker run \
-    -v ./tmp/iexec_in:/iexec_in \
-    -v ./tmp/iexec_out:/iexec_out \
-    -e IEXEC_IN=/iexec_in \
-    -e IEXEC_OUT=/iexec_out \
-    -e IEXEC_INPUT_FILE_NAME_1=file1 \
-    -e IEXEC_INPUT_FILE_NAME_2=file2 \
-    -e IEXEC_INPUT_FILES_NUMBER=2 \
-    hello-world \
-    arg1 arg2 arg3
-```
-
-## Build the TEE docker image
-
-Before wrapping your iExec confidential app with Scone, you need to generate a
-custom signing key. The sconification process uses this key.
-
-Generate your enclave signing key with:
-
-```bash
-openssl genrsa -3 -out enclave-key.pem 3072
-```
-
-This will create an `enclave-key.pem` file in your current directory. You will
-use this file in the sconify Docker command to sign your TEE image.
-
-Use the following script to wrap the sconification process, copy the
-`sconify.sh` script in the current directory:
-
-::: code-group
-
-```bash [Javascript]
-#!/bin/bash
-
-# Declare image related variables
-IMG_FROM=<docker-hub-user>/hello-world
-IMG_TO=<docker-hub-user>/tee-scone-hello-world:1.0.0
-
-# Run the sconifier to build the TEE image based on the non-TEE image
-docker run -it --rm \
-            -v $PWD/enclave-key.pem:/sig/enclave-key.pem \
-            -v /var/run/docker.sock:/var/run/docker.sock \
-            registry.scontain.com/scone-production/iexec-sconify-image:5.9.2-v16 \
-            sconify_iexec \
-            --scone-signer=/sig/enclave-key.pem \
-            --from=${IMG_FROM} \
-            --to=${IMG_TO} \
-            --binary-fs \
-            --fs-dir=/app \
-            --host-path=/etc/hosts \
-            --host-path=/etc/resolv.conf \
-            --binary=/usr/local/bin/node \
-            --heap=1G \
-            --dlopen=1 \
-            --verbose \
-            && echo -e "\n------------------\n" \
-            && echo "successfully built TEE docker image => ${IMG_TO}" \
-            && echo "application mrenclave.fingerprint is $(docker run --rm -e SCONE_HASH=1 ${IMG_TO})"
-```
-
-```bash [Python]
-#!/bin/bash
-
-# Declare image related variables
-IMG_FROM=<docker-hub-user>/hello-world
-IMG_TO=<docker-hub-user>/tee-scone-hello-world:1.0.0
-
-# Run the sconifier to build the TEE image based on the non-TEE image
-docker run -it --rm \
-            -v $PWD/enclave-key.pem:/sig/enclave-key.pem \
-            -v /var/run/docker.sock:/var/run/docker.sock \
-            registry.scontain.com/scone-production/iexec-sconify-image:5.9.2-v16 \
-            sconify_iexec \
-            --from=${IMG_FROM} \
-            --to=${IMG_TO} \
-            --binary-fs \
-            --fs-dir=/app \
-            --host-path=/etc/hosts \
-            --host-path=/etc/resolv.conf \
-            --binary=/usr/local/bin/python3 \
-            --heap=1G \
-            --dlopen=1 \
-            --verbose \
-            && echo -e "\n------------------\n" \
-            && echo "successfully built TEE docker image => ${IMG_TO}" \
-            && echo "application mrenclave.fingerprint is $(docker run --rm -e SCONE_HASH=1 ${IMG_TO})"
-```
-
-:::
-
-Run the `sconify.sh` script to build the Scone TEE app:
-
-```bash
-./sconify.sh
-```
-
-Push your image on DockerHub:
-
-```bash
-docker login
-docker push <docker-hub-user>/tee-scone-hello-world:1.0.0
-```
-
-Congratulations, you just built your Scone TEE app.
-
-## Test your iApp on iExec
-
-At this stage, your app is ready to be tested on iExec. The process is similar
-to testing any type of app on the platform, with these minor exceptions:
-
-### Deploy the TEE iApp on iExec
-
-TEE apps require some additional information to be filled in during deployment.
-
-```bash
-# prepare the TEE app template
-iexec app init --tee
-```
-
-Edit `iexec.json` and fill in the standard keys and the `mrenclave` object:
-
-```json
-{
-  ...
-  "app": {
-    "owner": "<your-wallet-address>", // starts with 0x
-    "name": "tee-scone-hello-world", // app name
-    "type": "DOCKER",
-    "multiaddr": "docker.io/<docker-hub-user>/tee-scone-hello-world:1.0.0", // app image
-    "checksum": "<checksum>", // starts with 0x, update it with your own image digest
-    "mrenclave": {
-      "framework": "SCONE", // TEE framework (keep default value)
-      "version": "v5.9", // Scone version (keep default value)
-      "entrypoint": "node --disable-wasm-trap-handler /app/app.js" OR "python3 /app/app.py", // update it with your own image entrypoint
-      "heapSize": 1073741824, // heap size in bytes, update it with --heap option value used in sconify.sh script during TEE image build
-      "fingerprint": "<mrenclave>" // fingerprint of the enclave code (mrenclave), without 0x prefix, see how to retrieve it below
-    }
-  },
-  ...
-}
-```
-
-::: info
-
-Run your TEE image with `SCONE_HASH=1` to get the enclave fingerprint
-(mrenclave):
-
-```bash
-docker run --rm -e SCONE_HASH=1 <docker-hub-user>/tee-scone-hello-world:1.0.0
-```
-
-:::
-
-Deploy the iApp with the standard command:
-
-```bash twoslash
-iexec app deploy --chain {{chainName}}
-```
-
-You can check your deployed apps with their index, let's check your last
-deployed app:
-
-```bash twoslash
-iexec app show --chain {{chainName}}
-```
-
-## Run the iApp
-
-iExec allows you to run applications on a decentralized infrastructure with
-payment in **RLC** tokens.
-
-::: info
-
-To run an application you must have enough RLC staked on your iExec account to
-pay for the computing resources.
-
-Your iExec account is managed by smart contracts \(and not owned by iExec\).
-
-When you request an execution the price for the task is locked from your
-account's stake then transferred to accounts of the workers contributing to the
-task \(read more about [Proof of Contribution](/protocol/proof-of-contribution)
-protocol\).
-
-At any time you can:
-
-- view your balance
-
-```bash twoslash
-iexec account show --chain {{chainName}}
-```
-
-- deposit RLC from your wallet to your iExec Account
-
-```bash twoslash
-iexec account deposit --chain {{chainName}} <amount>
-```
-
-- withdraw RLC from your iExec account to your wallet \(only stake can be
-  withdrawn\)
-
-```bash twoslash
-iexec account withdraw --chain {{chainName}} <amount>
-```
-
-:::
-
-One last thing, in order to run a **TEE** iApp you will also need to select a
-workerpool, use the iexec workerpool `{{workerpoolAddress}}`.
-
-You are now ready to run the iApp
-
-```bash twoslash
-iexec app run --chain {{chainName}} --tag tee,scone --workerpool {{workerpoolAddress}} --watch
-```
-
-The execution of tasks on the iExec network is asynchronous by design.
-
-```mermaid
-graph TD
-    Requester["Requester (or anyone)"] --> |"1 . Match compatible orders \n(request, application, dataset & workerpool orders) \n & Wait result" | Blockchain
-    Blockchain --> |2 . Notify new deal with tasks to compute| Scheduler
-    Worker --> |3 . Request new task to compute| Scheduler
-    Worker --> |4 . Run application| Application[Application image]
-    Worker --> |5.a. Push result| ResultStorage["Result Storage"]
-    Worker --> |5.b. Commit result proof| Blockchain
-    Workerpool --> |6 . Publish result link or callback| Blockchain
-
-    subgraph Workerpool
-        Scheduler
-        Worker
-        Application
-    end
-```
-
-Guaranties about completion times (fast/slow) are available in the
-[category section](/protocol/pay-per-task):
-
-- maximum deal/task time
-- maximum computing time
-
-Once the task is completed copy the taskid from `iexec app run` output \(taskid
-is a 32Bytes hexadecimal string\).
-
-Download the result of your task
-
-```bash twoslash
-iexec task show --chain {{chainName}} <taskid> --download my-result
-```
-
-You can get your taskid with the command:
-
-```bash twoslash
-iexec deal show --chain {{chainName}} <dealid>
-```
-
-::: info
-
-A task result is a zip file containing the output files of the application.
-
-:::
-
-[iexechub/python-hello-world](https://hub.docker.com/repository/docker/iexechub/python-hello-world)
-produce an text file in `result.txt`.
-
-Let's discover the result of the computation.
-
-```bash
-unzip my-result.zip -d my-result
-cat my-result/result.txt
-```
-
-Congratulations! You successfully executed your application on iExec!
-
-## Publish your app on the iExec Marketplace
-
-Your application is deployed on iExec and you completed an execution on iExec.
-For now, only you can request an execution of your application. The next step is
-to publish it on the iExec Marketplace, making it available for anyone to use.
-
-As the owner of this application, you can define the conditions under which it
-can be used
-
-::: info
-
-iExec uses orders signed by the resource owner's wallet to ensure resources
-governance.
-
-The conditions to use an app are defined in the **apporder**.
-
-:::
-
-Publish a new apporder for your application.
-
-```bash twoslash
-iexec app publish --chain {{chainName}}
-```
-
-::: info
-
-`iexec app publish` command allows to define custom access rules to the app
-\(run `iexec app publish --help` to discover all the possibilities\).
-
-You will learn more about orders management later, keep the apporder default
-values for now.
-
-:::
-
-Your application is now available for everyone on iExec marketplace on the
-conditions defined in apporder.
-
-You can check the published apporders for your app
-
-```bash twoslash
-iexec orderbook app --chain {{chainName}} <your app address>
-```
-
-Congratulation you just created a decentralized application! Anyone can now
-trigger an execution of your application on the iExec decentralized
-infrastructure.
-
-## Next step?
-
-In this tutorial, you learned how to leverage your app with the power of Trusted
-Execution Environments using iExec. But according to your use case, you may need
-to use some confidential data to get the full potential of the **Confidential
-Computing** paradigm. Check out next chapters to see how:
-
-- [Access confidential assets from your iApp](access-confidential-assets.md)
-- [Protect the result](/guides/build-iapp/advanced/protect-the-result.md)
-
-<script setup>
-import { computed } from 'vue';
-import useUserStore  from '@/stores/useUser.store';
-import {getChainById} from '@/utils/chain.utils';
-
-// Get current chain info
-const userStore = useUserStore();
-const selectedChain = computed(() => userStore.getCurrentChainId());
-
-const chainData = computed(() => getChainById(selectedChain.value));
-const chainName = computed(() => chainData.value.chainName);
-const workerpoolAddress = computed(() => chainData.value.workerpoolAddress);
-</script>
diff --git a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
index 9e0315e3..c5615c04 100644
--- a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
@@ -1,26 +1,16 @@
 ---
-title: Build Intel TDX iApp (Experimental)
+title: Build Intel TDX iApp
 description:
   Learn how to build and run Confidential Computing applications with Intel TDX
   technology using both traditional deployment and the iApp Generator
 ---
 
-# Build Intel TDX iApp <ChainNotSupportedBadge/>
+# Build Intel TDX iApp
 
 In this tutorial, you will learn how to build and run a Confidential Computing
 application with Intel TDX technology using both traditional deployment and the
 iApp Generator.
 
-::: info **Experimental Feature**
-
-TDX support is currently in experimental phase:
-
-- Stability and confidentiality features are still being tested and refined.
-- Features may evolve based on user feedback, please share your experience on
-  [Discord](https://discord.com/invite/5TewNUnJHN).
-
-:::
-
 Before implementing TDX, make sure you understand the foundational concepts and
 differences between TEE technologies. Check out our
 **[Intel TDX Technology](/protocol/tee/intel-tdx)** guide for comprehensive
@@ -46,13 +36,12 @@ This tutorial covers two methods for building TDX applications:
 
 Thanks to **Intel TDX**, neither the source code or the binaries of your
 application need to be changed in order to run securely in a TEE. Only two files
-need to be changed compared to the usual SGX workflow: `chain.json` and
-`iexec.json`.
+need to be configured: `chain.json` and `iexec.json`.
 
 iApp using Intel TDX technology follow the same format as non-TEE applications;
 follow the instructions on
-[Build your first application](/guides/build-iapp/advanced/build-your-first-sgx-iapp)
-to create and Dockerize your iApp.
+[Build and deploy your first iApp](/guides/build-iapp/deploy-&-run) to create
+and Dockerize your iApp.
 
 After this step, the Docker image of your iApp should be published on Docker Hub
 (e.g. `<docker-hub-user>/hello-world:1.0.0`).
@@ -61,17 +50,32 @@ After this step, the Docker image of your iApp should be published on Docker Hub
 
 Modify your `chain.json` as follows to reference the TDX Workerpool:
 
-```json
+::: code-group
+
+```json [Arbitrum Sepolia (testnet)]
 {
-  "default": "bellecour",
+  "default": "arbitrum-sepolia-testnet",
   "chains": {
-    "bellecour": {
+    "arbitrum-sepolia-testnet": {
       "sms": { "tdx": "https://sms.labs.iex.ec" }
     }
   }
 }
 ```
 
+```json [Arbitrum Mainnet]
+{
+  "default": "arbitrum-mainnet",
+  "chains": {
+    "arbitrum-mainnet": {
+      "sms": { "tdx": "https://sms.arbitrum-mainnet.iex.ec" }
+    }
+  }
+}
+```
+
+:::
+
 ### Update `iexec.json`
 
 TEE applications need a few more keys in the `iexec.json` file; run this to add
@@ -88,7 +92,7 @@ Your `iexec.json` should now look like this example:
   ...
   "app": {
     "owner": "<your-wallet-address>", // starts with 0x
-    "name": "tee-scone-hello-world", // application name
+    "name": "tee-tdx-hello-world", // application name
     "type": "DOCKER",
     "multiaddr": "<docker-hub-user>/hello-world:1.0.0", // app image
     "checksum": "<checksum>", // starts with 0x, update it with your own image digest
@@ -116,12 +120,20 @@ iexec app deploy
 ```
 
 To execute the iApp in TDX, add `--tag tee,tdx` to the `iexec app run` and
-select the TDX workerpool (`tdx-labs.pools.iexec.eth`).
+select the TDX workerpool for your target network.
 
-```bash
-iexec app run --tag tee,tdx --workerpool tdx-labs.pools.iexec.eth --watch
+::: code-group
+
+```bash [Arbitrum Sepolia (testnet)]
+iexec app run --tag tee,tdx --workerpool 0x2956f0cb779904795a5f30d3b3ea88b714c3123f --watch
+```
+
+```bash [Arbitrum Mainnet]
+iexec app run --tag tee,tdx --workerpool 0x8ef2ec3ef9535d4b4349bfec7d8b31a580e60244 --watch
 ```
 
+:::
+
 ::: info
 
 Remember, you can access task and iApp logs by following the instructions on
@@ -187,7 +199,9 @@ iexec app show <app-address>
 ⚠️ **To use** the iExec DataProtector SDK with TDX support, you must configure
 the SDK with the right SMS endpoint.
 
-```jsx
+::: code-group
+
+```jsx [Arbitrum Sepolia (testnet)]
 const dataProtector = new IExecDataProtector(web3Provider, {
   iexecOptions: {
     smsURL: 'https://sms.labs.iex.ec',
@@ -195,17 +209,39 @@ const dataProtector = new IExecDataProtector(web3Provider, {
 });
 ```
 
-⚠️**You need** to change the default worker pool in your protected Data
-declaration
+```jsx [Arbitrum Mainnet]
+const dataProtector = new IExecDataProtector(web3Provider, {
+  iexecOptions: {
+    smsURL: 'https://sms.arbitrum-mainnet.iex.ec',
+  },
+});
+```
+
+:::
+
+⚠️**You need** to specify the TDX workerpool in your `processProtectedData`
+call.
+
+::: code-group
+
+```jsx [Arbitrum Sepolia (testnet)]
+await dataProtector.core.processProtectedData({
+  protectedData: protectedData.address,
+  workerpool: '0x2956f0cb779904795a5f30d3b3ea88b714c3123f',
+  app: '0x456def...',
+});
+```
 
-```jsx
+```jsx [Arbitrum Mainnet]
 await dataProtector.core.processProtectedData({
   protectedData: protectedData.address,
-  workerpool: 'tdx-labs.pools.iexec.eth',
+  workerpool: '0x8ef2ec3ef9535d4b4349bfec7d8b31a580e60244',
   app: '0x456def...',
 });
 ```
 
+:::
+
 ### Protected Data Compatibility
 
 :::warning Protected Data Requirements
@@ -275,22 +311,9 @@ EXPERIMENTAL_TDX_APP=true iapp run <app-address>
 
 - **[Intel TDX Technology](/protocol/tee/intel-tdx)** - Comprehensive guide to
   TDX technology and benefits
-- **[SGX vs TDX Comparison](/protocol/tee/sgx-vs-tdx)** - Understand the
-  differences between TEE technologies
 - **[Introduction to TEE Technologies](/protocol/tee/introduction)** -
   Foundation concepts of TEE technologies
 
-### **Production Considerations**
-
-**For production applications**:
-
-- **⚠️ TDX is experimental**: Consider using
-  **[Intel SGX Technology](/protocol/tee/intel-sgx)** for production
-- **[Create Your First SGX iApp](/guides/build-iapp/advanced/build-your-first-sgx-iapp)** -
-  Build production-ready SGX applications
-- **[Deploy & Run](/guides/build-iapp/deploy-&-run)** - Standard iApp deployment
-  guide
-
 ### **Related Resources**
 
 **Explore the iExec ecosystem**:
@@ -301,7 +324,3 @@ EXPERIMENTAL_TDX_APP=true iapp run <app-address>
   in TDX
 - **[Advanced iApp Building](/guides/build-iapp/advanced/quick-start)** -
   Advanced development techniques
-
-<script setup>
-import ChainNotSupportedBadge from '@/components/ChainNotSupportedBadge.vue'
-</script>
diff --git a/src/guides/build-iapp/advanced/protect-the-result.md b/src/guides/build-iapp/advanced/protect-the-result.md
index bc232ab1..fb713239 100644
--- a/src/guides/build-iapp/advanced/protect-the-result.md
+++ b/src/guides/build-iapp/advanced/protect-the-result.md
@@ -8,26 +8,17 @@ description:
 # Protect the result
 
 Previous tutorials showed how to build
-[Confidential Computing applications](/protocol/tee/intel-sgx) that run securely
-inside enclaves and combine them with confidential assets to get the most out of
-confidential computing advantages. This chapter pushes things further to protect
-the workflow in an end to end mode. That means the next step would be encrypting
-results.
-
-::: warning
-
-Before going any further, make sure you managed to
-[Build your first application with Scone framework](/guides/build-iapp/advanced/build-your-first-sgx-iapp.md).
-
-:::
+[Confidential Computing applications](/protocol/tee/intel-tdx) that run securely
+inside Trust Domains and combine them with confidential assets to get the most
+out of confidential computing advantages. This chapter pushes things further to
+protect the workflow in an end to end mode. That means the next step would be
+encrypting results.
 
 ::: tip Prerequisites:
 
 - [Docker](https://docs.docker.com/install/) 17.05 or higher on the daemon and
   client.
 - [iExec SDK](https://www.npmjs.com/package/iexec) 8.0.0 or higher.
-- Familiarity with the basic concepts of [Intel® SGX](/protocol/tee/intel-sgx)
-  and [SCONE](https://scontain.com) framework.
 
 :::
 
@@ -39,17 +30,17 @@ feature.
 :::
 
 Assuming your application is deployed (if not please check how to do it
-[with Scone](/guides/build-iapp/advanced/build-your-first-sgx-iapp.md#deploy-the-tee-app-on-iexec)),
+[with the TDX guide](/guides/build-iapp/advanced/build-your-first-tdx-iapp.md)),
 before triggering an execution you need to generate an RSA key-pair, then push
-the public key to the [Secret Management Service](/protocol/tee/intel-sgx). The
-latter, in turn, will provide it, at runtime, to the enclave running your
+the public key to the [Secret Management Service](/protocol/tee/intel-tdx). The
+latter, in turn, will provide it, at runtime, to the Trust Domain running your
 Confidential Computing application.
 
 To generate the key-pair, go to `~/iexec-projects` and use the following SDK
 command:
 
 Make sure your
-[`chain.json`](/guides/build-iapp/advanced/build-your-first-sgx-iapp.md#update-chain-json)
+[`chain.json`](/guides/build-iapp/advanced/build-your-first-tdx-iapp.md#update-chain-json)
 content is correct.
 
 ```bash
@@ -70,13 +61,13 @@ private key in the file `<0x-your-wallet-address>_key`.
 Now, push the public key to the SMS:
 
 ```bash twoslash
-iexec result push-encryption-key --tee-framework --chain {{chainName}} scone
+iexec result push-encryption-key --tee-framework --chain {{chainName}}
 ```
 
 And check it using:
 
 ```bash twoslash
-iexec result check-encryption-key --tee-framework --chain {{chainName}} scone
+iexec result check-encryption-key --tee-framework --chain {{chainName}}
 ```
 
 Now to see that in action, you'd need to trigger a task and specify yourself as
@@ -86,7 +77,7 @@ the beneficiary in the command:
 iexec app run <0x-your-app-address> \
     --chain {{chainName}}
     --workerpool {{workerpoolAddress}} \
-    --tag tee,scone \
+    --tag tee,tdx \
     --encrypt-result \
     --watch
 ```
diff --git a/src/guides/build-iapp/advanced/quick-start.md b/src/guides/build-iapp/advanced/quick-start.md
index becc20c3..8a2e295a 100644
--- a/src/guides/build-iapp/advanced/quick-start.md
+++ b/src/guides/build-iapp/advanced/quick-start.md
@@ -83,7 +83,7 @@ You are now familiar with the following key iExec concepts for developers:
 
 Continue with these guides:
 
-- [Learn how to build your first confidential application running on iExec](/guides/build-iapp/advanced/build-your-first-sgx-iapp.md)
+- [Learn how to build your first confidential application running on iExec](/guides/build-iapp/advanced/build-your-first-tdx-iapp.md)
 
 <script setup>
 import { computed } from 'vue';
diff --git a/src/guides/build-iapp/deploy-&-run.md b/src/guides/build-iapp/deploy-&-run.md
index e4909db6..7094bbe5 100644
--- a/src/guides/build-iapp/deploy-&-run.md
+++ b/src/guides/build-iapp/deploy-&-run.md
@@ -29,8 +29,6 @@ cover:
 - **Arbitrum Sepolia Testnet**: Get free RLC tokens from the
   [iExec RLC Faucet](https://explorer.iex.ec/arbitrum-sepolia-testnet/faucet)
   for testing purposes
-- **Bellecour**: Bridge RLC from Ethereum using the
-  [RLC Bridge](/get-started/tooling-and-explorers/bridge)
 
 ## Deploy your iApp
 
@@ -64,19 +62,6 @@ specify your app version, and push both standard and TEE-compatible images:
   />
 </template>
 
-<template v-else>
-  <CLIDemo
-    initialCommand="iapp deploy"
-    asciiText="Deploy"
-    :steps="bellecourSteps"
-    :completionStep="14"
-    :completionMessage="'Deployment of your iApp completed successfully:'"
-    :completionItems="bellecourCompletionItems"
-    :successMessage="'Run iapp run 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923 to execute your iApp on an iExec TEE worker'"
-    :autoRestart="true"
-  />
-</template>
-
 Now that your iApp has been deployed on the iExec protocol, you can navigate to
 the `cache` folder to see your deployments saved. A file named
 `deployments.json` in the folder corresponding to your target network will be
@@ -88,7 +73,7 @@ Here is an example:
 ```json
 [
   {
-    "sconifiedImage": "robiniexec/iapp:0.0.1-tee-scone-5.9.1-v16-5aea8b4aa71d",
+    "tdxImage": "robiniexec/iapp:0.0.1-tee-tdx-1.0.0",
     "appContractAddress": "0x9665136c599ec361C8eE627eC4F35A23fBa94897",
     "owner": "0xbabE8270aC9857Af3aaC06877888F1939FbeC578",
     "date": "2025-08-12T13:16:18.252Z"
@@ -137,19 +122,6 @@ for developers who have built their own iApp.
   />
 </template>
 
-<template v-else>
-  <CLIDemo
-    initialCommand="iapp run 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923"
-    asciiText="Execute"
-    :steps="bellecourRunSteps"
-    :completionStep="14"
-    :completionMessage="'iApp execution completed successfully:'"
-    :completionItems="bellecourRunCompletionItems"
-    :successMessage="'Your iApp has been executed successfully on an iExec TEE worker'"
-    :autoRestart="true"
-  />
-</template>
-
 Now that you have run your iApp on the iExec protocol, you can navigate to the
 `cache` folder to see your runs saved. A file named `runs.json` in the folder
 corresponding to your target network will be created containing each run made on
@@ -253,7 +225,7 @@ const arbitrumSteps = [
   },
   {
     showAt: 13,
-    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7 on dockerhub',
+    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-tdx-1.0.0 on dockerhub',
     answer: '',
     showTyping: false,
     isComplete: true
@@ -267,82 +239,8 @@ const arbitrumSteps = [
   }
 ];
 
-const bellecourSteps = [
-  {
-    showAt: 2,
-    question: 'Using chain bellecour',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 3,
-    question: 'Using saved walletPrivateKey (from iapp.config.json)',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 4,
-    completeAt: 6,
-    question: 'What is your username on DockerHub? (It will be used to properly tag the Docker image)',
-    answer: 'bob',
-    showTyping: true,
-    isComplete: false
-  },
-  {
-    showAt: 6,
-    completeAt: 8,
-    question: 'What is your DockerHub access token?',
-    answer: '**********************',
-    showTyping: true,
-    isComplete: false
-  },
-  {
-    showAt: 8,
-    completeAt: 10,
-    question: 'What is the version of your iApp?',
-    answer: '0.0.1',
-    showTyping: true,
-    isComplete: false
-  },
-  {
-    showAt: 10,
-    question: 'Docker image built (sha256:a53fc4c480f482c384a13266ea2cb6cc5572733c866c44a5f604f4bfab3a744a) and tagged bob/hello-world:0.0.1',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 11,
-    question: 'Pushed image bob/hello-world:0.0.1 on dockerhub',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 12,
-    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7 on dockerhub',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 13,
-    question: 'TEE app deployed',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  }
-];
-
 const arbitrumCompletionItems = [
-  '└ Docker image: bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7',
-  '└ iApp address: 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923'
-];
-
-const bellecourCompletionItems = [
-  '└ Docker image: bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7',
+  '└ Docker image: bob/hello-world:0.0.1-tee-tdx-1.0.0',
   '└ iApp address: 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923'
 ];
 
@@ -445,103 +343,12 @@ const arbitrumRunSteps = [
   }
 ];
 
-const bellecourRunSteps = [
-  {
-    showAt: 2,
-    question: 'Using chain bellecour',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 3,
-    question: 'Using saved walletPrivateKey (from iapp.config.json)',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 4,
-    question: 'Workerpool order fetched',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 5,
-    question: 'AppOrder created',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 6,
-    question: 'RequestOrder created',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 7,
-    question: 'Deal created successfully',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 8,
-    question: 'Task finalized',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 9,
-    completeAt: 11,
-    question:'Would you like to download the result ?',
-    answer: 'Yes',
-    options: [
-      { label: 'Yes', selected: true },
-      { label: 'no', selected: false }
-    ],
-    highlighted: false,
-    showTyping: false,
-    isComplete: false
-  },
-  {
-    showAt: 11,
-    question: 'Result downloaded to output',
-    answer: '',
-    showTyping: false,
-    isComplete: true
-  },
-  {
-    showAt: 12,
-    completeAt: 14,
-    question:'Would you like to see the result ?',
-    answer: 'Yes',
-    options: [
-      { label: 'Yes', selected: true },
-      { label: 'no', selected: false }
-    ],
-    highlighted: false,
-    showTyping: false,
-    isComplete: false
-  }
-];
-
 const arbitrumRunCompletionItems = [
   '└ Deal: 0x26d758de1be51697c33fa606cd0c5243082a6e675a4463b106d71fde2893280f',
   '└ Task: 0x1a58dd6018b30b022eb35be53ad9374eb630925458d14643a1dfd9c686b964d8',
   '└ Result: Downloaded to output directory'
 ];
 
-const bellecourRunCompletionItems = [
-  '└ Deal: 0x26d758de1be51697c33fa606cd0c5243082a6e675a4463b106d71fde2893280f',
-  '└ Task: 0x1a58dd6018b30b022eb35be53ad9374eb630925458d14643a1dfd9c686b964d8',
-  '└ Result: Downloaded to output directory'
-];
-
 const arbitrumSepoliaSteps = [
   {
     showAt: 2,
@@ -609,7 +416,7 @@ const arbitrumSepoliaSteps = [
   },
   {
     showAt: 13,
-    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7 on dockerhub',
+    question: 'Pushed TEE image bob/hello-world:0.0.1-tee-tdx-1.0.0 on dockerhub',
     answer: '',
     showTyping: false,
     isComplete: true
@@ -624,7 +431,7 @@ const arbitrumSepoliaSteps = [
 ];
 
 const arbitrumSepoliaCompletionItems = [
-  '└ Docker image: bob/hello-world:0.0.1-tee-scone-5.9.1-v16-ce3a01d9c5d7',
+  '└ Docker image: bob/hello-world:0.0.1-tee-tdx-1.0.0',
   '└ iApp address: 0x1f80DCebc2EAAff0Db7156413C43B7e88D189923'
 ];
 
diff --git a/src/guides/build-iapp/manage-access.md b/src/guides/build-iapp/manage-access.md
index 3400dc30..a58f252c 100644
--- a/src/guides/build-iapp/manage-access.md
+++ b/src/guides/build-iapp/manage-access.md
@@ -265,10 +265,10 @@ Here's the detailed description of each parameter:
 
 **Supported values:**
 
-| Value                                                                | Description          |
-| -------------------------------------------------------------------- | -------------------- |
-| `0x0000000000000000000000000000000000000000000000000000000000000000` | Standard execution   |
-| `0x0000000000000000000000000000000000000000000000000000000000000003` | TEE required (Scone) |
+| Value                                                                | Description                                   |
+| -------------------------------------------------------------------- | --------------------------------------------- |
+| `0x0000000000000000000000000000000000000000000000000000000000000000` | Standard execution                            |
+| `0x0000000000000000000000000000000000000000000000000000000000000009` | TEE required ([TDX](/protocol/tee/intel-tdx)) |
 
 ### Access restrictions
 
diff --git a/src/guides/manage-data/manage-access.md b/src/guides/manage-data/manage-access.md
index b8c48c07..d7f8e5c7 100644
--- a/src/guides/manage-data/manage-access.md
+++ b/src/guides/manage-data/manage-access.md
@@ -11,7 +11,8 @@ applications?**
 
 DataProtector lets you encrypt data and control access through orders -
 specifying who can use it, how many times, and at what price. Protected data is
-only accessible in secure enclaves (TEEs) by authorized users and iApp.
+only accessible in [TDX](/protocol/tee/intel-tdx) Trust Domains (TEEs) by
+authorized users and iApp.
 
 ## Prerequisites
 
@@ -126,7 +127,7 @@ you created it). **You must own this data** to grant access.
 **Type:** `AddressOrENS`
 
 **What it is**: The iApp address that's allowed to process your data inside the
-secure enclave.
+TDX Trust Domain.
 
 **Why needed**: This ensures only specific, audited applications can access your
 data. No random code can touch it.
diff --git a/src/modules/helloWorld/ProtectData.vue b/src/modules/helloWorld/ProtectData.vue
index d9f1e5f2..b100f8ea 100644
--- a/src/modules/helloWorld/ProtectData.vue
+++ b/src/modules/helloWorld/ProtectData.vue
@@ -5,7 +5,7 @@
     >
       Connect Your Wallet
       <a
-        :href="`https://chainlist.org/chain/${userStore.getCurrentChainId() || 134}`"
+        :href="`https://chainlist.org/chain/${userStore.getCurrentChainId() || 421614}`"
         target="_blank"
       >
         ({{ networkName }})
@@ -77,9 +77,7 @@
           {{
             userStore.getCurrentChainId() === 42161
               ? 'the Arbitrum explorer'
-              : userStore.getCurrentChainId() === 421614
-                ? 'the Arbitrum Sepolia explorer'
-                : 'the iExec explorer'
+              : 'the Arbitrum Sepolia explorer'
           }}
         </a>
       </p>
@@ -129,12 +127,8 @@ const protectError = ref(null);
 // Computed property for explorer URL based on selected chain
 const explorerUrl = computed(() => {
   const currentChainId = userStore.getCurrentChainId();
-  let networkPath = 'bellecour';
-  if (currentChainId === 42161) {
-    networkPath = 'arbitrum-mainnet';
-  } else if (currentChainId === 421614) {
-    networkPath = 'arbitrum-sepolia-testnet';
-  }
+  const networkPath =
+    currentChainId === 42161 ? 'arbitrum-mainnet' : 'arbitrum-sepolia-testnet';
   return `https://explorer.iex.ec/${networkPath}/dataset/${protectedDataAddress.value}`;
 });
 
diff --git a/src/protocol/ai.md b/src/protocol/ai.md
index 6a9f8a3e..7a5a506f 100644
--- a/src/protocol/ai.md
+++ b/src/protocol/ai.md
@@ -32,11 +32,11 @@ optimized configurations.
 Trusted Execution Environments (TEEs) protect your AI models and data
 end-to-end:
 
-- **Data Privacy**: TEEs isolate AI computations in secure enclaves
+- **Data Privacy**: TEEs isolate AI computations in secure Trust Domains
 - **Secure Training & Inference**: Unauthorized entities can never access your
   models and data
-- **Hardware-Level Security**: Intel SGX and TDX provide enterprise-grade
-  protection
+- **Hardware-Level Security**: Intel [TDX](/protocol/tee/intel-tdx) provides
+  enterprise-grade protection
 
 ### AI Monetization
 
@@ -59,25 +59,25 @@ Scale AI applications without centralized cloud dependencies:
 
 ### Overview
 
-| Framework        | TDX Support     | SGX Support     | Best For                      |
-| ---------------- | --------------- | --------------- | ----------------------------- |
-| **TensorFlow**   | ✅ Yes (3.01GB) | ❌ No           | Deep learning, production ML  |
-| **PyTorch**      | ✅ Yes (6.44GB) | ❌ No           | Research, computer vision     |
-| **Scikit-learn** | ✅ Yes (1.18GB) | ✅ Yes (1.01GB) | Traditional ML, data analysis |
-| **OpenVINO**     | ✅ Yes (1.82GB) | ❌ No           | Computer vision, inference    |
-| **NumPy**        | ✅ Yes (1.25GB) | ✅ Yes (1.08GB) | Scientific computing          |
-| **Matplotlib**   | ✅ Yes (1.25GB) | ✅ Yes (1.08GB) | Data visualization            |
+| Framework        | TDX Support     | Best For                      |
+| ---------------- | --------------- | ----------------------------- |
+| **TensorFlow**   | ✅ Yes (3.01GB) | Deep learning, production ML  |
+| **PyTorch**      | ✅ Yes (6.44GB) | Research, computer vision     |
+| **Scikit-learn** | ✅ Yes (1.18GB) | Traditional ML, data analysis |
+| **OpenVINO**     | ✅ Yes (1.82GB) | Computer vision, inference    |
+| **NumPy**        | ✅ Yes (1.25GB) | Scientific computing          |
+| **Matplotlib**   | ✅ Yes (1.25GB) | Data visualization            |
 
 ### Framework Details
 
-| Framework        | Version     | Description                                   | TDX Support | SGX Support         | Use Cases                              | Resources                                                                                                                                                                                                                           |
-| ---------------- | ----------- | --------------------------------------------- | ----------- | ------------------- | -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **TensorFlow**   | 2.19.0      | Google's ML framework for production AI       | ✅ 3.01GB   | ❌ Too large        | Deep learning, CV, NLP                 | [Docs](https://www.tensorflow.org/) • [Quickstart](https://www.tensorflow.org/tutorials/quickstart/beginner) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/tensorflow)                 |
-| **PyTorch**      | 2.7.0+cu126 | Facebook's research-focused DL framework      | ✅ 6.44GB   | ❌ Too large        | Research, DL, CV, NLP                  | [Docs](https://pytorch.org/docs/) • [Quickstart](https://docs.pytorch.org/tutorials/beginner/basics/quickstart_tutorial.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/pytorch)   |
-| **Scikit-learn** | 1.6.1       | Comprehensive ML library for Python           | ✅ 1.18GB   | ✅ 1.01GB           | Classification, regression, clustering | [Docs](https://scikit-learn.org/stable/) • [Examples](https://scikit-learn.org/stable/auto_examples/index.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/scikit)                  |
-| **OpenVINO**     | 2024.6.0    | Intel's high-performance AI inference toolkit | ✅ 1.82GB   | ❌ Execution issues | Computer vision, inference             | [Docs](https://docs.openvino.ai/) • [Tutorial](https://docs.openvino.ai/2023.3/notebooks/004-hello-detection-with-output.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/openvino) |
-| **NumPy**        | 2.0.2       | Fundamental package for scientific computing  | ✅ 1.25GB   | ✅ 1.08GB           | Scientific computing, data analysis    | [Docs](https://numpy.org/doc/) • [User Guide](https://numpy.org/doc/stable/user/index.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/numpy)                                       |
-| **Matplotlib**   | 3.9.4       | Comprehensive library for data visualization  | ✅ 1.25GB   | ✅ 1.08GB           | Data visualization, plotting           | [Docs](https://matplotlib.org/) • [Gallery](https://matplotlib.org/stable/gallery/index.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/matplotlib)                                |
+| Framework        | Version     | Description                                   | TDX Support | Use Cases                              | Resources                                                                                                                                                                                                                           |
+| ---------------- | ----------- | --------------------------------------------- | ----------- | -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| **TensorFlow**   | 2.19.0      | Google's ML framework for production AI       | ✅ 3.01GB   | Deep learning, CV, NLP                 | [Docs](https://www.tensorflow.org/) • [Quickstart](https://www.tensorflow.org/tutorials/quickstart/beginner) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/tensorflow)                 |
+| **PyTorch**      | 2.7.0+cu126 | Facebook's research-focused DL framework      | ✅ 6.44GB   | Research, DL, CV, NLP                  | [Docs](https://pytorch.org/docs/) • [Quickstart](https://docs.pytorch.org/tutorials/beginner/basics/quickstart_tutorial.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/pytorch)   |
+| **Scikit-learn** | 1.6.1       | Comprehensive ML library for Python           | ✅ 1.18GB   | Classification, regression, clustering | [Docs](https://scikit-learn.org/stable/) • [Examples](https://scikit-learn.org/stable/auto_examples/index.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/scikit)                  |
+| **OpenVINO**     | 2024.6.0    | Intel's high-performance AI inference toolkit | ✅ 1.82GB   | Computer vision, inference             | [Docs](https://docs.openvino.ai/) • [Tutorial](https://docs.openvino.ai/2023.3/notebooks/004-hello-detection-with-output.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/openvino) |
+| **NumPy**        | 2.0.2       | Fundamental package for scientific computing  | ✅ 1.25GB   | Scientific computing, data analysis    | [Docs](https://numpy.org/doc/) • [User Guide](https://numpy.org/doc/stable/user/index.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/numpy)                                       |
+| **Matplotlib**   | 3.9.4       | Comprehensive library for data visualization  | ✅ 1.25GB   | Data visualization, plotting           | [Docs](https://matplotlib.org/) • [Gallery](https://matplotlib.org/stable/gallery/index.html) • [Docker](https://github.com/iExecBlockchainComputing/ai-frameworks-hello-world/tree/main/matplotlib)                                |
 
 ## Getting Started with Docker Examples
 
@@ -122,44 +122,13 @@ docker run --rm hello-pytorch
 - **✅ TDX Ready**: All containers tested for Intel TDX compatibility
 - **✅ Easy Deployment**: Simple build and run commands
 
-## Technology Comparison
-
-### TDX vs SGX for AI
-
-| Feature               | Intel TDX                  | Intel SGX                          |
-| --------------------- | -------------------------- | ---------------------------------- |
-| **Memory Limit**      | Multi-GB+                  | ~1.95GB                            |
-| **Framework Support** | All major frameworks       | Limited (Scikit-learn, NumPy)      |
-| **Code Changes**      | Minimal ("lift and shift") | Significant modifications required |
-| **Production Ready**  | ✅ Yes                     | ⚠️ Limited                         |
-| **AI Workloads**      | ✅ Excellent               | ❌ Restricted                      |
-
-### Recommendations
-
-#### For Production AI Applications
-
-- **Use TDX** for TensorFlow, PyTorch, and OpenVINO
-- **Use SGX** for lightweight ML with Scikit-learn and NumPy
-
-#### For Development and Testing
-
-- **Start with SGX** for simple ML tasks
-- **Migrate to TDX** for complex AI workloads
-
-#### Important Considerations
-
-- **SGX Limitations**: Expect potential library incompatibilities and code
-  modifications
-- **TDX Advantages**: Minimal code changes required ("lift and shift" approach)
-
 ## Next Steps
 
 ### Learn TEE Technologies
 
-- **[Intel SGX Technology](/protocol/tee/intel-sgx)** - SGX limitations and
-  capabilities
 - **[Intel TDX Technology](/protocol/tee/intel-tdx)** - TDX advantages for AI
-- **[SGX vs TDX Comparison](/protocol/tee/sgx-vs-tdx)** - Detailed comparison
+- **[Introduction to TEE Technologies](/protocol/tee/introduction)** - TEE
+  foundations
 
 ### Build AI Applications
 
diff --git a/src/protocol/proof-of-contribution.md b/src/protocol/proof-of-contribution.md
index c11d77e2..899a833b 100644
--- a/src/protocol/proof-of-contribution.md
+++ b/src/protocol/proof-of-contribution.md
@@ -16,8 +16,8 @@ clear economic rules.
 
 PoCo provides three core guarantees:
 
-- **Confidentiality**: data and secrets are only processed inside secure
-  enclaves.
+- **Confidentiality**: data and secrets are only processed inside
+  [TDX](/protocol/tee/intel-tdx) Trust Domains.
 - **Governance and access control**: users decide who can access their data.
 - **Trusted payments and penalties**: contributors get paid automatically, and
   misbehavior is economically discouraged.
@@ -31,9 +31,9 @@ private way.
 
 PoCo uses this model to guarantee:
 
-- execution happens **inside a genuine enclave**
+- execution happens **inside a genuine Trust Domain**
 - secrets are handled **securely and privately**
-- results come from **verified enclaves**
+- results come from **verified Trust Domains**
 - payments and penalties are applied **automatically** on-chain.
 
 In short: PoCo allows building production-grade confidential compute workflows,
@@ -61,37 +61,37 @@ The workerpool selects an available worker with the required TEE capabilities.
 No replication is needed, trust comes from hardware attestation, not from
 multiple workers.
 
-3. ### The worker executes the app inside a secure enclave
+3. ### The worker executes the app inside a TDX Trust Domain
 
-The worker runs a confidential application inside its enclave:
+The worker runs a confidential application inside its Trust Domain:
 
 - the code is measured
 - the environment is verified
-- the enclave proves its authenticity through remote attestation
+- the Trust Domain proves its authenticity through remote attestation
 - PoCo verifies this attestation through the SMS
 
 This guarantees:
 
 - no one can inspect the data
 - the worker cannot tamper with the execution
-- results come from a genuine, verified enclave
+- results come from a genuine, verified Trust Domain
 
-4. ### Secrets are transferred securely (SMS → Enclave)
+4. ### Secrets are transferred securely (SMS → Trust Domain)
 
 If the task uses secrets (dataset decryption key, ...):
 
-- the Secret Management Service (SMS) enclave verifies the worker’s enclave
-- secrets are provisioned for the specific enclave only
-- secrets are only accessible and processed inside the TEE enclave.
+- the Secret Management Service (SMS) verifies the worker’s Trust Domain
+- secrets are provisioned for the specific Trust Domain only
+- secrets are only accessible and processed inside the TDX Trust Domain.
 
 This is fundamental for confidential and monetizable datasets.
 
-5. ### The enclave computes and produces the result
+5. ### The Trust Domain computes and produces the result
 
-At the end of execution, the enclave:
+At the end of execution, the Trust Domain:
 
 - makes the result available for the requester (on IPFS for example)
-- signs a challenge to prove that the execution happened inside an enclave
+- signs a challenge to prove that the execution happened inside a Trust Domain
 - sends the proof to the PoCo via the worker
 
 6. ### PoCo validates and finalizes the task on-chain
@@ -100,7 +100,7 @@ PoCo checks:
 
 - worker permission to push a result for the task (through an off-chain
   scheduler authorization)
-- enclave authenticity by validating the the enclave challenge signature
+- Trust Domain authenticity by validating the Trust Domain challenge signature
 
 If everything is valid the ask is finalized and funds are released according to
 the on-chain rules:
@@ -277,8 +277,6 @@ Tags are 32 bytes (256 bits) long array where each bit corresponds to a feature.
 | **Value**                                                                       | **Description** |
 | ------------------------------------------------------------------------------- | --------------- |
 | `0x0000000000000000000000000000000000000000000000000000000000000001` (`0b0001`) | TEE             |
-| `0x0000000000000000000000000000000000000000000000000000000000000003` (`0b0011`) | TEE Scone       |
-| `0x0000000000000000000000000000000000000000000000000000000000000005` (`0b0101`) | TEE Gramine     |
 | `0x0000000000000000000000000000000000000000000000000000000000000009` (`0b1001`) | TEE TDX         |
 
 For orders matching, the worker pool order must enable all bits that enable in
diff --git a/src/protocol/tee/intel-sgx.md b/src/protocol/tee/intel-sgx.md
deleted file mode 100644
index 84ba3f84..00000000
--- a/src/protocol/tee/intel-sgx.md
+++ /dev/null
@@ -1,147 +0,0 @@
----
-title: Intel SGX Technology
-description:
-  Learn about Intel Software Guard Extensions (SGX) - the first-generation TEE
-  technology
----
-
-# Intel SGX Technology
-
-**Intel® Software Guard Extensions (Intel® SGX)** is the first-generation TEE
-technology that enables **Trusted Computing** and **Confidential Computing**. On
-the iExec platform, SGX is the **production-ready, widely supported TEE
-technology** that powers secure, privacy-preserving applications in the
-decentralized cloud.
-
-## What is Intel SGX?
-
-[Intel® SGX](https://software.intel.com/en-us/sgx) creates a special secure zone
-in memory called an "enclave" - think of it as a vault that only the CPU can
-access. Neither the operating system nor any other software can see what's
-happening inside this protected area. Your code and data are completely private
-and secure.
-
-## SGX: The "app-level" security
-
-**Intel SGX** is like having a **small, specialized safe** inside your office
-for specific valuable items. It protects individual applications or parts of
-applications.
-
-### Key characteristics
-
-- **Scope**: Protects specific parts of your app
-- **Memory**: Limited secure memory (like a small safe)
-- **Code Changes**: Requires modifications to your app
-- **Use Case**: Perfect for focused, lightweight applications
-
-**Analogy**: SGX is like installing a small, specialized safe inside your office
-for specific valuable items.
-
-### Visual representation
-
-```mermaid
-graph TB
-    OS[Operating System<br/>Can see everything]
-    App[Regular App<br/>Visible & Vulnerable]
-    Enclave[🔒 SGX Enclave<br/>Protected]
-    Data[Sensitive Code & Data<br/>Encrypted]
-    OS --> App
-    App --> Enclave
-    Enclave --> Data
-    style Enclave fill:#ffffff,stroke:#0000ff,stroke-width:2px,color:#000000
-    style Data fill:#ffffff,stroke:#00ff00,stroke-width:2px,color:#000000
-```
-
-## SGX technology details
-
-### How SGX works
-
-1. **Enclave Creation**: SGX creates a secure memory region (enclave) that only
-   the CPU can access
-2. **Code Isolation**: Sensitive code runs inside the enclave, isolated from the
-   rest of the system
-3. **Memory Encryption**: All data in the enclave is automatically encrypted
-4. **Integrity Protection**: The enclave can prove it's running the correct,
-   unmodified code
-
-### SGX limitations
-
-With native Intel® SGX technology, the OS is not a part of the Trusted Computing
-Base (TCB), hence system calls and kernel services are not available from an
-Intel® SGX enclave. This can be limiting as the application will not be able to
-use file system and sockets directly from the code running inside the enclave.
-
-### iExec's SGX infrastructure
-
-iExec provides a complete SGX ecosystem that includes:
-
-- **🔐 Secret Management Service (SMS)**: Secure storage for encryption keys and
-  secrets
-- **🛡️ SGX Workers**: Computing nodes with SGX hardware support
-- **📋 Task Verification**: Proof of contribution system that verifies SGX
-  execution
-- **🔗 Blockchain Integration**: Decentralized coordination and payment
-- **📦 Scone Framework**: High-level development framework for SGX applications
-
-### Why iExec Uses Scone
-
-To build Confidential Computing (TEE) applications with SGX, iExec uses the
-high-level **Scone framework** instead of requiring developers to manipulate the
-Intel® SGX SDK directly.
-
-#### Scone framework benefits
-
-At a high-level, Scone protects the confidentiality and integrity of the data
-and the code without needing to modify or recompile the app. The
-[Scone](https://scontain.com/) framework resolves the limitations of native SGX
-and reduces the burden of porting the app to Intel® SGX.
-
-#### How Scone works
-
-More precisely, Scone provides a C standard library interface to container
-processes. System calls are executed outside of the enclave, but they are
-shielded by transparently encrypting/decrypting app data. Files stored outside
-of the enclave are therefore encrypted, and network communication is protected
-by Transport Layer Security (TLS).
-
-For a deeper understanding, you can have a look to the official
-[Scone documentation](https://sconedocs.github.io/).
-
-### iExec SGX workflow
-
-```mermaid
-graph TD
-    Dev[Developer]
-    Build[Build with Scone]
-    Deploy[Deploy to iExec]
-    Worker[SGX Worker Selected]
-    Enclave[SGX Enclave Created]
-    Execute[Secure Execution]
-    Proof[Proof of Contribution]
-    Result[Results]
-    Dev --> Build
-    Build --> Deploy
-    Deploy --> Worker
-    Worker --> Enclave
-    Enclave --> Execute
-    Execute --> Proof
-    Proof --> Result
-    style Enclave fill:#ffffff,stroke:#0000ff,stroke-width:2px,color:#000000
-    style Execute fill:#ffffff,stroke:#0000ff,stroke-width:2px,color:#000000
-```
-
-## What's next?
-
-**Learn about the next generation**:
-
-- **[Intel TDX Technology](/protocol/tee/intel-tdx)** - Next-generation VM-level
-  TEE technology
-- **[SGX vs TDX Comparison](/protocol/tee/sgx-vs-tdx)** - Detailed comparison of
-  both technologies
-
-**Ready to build with SGX?** Check out the practical guides:
-
-- **[Deploy & Run](/guides/build-iapp/deploy-&-run)** - Create your first SGX
-  app
-- **[Advanced SGX Development](/guides/build-iapp/advanced/build-your-first-sgx-iapp)** -
-  Deep dive into SGX development
diff --git a/src/protocol/tee/intel-tdx.md b/src/protocol/tee/intel-tdx.md
index 4ecd5058..7056bd9b 100644
--- a/src/protocol/tee/intel-tdx.md
+++ b/src/protocol/tee/intel-tdx.md
@@ -7,11 +7,10 @@ description:
 
 # Intel TDX Technology
 
-**Intel TDX (Trust Domain Extensions)** is Intel's next-generation confidential
-computing technology, representing the evolution from application-level to
-virtual machine-level protection. On the iExec platform, TDX is an
-**experimental technology** that offers advanced capabilities for
-memory-intensive workloads and legacy application migration.
+**Intel TDX (Trust Domain Extensions)** is Intel's confidential computing
+technology that provides VM-level protection. On the iExec platform, TDX is the
+**standard technology** for confidential computing, offering advanced
+capabilities for memory-intensive workloads and legacy application migration.
 
 ## What is Intel TDX?
 
@@ -64,32 +63,32 @@ graph TB
 
 ### How TDX works
 
-1. **Trust Domain Creation**: TDX creates secure virtual machines called "trust
-   domains"
+1. **Trust Domain Creation**: TDX creates secure virtual machines called "Trust
+   Domains"
 2. **VM-Level Isolation**: Entire virtual machines run in isolated, secure
    environments
-3. **Large Memory Support**: Significantly larger secure memory space compared
-   to SGX
+3. **Large Memory Support**: Multi-GB+ secure memory space for demanding
+   workloads
 4. **Legacy Compatibility**: Existing applications can run with minimal
    modifications
 
 ### TDX Advantages
 
-- **Larger Memory**: Multi-GB+ secure memory space vs limited SGX memory
+- **Large Memory**: Multi-GB+ secure memory space for memory-intensive workloads
 - **Easier Migration**: "Lift and shift" approach for existing applications
 - **Better Performance**: Optimized for complex, memory-intensive workloads
 - **VM-Level Security**: Protects entire virtual machines, not just applications
 
 ## TDX with iExec
 
-iExec is actively exploring TDX technology to expand the platform's capabilities
-and prepare for the future of confidential computing.
+iExec uses TDX as the standard technology for confidential computing on the
+platform.
 
 ### iExec's TDX Infrastructure
 
-iExec provides experimental TDX support through:
+iExec provides full TDX support through:
 
-- **🔬 Experimental Worker Pools**: Limited TDX-enabled workers for testing
+- **⚙️ TDX Worker Pools**: TDX-enabled workers for confidential execution
 - **📦 TDX Technology Support**: Integration with Intel TDX technology
 - **🔐 Secret Management Service**: SMS support for TDX applications
 - **📋 Task Verification**: Proof of contribution for TDX executions
@@ -128,21 +127,10 @@ graph TD
 
 ## What's Next?
 
-**Learn about the foundation**:
+**Ready to build with TDX?** Check out the practical guides:
 
-- **[Intel SGX Technology](/protocol/tee/intel-sgx)** - First-generation
-  application-level TEE technology
-- **[SGX vs TDX Comparison](/protocol/tee/sgx-vs-tdx)** - Detailed comparison of
-  both technologies
-
-**Ready to experiment with TDX?** Check out the practical guides:
-
-- **[Build Intel TDX iApp (Experimental)](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
+- **[Build Intel TDX iApp](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
   Build TDX applications with traditional deployment and iApp Generator
-- **[Build Your First TDX iApp](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
-  Build TDX applications
-
-**For production applications, use SGX**:
-
-- **[Deploy & Run](/guides/build-iapp/deploy-&-run)** - Create production-ready
-  SGX applications
+- **[Deploy & Run](/guides/build-iapp/deploy-&-run)** - Deploy and run your iApp
+- **[Introduction to TEE Technologies](/protocol/tee/introduction)** -
+  Understanding TEE foundations
diff --git a/src/protocol/tee/introduction.md b/src/protocol/tee/introduction.md
index f1a85275..80653314 100644
--- a/src/protocol/tee/introduction.md
+++ b/src/protocol/tee/introduction.md
@@ -67,7 +67,7 @@ graph TB
 graph TB
     OS2[Operating System<br/>Cannot see inside TEE]
     App2[Regular Application Parts]
-    TEE[🔒 TEE Enclave<br/>Protected]
+    TEE[🔒 TDX Trust Domain<br/>Protected]
     Data2[Sensitive Code & Data<br/>Encrypted]
     OS2 --> App2
     App2 --> TEE
@@ -88,38 +88,27 @@ graph TB
 4. **Integrity Verification**: The system can prove it's running the correct
    code
 
-## TEE Technology Evolution
+## TEE Technology on iExec
 
-TEE technologies have evolved to address different use cases:
-
-### First Generation: Application-Level Protection (Intel SGX)
-
-- **Focus**: Protecting specific parts of applications
-- **Memory**: Limited secure memory
-- **Use Cases**: Lightweight applications
-- **iExec Support**: ✅ Production-ready
-
-### Second Generation: Virtual Machine-Level Protection (Intel TDX)
+iExec uses Intel TDX (Trust Domain Extensions) as its TEE technology. TDX
+provides VM-level protection — entire virtual machines run inside secure,
+isolated Trust Domains:
 
 - **Focus**: Protecting entire virtual machines
-- **Memory**: Large secure memory space
-- **Use Cases**: Complex applications, AI workloads
-- **iExec Support**: 🔬 Experimental
+- **Memory**: Large secure memory space (multi-GB+)
+- **Use Cases**: Complex applications, AI workloads, legacy system migration
+- **iExec Support**: ✅ Production-ready
 
 ## What's Next?
 
-**Learn about specific TEE technologies**:
+**Learn about TDX**:
 
-- **[Intel SGX Technology](/protocol/tee/intel-sgx)** - First-generation
-  application-level TEE
-- **[Intel TDX Technology](/protocol/tee/intel-tdx)** - Next-generation VM-level
-  TEE
-- **[SGX vs TDX Comparison](/protocol/tee/sgx-vs-tdx)** - Side-by-side
-  technology comparison
+- **[Intel TDX Technology](/protocol/tee/intel-tdx)** - Deep dive into TDX
+  technology and its benefits
 
 **Ready to build with TEE?** Check out the practical guides:
 
-- **[Build Intel TDX iApp (Experimental)](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
+- **[Build Intel TDX iApp](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
   Build TDX applications with traditional deployment and iApp Generator
 - **[Deploy & Run](/guides/build-iapp/deploy-&-run)** - Create your first TEE
   application
diff --git a/src/protocol/tee/sgx-vs-tdx.md b/src/protocol/tee/sgx-vs-tdx.md
deleted file mode 100644
index ea140ce4..00000000
--- a/src/protocol/tee/sgx-vs-tdx.md
+++ /dev/null
@@ -1,85 +0,0 @@
----
-title: SGX vs TDX Comparison
-description:
-  Comprehensive comparison of Intel SGX and Intel TDX TEE technologies
----
-
-# SGX vs TDX: Technology Comparison
-
-**Intel SGX and Intel TDX are both TEE technologies, but they solve the security
-problem differently.** On the iExec platform, SGX is the **production-ready,
-widely-supported technology**, while TDX is the **experimental, next-generation
-technology** for advanced use cases.
-
-## Quick overview
-
-| Aspect                  | Intel SGX                       | Intel TDX                 |
-| ----------------------- | ------------------------------- | ------------------------- |
-| **Release Year**        | 2015                            | 2023                      |
-| **Protection Scope**    | Application level               | Trusted domain level      |
-| **Memory Size**         | Limited                         | Extensive (multi-GB+)     |
-| **Code Changes**        | ❌ Significant changes required | ✅ Minimal changes needed |
-| **iExec Status**        | ✅ Production ready             | 🔬 Experimental           |
-| **Worker Availability** | ✅ Widely supported             | ❌ Limited availability   |
-| **iExec Use Cases**     | Lightweight applications        | Complex workloads         |
-| **Platform Support**    | Full iExec ecosystem            | Experimental workerpools  |
-
-## Key differences
-
-### **Protection Scope**
-
-| Aspect               | [Intel SGX](/protocol/tee/intel-sgx)                         | [Intel TDX](/protocol/tee/intel-tdx)                           |
-| -------------------- | ------------------------------------------------------------ | -------------------------------------------------------------- |
-| **What it protects** | Individual applications or parts of applications             | Trusted domains (secure virtual machines)                      |
-| **Scope**            | Small, focused secure areas within larger applications       | Multiple trusted domains can run on a single TDX machine       |
-| **Analogy**          | Like installing a small, specialized safe inside your office | Like having multiple secure offices within one secure building |
-
-### **Memory and Performance**
-
-| Aspect                     | Intel SGX                                           | Intel TDX                                          |
-| -------------------------- | --------------------------------------------------- | -------------------------------------------------- |
-| **Memory**                 | Limited secure memory (typically 1-2GB)             | Large secure memory space (multi-GB+)              |
-| **Performance**            | Optimized for lightweight applications              | Optimized for complex, memory-intensive workloads  |
-| **Limitations/Advantages** | Memory constraints can limit application complexity | Can handle large datasets and complex applications |
-
-### **Development and Integration**
-
-| Aspect             | Intel SGX                                            | Intel TDX                                          |
-| ------------------ | ---------------------------------------------------- | -------------------------------------------------- |
-| **Code Changes**   | Requires significant modifications to applications   | Minimal changes needed - "lift and shift" approach |
-| **Integration**    | Higher complexity, more development work             | Lower complexity, easier migration                 |
-| **Frameworks**     | Uses Scone framework on iExec for easier development | Works with standard development practices          |
-| **Learning Curve** | Steeper learning curve for developers                | Familiar development experience                    |
-
-## When to Use Each Technology
-
-### Use SGX when
-
-- ✅ Building production applications
-- ✅ Need proven, stable technology
-- ✅ Working with lightweight applications
-- ✅ Require maximum worker availability
-- ✅ Need focused security for specific application parts
-
-### Use TDX when
-
-- 🔬 Experimenting with next-generation technology
-- 💾 Working with memory-intensive applications
-- 🔄 Running existing applications with minimal changes
-- 🚀 Running complex workloads with VM-level protection
-
-## What's Next?
-
-**Learn about specific TEE technologies**:
-
-- **[Intel SGX Technology](/protocol/tee/intel-sgx)** - First-generation
-  application-level TEE
-- **[Intel TDX Technology](/protocol/tee/intel-tdx)** - Next-generation VM-level
-  TEE
-
-**Ready to build with TEE?** Check out the practical guides:
-
-- **[Build Intel TDX iApp (Experimental)](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
-  Build TDX applications with traditional deployment and iApp Generator
-- **[Deploy & Run](/guides/build-iapp/deploy-&-run)** - Create your first TEE
-  application
diff --git a/src/protocol/worker/manage-access.md b/src/protocol/worker/manage-access.md
index ce4b59b6..964428a6 100644
--- a/src/protocol/worker/manage-access.md
+++ b/src/protocol/worker/manage-access.md
@@ -41,28 +41,27 @@ iexec order init --workerpool
 Edit the `workerpoolorder` part in `iexec.json` to set the conditions to use
 your workerpool:
 
-| key                 | description                                                                          |
-| ------------------- | ------------------------------------------------------------------------------------ |
-| `workerpool`        | workerpool address                                                                   |
-| `workerpoolprice`   | price to charge the requester for each execution of the app (in nano RLC)            |
-| `volume`            | number of authorized uses, each use decreases this number                            |
-| `tag`               | restrict usage to a specific runtime such as **Scone** or **Gramine** TEE frameworks |
-| `category`          | Order category, will define the deal `workClockTimeRef` and its deadlines            |
-| `trust`             | Trust level of the execution, impacts the number of replicates                       |
-| `apprestrict`       | restrict the workerpool usage to a specific app (1)                                  |
-| `datasetrestrict`   | restrict the workerpool usage to a specific dataset (1)                              |
-| `requesterrestrict` | restrict the workerpool usage to a specific requester (1)                            |
+| key                 | description                                                                                       |
+| ------------------- | ------------------------------------------------------------------------------------------------- |
+| `workerpool`        | workerpool address                                                                                |
+| `workerpoolprice`   | price to charge the requester for each execution of the app (in nano RLC)                         |
+| `volume`            | number of authorized uses, each use decreases this number                                         |
+| `tag`               | restrict usage to a specific runtime such as the **[TDX](/protocol/tee/intel-tdx)** TEE framework |
+| `category`          | Order category, will define the deal `workClockTimeRef` and its deadlines                         |
+| `trust`             | Trust level of the execution, impacts the number of replicates                                    |
+| `apprestrict`       | restrict the workerpool usage to a specific app (1)                                               |
+| `datasetrestrict`   | restrict the workerpool usage to a specific dataset (1)                                           |
+| `requesterrestrict` | restrict the workerpool usage to a specific requester (1)                                         |
 
 1. the restriction is disabled by default with
    0x0000000000000000000000000000000000000000.
 
 The supported tags for workerpool orders are:
 
-| Tag value                                                            | Description                                                                               |
-| -------------------------------------------------------------------- | ----------------------------------------------------------------------------------------- |
-| `0x0000000000000000000000000000000000000000000000000000000000000000` | Order for the execution of a standard task                                                |
-| `0x0000000000000000000000000000000000000000000000000000000000000003` | Order for the execution of a TEE task with Scone framework                                |
-| `0x0000000000000000000000000000000000000000000000000000000000000005` | Order for the execution of a TEE task with Gramine framework (reserved value, do not use) |
+| Tag value                                                            | Description                                    |
+| -------------------------------------------------------------------- | ---------------------------------------------- |
+| `0x0000000000000000000000000000000000000000000000000000000000000000` | Order for the execution of a standard task     |
+| `0x0000000000000000000000000000000000000000000000000000000000000009` | Order for the execution of a TEE task with TDX |
 
 ::: warning
 
@@ -70,10 +69,8 @@ The supported tags for workerpool orders are:
    Such an order could produce undesirable and unpredictable behaviors. The
    [iExec SDK](/references/sdk) implements all required preflight checks to
    avoid erroneous orders publishing.
-2. Currently, TEE workflow do not support tasks replication on several workers.
+2. Currently, TEE workflow does not support task replication on several workers.
    TEE workerpool orders must be published with `trust` value equal to `1`.
-3. TEE tasks with Gramine TEE framework are not supported yet. Do not publish
-   orders with both `tee` and `gramine` tag bits enabled.
 
 :::
 
diff --git a/src/references/dataProtector/advanced-configuration.md b/src/references/dataProtector/advanced-configuration.md
index 061199f5..1bb40184 100644
--- a/src/references/dataProtector/advanced-configuration.md
+++ b/src/references/dataProtector/advanced-configuration.md
@@ -117,12 +117,9 @@ const dataProtector = new IExecDataProtector(web3Provider, {
 
 ::: info
 
-🧪 While protected data are processed in **TEE** by **intel SGX** technology by
-default, `@iexec/dataprotector` can be configured to create and process
-protected data in the experimental **intel TDX** environment.
-
-TDX mode is enabled by setting connecting the TDX SMS and using the TDX
-workerpool.
+`@iexec/dataprotector` uses Intel [TDX](/protocol/tee/intel-tdx) to process
+protected data. Connect to the TDX SMS and use the TDX workerpool to configure
+the SDK:
 
 ```ts twoslash [Browser]
 declare global {
@@ -142,7 +139,4 @@ const dataProtector = new IExecDataProtector(web3Provider, {
 });
 ```
 
-⚠️ Keep in mind: TDX mode is experimental and can be subject to instabilities or
-discontinuity.
-
 :::
diff --git a/src/references/dataProtector/getting-started.md b/src/references/dataProtector/getting-started.md
index 233d77a0..509dd575 100644
--- a/src/references/dataProtector/getting-started.md
+++ b/src/references/dataProtector/getting-started.md
@@ -111,21 +111,6 @@ const dataProtectorCore = dataProtector.core;
 To add optional parameters, see
 [advanced configuration](/references/dataProtector/advanced-configuration).
 
-::: info
-
-🧪 While protected data are processed in **TEE** by **intel SGX** technology by
-default, `@iexec/dataprotector` can be configured to create and process
-protected data in the experimental **intel TDX** environment.
-
-For more details see:
-
-- [process TDX protected data](/references/dataProtector/methods/processProtectedData#workerpool)
-
-⚠️ Keep in mind: TDX mode is experimental and can be subject to instabilities or
-discontinuity.
-
-:::
-
 ## Sandbox
 
 <CardGrid>
diff --git a/src/references/dataProtector/methods/processProtectedData.md b/src/references/dataProtector/methods/processProtectedData.md
index baed0ec1..4b088ae8 100644
--- a/src/references/dataProtector/methods/processProtectedData.md
+++ b/src/references/dataProtector/methods/processProtectedData.md
@@ -307,14 +307,10 @@ confidential computations on the iExec platform.
 
 :::
 
-::: info TDX <ChainNotSupportedBadge/>
+::: info TDX
 
-🧪 While protected data are processed in **TEE** by **intel SGX** technology by
-default, `@iexec/dataprotector` can be configured to create and process
-protected data in the experimental **intel TDX** environment.
-
-TDX mode is enabled by setting connecting the **TDX SMS** and using the **TDX
-workerpool**.
+`@iexec/dataprotector` uses Intel [TDX](/protocol/tee/intel-tdx) to process
+protected data. Connect to the **TDX SMS** and use the **TDX workerpool**:
 
 ```ts twoslash [Browser]
 declare global {
@@ -337,13 +333,10 @@ const processProtectedDataResponse =
   await dataProtectorCore.processProtectedData({
     protectedData: '0x123abc...',
     app: '0x456def...',
-    workerpool: 'tdx-labs.pools.iexec.eth', // [!code focus]
+    workerpool: '0x2956f0cb779904795a5f30d3b3ea88b714c3123f', // [!code focus]
   });
 ```
 
-⚠️ Keep in mind: TDX mode is experimental and can be subject to instabilities or
-discontinuity.
-
 :::
 
 ```ts twoslash
diff --git a/src/references/dataProtector/methods/protectData.md b/src/references/dataProtector/methods/protectData.md
index 005131e4..d032efe0 100644
--- a/src/references/dataProtector/methods/protectData.md
+++ b/src/references/dataProtector/methods/protectData.md
@@ -58,12 +58,9 @@ const protectedData = await dataProtectorCore.protectData({
 
 ::: info
 
-🧪 While protected data are processed in **TEE** by **intel SGX** technology by
-default, `@iexec/dataprotector` can be configured to create and process
-protected data in the experimental **intel TDX** environment.
-
-TDX mode is enabled by setting connecting the **TDX SMS** and using the **TDX
-workerpool**.
+`@iexec/dataprotector` uses Intel [TDX](/protocol/tee/intel-tdx) to process
+protected data. Connect to the **TDX SMS** and use the **TDX workerpool** to
+configure the SDK:
 
 ```ts twoslash [Browser]
 declare global {
@@ -93,9 +90,6 @@ const protectedData = await dataProtectorCore.protectData({
 });
 ```
 
-⚠️ Keep in mind: TDX mode is experimental and can be subject to instabilities or
-discontinuity.
-
 :::
 
 ## Parameters
diff --git a/src/references/glossary.md b/src/references/glossary.md
index bfdc4ff3..1d3927b7 100644
--- a/src/references/glossary.md
+++ b/src/references/glossary.md
@@ -33,14 +33,6 @@ facility is legitimate and hasn't been tampered with before allowing access.
 
 ## B
 
-### Bellecour Sidechain
-
-iExec's product sidechain. It is linked to Ethereum Mainnet with a bridge
-allowing for the transfer of assets between networks. It allows iExec to be used
-without paying Ethereum gas fees.
-
-See [Sidechain](#sidechain) and [xRLC](#xrlc) for more information.
-
 ### Beneficiary
 
 An entity indicated by the requester that benefits from the result of a
@@ -97,22 +89,6 @@ marketplace and recorded in the PoCo smart contract.
 
 ## E
 
-### Enclave
-
-In confidential computing jargon, an "enclave" is the special memory zone
-protected by the CPU. For simplicity's sake, you can refer to private regions of
-memory defined by Intel® SGX application as "enclaves".
-
-**Key Points**:
-
-- **Protected Memory**: Secure area where sensitive code and data run
-- **Hardware Protection**: Protected by CPU security features
-- **Isolation**: Completely isolated from the rest of the system
-- **SGX Specific**: Term primarily used with Intel SGX technology
-
-**Analogy**: An enclave is like a secure room within a building that only
-authorized people can enter and where everything inside is protected.
-
 ### Explorer (iExec Explorer)
 
 Tracks and displays all transactions occurring on iExec’s platform. It provides
@@ -161,27 +137,11 @@ succeed so that the presale tokens gain in value.
 iExec's content aggregator where people can find content related to the project,
 including articles, demos, documentation, and tutorials.
 
-### Intel SGX (Software Guard Extensions)
-
-Intel's first-generation TEE technology that protects individual applications or
-parts of applications. SGX creates small, secure memory areas called "enclaves"
-where sensitive code and data can run safely.
-
-**Characteristics**:
-
-- **Scope**: App-level protection
-- **Memory**: Limited secure memory (like a small safe)
-- **Code Changes**: Requires significant modifications
-- **Best For**: Focused, lightweight applications
-
-**Analogy**: SGX is like installing a small, specialized safe inside your office
-for specific valuable items.
-
 ### Intel TDX (Trust Domain Extensions)
 
-Intel's next-generation TEE technology that protects entire virtual machines.
-TDX provides larger secure memory spaces and requires minimal code changes
-compared to SGX.
+Intel's TEE technology that protects entire virtual machines.
+[TDX](/protocol/tee/intel-tdx) provides large secure memory spaces and requires
+minimal code changes — applications run with a "lift and shift" approach.
 
 **Characteristics**:
 
@@ -224,12 +184,6 @@ videos, and digital 3D objects.
 
 See [ERC-721](#erc-721) for more information.
 
-### MREnclave
-
-The MREnclave is a hash value that identifies every enclave. It is obtained from
-the content of memory pages and access rights. The MREnclave is available after
-the TEE application is built.
-
 ## N
 
 ### nRLC
@@ -275,14 +229,12 @@ payments are always fair and timely.
 
 ### Remote attestation
 
-As explained by
-[Intel](https://software.intel.com/en-us/sgx/attestation-services), the remote
-attestation is the process that happens before any exchange between a remote
-provider and an enclave. It allows the provider to verify that the expected
-software is running in an Intel® SGX-protected way, as well as getting other
+Remote attestation is the process that happens before any exchange between a
+remote provider and a Trust Domain. It allows the provider to verify that the
+expected software is running in a TEE-protected way, as well as getting other
 details about the application being attested. If the attestation is successful,
-a secure communication channel is established between the provider and the
-enclave, and secrets can safely land in the latter.
+a secure communication channel is established between the provider and the Trust
+Domain, and secrets can safely land in the latter.
 
 ### Requester
 
@@ -306,23 +258,6 @@ on ongoing projects and the future work. It is available here
 
 Organizes the work distribution for workers in a worker pool.
 
-### Scone Framework
-
-A high-level framework that simplifies the development of Intel SGX
-applications. Scone provides tools and libraries to make SGX development easier
-and more accessible.
-
-**Key Points**:
-
-- **SGX Simplification**: Makes SGX development easier and more accessible
-- **iExec Integration**: Used by iExec to simplify SGX application development
-- **High-Level Tools**: Provides libraries and tools for SGX development
-- **Production Ready**: Used in production iExec SGX applications
-
-**Analogy**: Scone is like having a toolkit that makes it easier to build secure
-applications, similar to how a construction toolkit makes building houses
-easier.
-
 ### SDK (Software Development Kit)
 
 A set of tools for interaction with smart contracts and the iExec's marketplace.
@@ -332,8 +267,7 @@ It is available as a CLI and JS library. Access SDK here:
 ### Sidechain
 
 A controlled blockchain deployed over a data center and linked to Ethereum
-Mainnet with a bridge permitting to transfer assets between the two. iExec's
-sidechain "Bellecour" is iExec's mainnet bridged to ethereum mainnet.
+Mainnet with a bridge permitting to transfer assets between the two.
 
 ### Smart Contracts
 
@@ -448,5 +382,4 @@ The bridge helps maintain the parity between the main chain and the external
 chain. For example, one xRLC on the sidechain has the same value as 1 RLC on the
 mainchain.
 
-See [Sidechain](#sidechain), [Bellecour Sidechain](#bellecour-sidechain) or
-[Minting](#minting) for more information.
+See [Sidechain](#sidechain) or [Minting](#minting) for more information.
diff --git a/src/references/iapp-generator.md b/src/references/iapp-generator.md
index 7c70b795..94118d9a 100644
--- a/src/references/iapp-generator.md
+++ b/src/references/iapp-generator.md
@@ -15,7 +15,8 @@ confidential computing setup.
 ## What is iApp Generator?
 
 **iApp Generator** builds confidential applications. Your code runs in Intel
-SGX/TDX secure enclaves where data stays private during processing.
+[TDX](/protocol/tee/intel-tdx) Trust Domains where data stays private during
+processing.
 
 ### What iApp Generator Provides
 
@@ -53,8 +54,8 @@ Once you've built your first iApp, level up with these practical guides:
 
 Ready for production? Dive into specialized topics:
 
-- **[Build Intel TDX iApp (Experimental)](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
-  Next-gen TEE with traditional deployment and iApp Generator technology
+- **[Build Intel TDX iApp](/guides/build-iapp/advanced/build-your-first-tdx-iapp)** -
+  TDX with traditional deployment and iApp Generator technology
 - **[Complete Guides Overview](/guides/build-iapp/build-&-test)** - All
   development guides in one place
 
@@ -62,8 +63,8 @@ Ready for production? Dive into specialized topics:
 
 ### Privacy without infrastructure overhead
 
-Your code runs in Intel SGX/TDX enclaves. Even the worker running your app can't
-see what's happening inside.
+Your code runs in Intel TDX Trust Domains. Even the worker running your app
+can't see what's happening inside.
 
 ### You build, iExec handles the TEE complexity
 
diff --git a/src/references/iapp-generator/building-your-iexec-app.md b/src/references/iapp-generator/building-your-iexec-app.md
index ef20d311..01caeb02 100644
--- a/src/references/iapp-generator/building-your-iexec-app.md
+++ b/src/references/iapp-generator/building-your-iexec-app.md
@@ -150,7 +150,7 @@ templates through interactive prompts.
 **Options**:
 
 - `--chain <string>` – Specify the blockchain network for deployment (e.g.,
-  `arbitrum-mainnet`, `arbitrum-sepolia-testnet`, `bellecour`)
+  `arbitrum-mainnet`, `arbitrum-sepolia-testnet`)
 
 ### `iapp run <iAppAddress>`
 
@@ -170,7 +170,7 @@ templates through interactive prompts.
 - `--requesterSecret <array>` – Key-value requester secrets (`index=value`)
   available inside the iApp at `$IEXEC_REQUESTER_SECRET_*`
 - `--chain <string>` – Specify the blockchain network to run the iApp on (e.g.,
-  `arbitrum-mainnet`, `arbitrum-sepolia-testnet`, `bellecour`)
+  `arbitrum-mainnet`, `arbitrum-sepolia-testnet`)
 
 ### `iapp debug <taskId>`
 
@@ -183,7 +183,7 @@ templates through interactive prompts.
 **Options**:
 
 - `--chain <string>` – Specify the blockchain network of the task (e.g.,
-  `arbitrum-mainnet`, `arbitrum-sepolia-testnet`, `bellecour`)
+  `arbitrum-mainnet`, `arbitrum-sepolia-testnet`)
 
 ### `iapp mock <inputType>`
 
@@ -202,13 +202,13 @@ templates through interactive prompts.
 - `<action>` – Import a new wallet or select one from the keystore [choices:
   "import", "select"]
 
-## Advanced Options <ChainNotSupportedBadge />
+## TDX Configuration
 
 ### `EXPERIMENTAL_TDX_APP=true`
 
-**Purpose**: Enable experimental Intel TDX support  
+**Purpose**: Enable Intel [TDX](/protocol/tee/intel-tdx) support  
 **Usage**: Set as environment variable before running commands  
-**Example**: `EXPERIMENTAL_TDX_APP=true iapp test`
+**Example**: `EXPERIMENTAL_TDX_APP=true iapp deploy`
 
 **Available with**:
 
@@ -216,19 +216,6 @@ templates through interactive prompts.
 - `iapp deploy`
 - `iapp run <app-address>`
 
-::: info TDX <ChainNotSupportedBadge />
-
-🧪 While **TEE** iApp are based on **intel SGX** technology by default, iApp has
-an experimental support for **intel TDX** applications.
-
-TDX mode is enabled by setting the environment variable
-`EXPERIMENTAL_TDX_APP=true`.
-
-⚠️ Keep in mind: TDX mode is experimental and can be subject to instabilities or
-discontinuity.
-
-:::
-
 ## Next Steps
 
 Your iApp is now running on iExec!
@@ -238,5 +225,4 @@ Once your application is **stable** and **functional**, you can learn how to
 
 <script setup>
 import CLIDemo from '@/components/CLIDemo.vue';
-import ChainNotSupportedBadge from '@/components/ChainNotSupportedBadge.vue'
 </script>
diff --git a/src/utils/chain.utils.ts b/src/utils/chain.utils.ts
index 24366513..4e7836e9 100644
--- a/src/utils/chain.utils.ts
+++ b/src/utils/chain.utils.ts
@@ -1,7 +1,5 @@
 import { arbitrum, arbitrumSepolia } from 'viem/chains';
-import { bellecour } from './wagmiNetworks';
 import arbitrumLogo from '@/assets/icons/arbitrum.svg';
-import iexecLogo from '@/assets/icons/iexec-logo.png';
 
 export interface Chain {
   id: number;
@@ -44,12 +42,12 @@ export function getSupportedChains(): Chain[] {
       blockExplorers: arbitrum.blockExplorers,
       chainName: 'arbitrum-mainnet',
       iexecExplorerUrl: 'https://explorer.iex.ec/arbitrum-mainnet',
-      workerpoolAddress: '0x2C06263943180Cc024dAFfeEe15612DB6e5fD248',
+      workerpoolAddress: '0x8ef2ec3ef9535d4b4349bfec7d8b31a580e60244',
       ipfsGateway: 'https://ipfs-gateway.arbitrum-mainnet.iex.ec',
       web3MailAddress: '0xe7945ddc8241A877c6e59F50a61e91eBb57AfD84',
-      web3MailAppWhitelist: '0xD5054a18565c4a9E5c1aa3cEB53258bd59d4c78C',
+      web3MailAppWhitelist: '0xfa9cceff9431ee0e2a3fe58911073f1357f24e31',
       web3TelegramAddress: '0xa201D2C9F3464c55639589d25FA6A3ec49C9f238',
-      web3TelegramAppWhitelist: '0x53AFc09a647e7D5Fa9BDC784Eb3623385C45eF89',
+      web3TelegramAppWhitelist: '0xa7101cf61d4602d55a715be4f2b9e1bc71d22301',
     },
     {
       id: arbitrumSepolia.id,
@@ -58,37 +56,14 @@ export function getSupportedChains(): Chain[] {
       nativeCurrency: arbitrumSepolia.nativeCurrency,
       rpcUrls: arbitrumSepolia.rpcUrls,
       blockExplorers: arbitrumSepolia.blockExplorers,
-      chainName: 'arbitrum-sepolia',
+      chainName: 'arbitrum-sepolia-testnet',
       iexecExplorerUrl: 'https://explorer.iex.ec/arbitrum-sepolia-testnet',
-      workerpoolAddress: '0xB967057a21dc6A66A29721d96b8Aa7454B7c383F',
+      workerpoolAddress: '0x2956f0cb779904795a5f30d3b3ea88b714c3123f',
       ipfsGateway: 'https://ipfs-gateway.arbitrum-sepolia-testnet.iex.ec',
       web3MailAddress: '0x97792094EDf25a3AA607ed198aa22c32D7B33b62',
-      web3MailAppWhitelist: '0x8d46d40840f1Aa2264F96184Ffadf04e5D573B9B',
+      web3MailAppWhitelist: '0x09d59e1b696d0cb69f46bf762412636e8652ab58',
       web3TelegramAddress: '0x3476685f4166d4a639c85feca00e2897afd807c6',
-      web3TelegramAppWhitelist: '0x7291ff96100DA6CF97933C225B86124ef95aEc9b',
-    },
-    {
-      id: Number(bellecour.id),
-      name: bellecour.name,
-      icon: iexecLogo,
-      nativeCurrency: bellecour.nativeCurrency,
-      rpcUrls: bellecour.rpcUrls,
-      blockExplorers: {
-        default: {
-          name: bellecour.blockExplorers?.default?.name || 'Blockscout',
-          url:
-            bellecour.blockExplorers?.default?.url ||
-            'https://blockscout-bellecour.iex.ec',
-        },
-      },
-      chainName: 'bellecour',
-      iexecExplorerUrl: 'https://explorer.iex.ec/bellecour',
-      workerpoolAddress: 'prod-v8-bellecour.main.pools.iexec.eth',
-      ipfsGateway: 'https://ipfs-gateway.v8-bellecour.iex.ec',
-      web3MailAddress: 'web3mail.apps.iexec.eth',
-      web3MailAppWhitelist: '0x781482C39CcE25546583EaC4957Fb7Bf04C277D2',
-      web3TelegramAddress: 'web3telegram.apps.iexec.eth',
-      web3TelegramAppWhitelist: '0x192C6f5AccE52c81Fcc2670f10611a3665AAA98F',
+      web3TelegramAppWhitelist: '0x7f67e78a4b0a98c50333b8b72851952c396601a1',
     },
   ];
 }
diff --git a/src/utils/wagmiNetworks.ts b/src/utils/wagmiNetworks.ts
index d9b15472..a2e02b0d 100644
--- a/src/utils/wagmiNetworks.ts
+++ b/src/utils/wagmiNetworks.ts
@@ -4,31 +4,9 @@ import {
   arbitrumSepolia,
 } from '@reown/appkit/networks';
 
-export const bellecour: AppKitNetwork = {
-  id: 0x86,
-  name: 'iExec Sidechain',
-  nativeCurrency: {
-    decimals: 18,
-    name: 'xRLC',
-    symbol: 'xRLC',
-  },
-  rpcUrls: {
-    public: { http: ['https://bellecour.iex.ec'] },
-    default: { http: ['https://bellecour.iex.ec'] },
-  },
-  blockExplorers: {
-    etherscan: {
-      name: 'Blockscout',
-      url: 'https://blockscout-bellecour.iex.ec',
-    },
-    default: { name: 'Blockscout', url: 'https://blockscout-bellecour.iex.ec' },
-  },
-};
-
 const wagmiNetworks = {
-  bellecour,
   arbitrum,
   arbitrumSepolia,
-};
+} satisfies Record<string, AppKitNetwork>;
 
 export default wagmiNetworks;

From 79a3f6f032b75d4846118c856c56cf6f230aa31a Mon Sep 17 00:00:00 2001
From: raorla <159026312+raorla@users.noreply.github.com>
Date: Thu, 23 Apr 2026 09:15:39 +0200
Subject: [PATCH 02/10] Update tag value in manage-access.md

---
 src/guides/build-iapp/manage-access.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/guides/build-iapp/manage-access.md b/src/guides/build-iapp/manage-access.md
index a58f252c..0d9567bf 100644
--- a/src/guides/build-iapp/manage-access.md
+++ b/src/guides/build-iapp/manage-access.md
@@ -55,7 +55,7 @@ Here's an example app order for a sentiment analysis iApp:
   "app": "0x123abc...", // Your iApp address
   "appprice": "1000000000", // 1 RLC per execution
   "volume": "100", // 100 authorized uses
-  "tag": "0x0000000000000000000000000000000000000000000000000000000000000003", // TEE required
+  "tag": "0x0000000000000000000000000000000000000000000000000000000000000009", // Tee Tdx required
   "datasetrestrict": "0x0000000000000000000000000000000000000000",
   "workerpoolrestrict": "0x0000000000000000000000000000000000000000",
   "requesterrestrict": "0x0000000000000000000000000000000000000000"
@@ -161,7 +161,7 @@ according to your needs:
     "app": "0xYourAppAddress",
     "appprice": "1000000000",
     "volume": "100",
-    "tag": "0x0000000000000000000000000000000000000000000000000000000000000003",
+    "tag": "0x0000000000000000000000000000000000000000000000000000000000000009",
     "datasetrestrict": "0x0000000000000000000000000000000000000000",
     "workerpoolrestrict": "0x0000000000000000000000000000000000000000",
     "requesterrestrict": "0x0000000000000000000000000000000000000000"
@@ -219,7 +219,7 @@ iexec order cancel --app <orderHash>
 {
   "appprice": "2000000000",
   "volume": "500",
-  "tag": "0x0000000000000000000000000000000000000000000000000000000000000003"
+  "tag": "0x0000000000000000000000000000000000000000000000000000000000000009"
 }
 ```
 

From 306c40d9985b11b7e8fb98a153208a930d67f336 Mon Sep 17 00:00:00 2001
From: raorla <159026312+raorla@users.noreply.github.com>
Date: Thu, 23 Apr 2026 09:22:54 +0200
Subject: [PATCH 03/10] Remove prerequisites for TDX iApp tutorial

Removed prerequisites section for building TDX applications.
---
 .../build-iapp/advanced/build-your-first-tdx-iapp.md       | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
index c5615c04..05a0661a 100644
--- a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
@@ -16,13 +16,6 @@ differences between TEE technologies. Check out our
 **[Intel TDX Technology](/protocol/tee/intel-tdx)** guide for comprehensive
 explanations of TDX technology and its benefits.
 
-## Prerequisites
-
-- [Docker](https://docs.docker.com/install/) 17.05 or higher on the daemon and
-  client.
-- [iExec SDK 8.13.0-tdx](https://github.com/aimen-djari/iexec-sdk/tree/feature/tdx).
-  Contact us to have this special release.
-
 ## Choose Your Approach
 
 This tutorial covers two methods for building TDX applications:

From 6657bb1b48bda610ea9f63ebd66a3e72b153fac8 Mon Sep 17 00:00:00 2001
From: paypes <43441600+abbesBenayache@users.noreply.github.com>
Date: Thu, 23 Apr 2026 09:54:13 +0200
Subject: [PATCH 04/10] docs: restore missing TDX iApp steps from SGX doc
 (sconify removed, TDX-specific deploy/run)

---
 .vitepress/sidebar.ts                         |   4 -
 .../advanced/build-your-first-tdx-iapp.md     | 561 +++++++++++++-----
 2 files changed, 419 insertions(+), 146 deletions(-)

diff --git a/.vitepress/sidebar.ts b/.vitepress/sidebar.ts
index 8268ce32..7b01030a 100644
--- a/.vitepress/sidebar.ts
+++ b/.vitepress/sidebar.ts
@@ -425,10 +425,6 @@ export function getSidebar() {
                 text: 'Intel TDX Technology',
                 link: '/protocol/tee/intel-tdx',
               },
-              {
-                text: 'Why Intel TDX?',
-                link: '/protocol/tee/sgx-vs-tdx',
-              },
             ],
           },
           {
diff --git a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
index 05a0661a..38d5362b 100644
--- a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
@@ -2,46 +2,257 @@
 title: Build Intel TDX iApp
 description:
   Learn how to build and run Confidential Computing applications with Intel TDX
-  technology using both traditional deployment and the iApp Generator
+  on iExec, from a Docker image to deployment and the marketplace
 ---
 
-# Build Intel TDX iApp
+# Build your first TDX iApp
 
 In this tutorial, you will learn how to build and run a Confidential Computing
-application with Intel TDX technology using both traditional deployment and the
-iApp Generator.
+app with **Intel TDX (Trust Domain Extensions)** on the iExec protocol.
 
-Before implementing TDX, make sure you understand the foundational concepts and
-differences between TEE technologies. Check out our
-**[Intel TDX Technology](/protocol/tee/intel-tdx)** guide for comprehensive
-explanations of TDX technology and its benefits.
+::: tip Prerequisites
 
-## Choose Your Approach
+- [Docker](https://docs.docker.com/install/) 17.05 or higher on the daemon and
+  client.
+- [iExec SDK](https://www.npmjs.com/package/iexec) 8.0.0 or higher.
+- Familiarity with the basics of [Intel TDX](/protocol/tee/intel-tdx) and the
+  iExec workflow described in
+  [Deploy and run an iApp](/guides/build-iapp/deploy-&-run).
 
-This tutorial covers two methods for building TDX applications:
+:::
 
-1. **[Traditional Deployment](#build-your-application)** - Manual configuration
-   with `chain.json` and `iexec.json`
-2. **[iApp Generator](#using-iapp-generator)** - Simplified deployment using the
-   iApp Generator tool
+Unlike the legacy SGX/SCONE flow, **TDX does not require** a separate
+sconification step: you build a **standard** `linux/amd64` OCI image, push it to
+a registry, and configure the iExec app for the TDX framework (see
+**[Intel TDX Technology](/protocol/tee/intel-tdx)** for what TDX provides).
 
-## Build your application
+## Prepare your app
 
-Thanks to **Intel TDX**, neither the source code or the binaries of your
-application need to be changed in order to run securely in a TEE. Only two files
-need to be configured: `chain.json` and `iexec.json`.
+For this tutorial, create a new directory tree. Execute the following commands
+in `~/iexec-projects/`:
 
-iApp using Intel TDX technology follow the same format as non-TEE applications;
-follow the instructions on
-[Build and deploy your first iApp](/guides/build-iapp/deploy-&-run) to create
-and Dockerize your iApp.
+```bash
+cd ~/iexec-projects
+mkdir tee-hello-world-tdx && cd tee-hello-world-tdx
+iexec init --skip-wallet
+mkdir src
+touch Dockerfile
+```
 
-After this step, the Docker image of your iApp should be published on Docker Hub
-(e.g. `<docker-hub-user>/hello-world:1.0.0`).
+### Write the iApp logic
 
-### Update `chain.json`
+Develop your code logic as below. The following examples use JavaScript and
+Python for brevity; any workload that fits in a Docker image can be used on
+iExec.
 
-Modify your `chain.json` as follows to reference the TDX Workerpool:
+**Copy the following content** in `src/`.
+
+::: code-group
+
+```javascript [src/app.js]
+const fsPromises = require('fs').promises;
+
+(async () => {
+  try {
+    const iexecOut = process.env.IEXEC_OUT;
+    // Do whatever you want (let's write hello world here)
+    const message = process.argv.length > 2 ? process.argv[2] : 'World';
+
+    const text = `Hello, ${message}!`;
+    console.log(text);
+    // Append some results in /iexec_out/
+    await fsPromises.writeFile(`${iexecOut}/result.txt`, text);
+    // Declare everything is computed
+    const computedJsonObj = {
+      'deterministic-output-path': `${iexecOut}/result.txt`,
+    };
+    await fsPromises.writeFile(
+      `${iexecOut}/computed.json`,
+      JSON.stringify(computedJsonObj)
+    );
+  } catch (e) {
+    console.log(e);
+    process.exit(1);
+  }
+})();
+```
+
+```python [src/app.py]
+import os
+import sys
+import json
+
+iexec_out = os.environ['IEXEC_OUT']
+
+# Do whatever you want (let's write hello world here)
+text = 'Hello, {}!'.format(sys.argv[1] if len(sys.argv) > 1 else "World")
+print(text)
+
+# Append some results in /iexec_out/
+with open(iexec_out + '/result.txt', 'w+') as fout:
+    fout.write(text)
+
+# Declare everything is computed
+with open(iexec_out + '/computed.json', 'w+') as f:
+    json.dump({ "deterministic-output-path" : iexec_out + '/result.txt' }, f)
+```
+
+:::
+
+::: warning
+
+As a developer, make it a rule to never log sensitive information in your
+application. Execution logs are accessible by:
+
+- worker(s) involved in the task
+- the workerpool manager
+- the requester of the task
+
+:::
+
+### Dockerize your iApp
+
+**Copy the following content** in `Dockerfile`.
+
+::: code-group
+
+```bash [Dockerfile for JavaScript]
+FROM node:22-alpine3.21
+### install your dependencies if you have some
+RUN mkdir /app && cd /app
+COPY ./src /app
+ENTRYPOINT [ "node", "/app/app.js"]
+```
+
+```bash [Dockerfile for Python]
+FROM python:3.13.3-alpine3.21
+### install python dependencies if you have some
+COPY ./src /app
+ENTRYPOINT ["python3", "/app/app.py"]
+```
+
+:::
+
+Build the docker image.
+
+::: warning
+
+iExec expects your Docker container to be built for the `linux/amd64` platform.
+On a **Mac** with an **Apple Silicon** chip, the default platform is
+`linux/arm64`. Use buildx to produce the image for `linux/amd64`.
+
+```bash
+brew install buildkit
+# ARM64 variant for local testing only
+docker buildx build --platform linux/arm64 --tag <docker-hub-user>/hello-world .
+# AMD64 variant to deploy on iExec
+docker buildx build --platform linux/amd64 --tag <docker-hub-user>/hello-world:1.0.0 --load .
+```
+
+:::
+
+```bash
+docker build --tag <docker-hub-user>/hello-world:1.0.0 .
+```
+
+::: tip
+
+`docker build` produces an image id; using `--tag <name>:<version>` is a
+convenient way to name the image for the next steps.
+
+:::
+
+## Test your iApp locally
+
+### Basic test
+
+Create local volumes to simulate input and output directories.
+
+```bash
+mkdir -p ./tmp/iexec_in
+mkdir -p ./tmp/iexec_out
+```
+
+Run your application locally (container volumes bound with local volumes).
+
+```bash
+docker run --rm \
+    -v ./tmp/iexec_in:/iexec_in \
+    -v ./tmp/iexec_out:/iexec_out \
+    -e IEXEC_IN=/iexec_in \
+    -e IEXEC_OUT=/iexec_out \
+    <docker-hub-user>/hello-world:1.0.0 arg1 arg2 arg3
+```
+
+::: tip Docker run [options] image [args]
+
+**docker run usage:**
+
+`docker run [OPTIONS] IMAGE [COMMAND] [ARGS...]`
+
+Use `[COMMAND]` and `[ARGS...]` to simulate the requester arguments.
+
+**Useful options for iExec:**
+
+`-v` : Bind mount a volume. Use it to bind input and output directories
+(`/iexec_in` and `/iexec_out`)
+
+`-e`: Set environment variable. Use it to simulate iExec runtime variables
+
+:::
+
+### Test with input files
+
+Starting with the basic test, you can simulate input files.
+
+For each input file:
+
+- Copy it in the local volume bound to `/iexec_in`.
+- Add `-e IEXEC_INPUT_FILE_NAME_x=NAME` to docker run options (`x` is the index
+  of the file starting at 1 and `NAME` is the name of the file)
+
+Add `-e IEXEC_INPUT_FILES_NUMBER=n` to docker run options (`n` is the total
+number of input files).
+
+Example with two input files:
+
+```bash
+touch ./tmp/iexec_in/file1 && \
+touch ./tmp/iexec_in/file2 && \
+docker run \
+    -v ./tmp/iexec_in:/iexec_in \
+    -v ./tmp/iexec_out:/iexec_out \
+    -e IEXEC_IN=/iexec_in \
+    -e IEXEC_OUT=/iexec_out \
+    -e IEXEC_INPUT_FILE_NAME_1=file1 \
+    -e IEXEC_INPUT_FILE_NAME_2=file2 \
+    -e IEXEC_INPUT_FILES_NUMBER=2 \
+    <docker-hub-user>/hello-world:1.0.0 \
+    arg1 arg2 arg3
+```
+
+## Build and push your Docker image for TDX
+
+For **TDX**, you use the **same** image you built and tested: there is no
+enclave packaging step. Ensure the image is built for `linux/amd64`, then push
+it to Docker Hub (or another registry you reference in `iexec.json`).
+
+```bash
+docker login
+docker push <docker-hub-user>/hello-world:1.0.0
+```
+
+You are now ready to register and run this image as a TDX iApp on iExec.
+
+## Test your iApp on iExec
+
+At this stage, your app is ready to be tested on iExec. The process is similar
+to testing a non-TEE app, with TDX-specific settings below.
+
+### Update `chain.json` {#update-chain-json}
+
+Point the iExec client to the **TDX** Secret Management Service (SMS) for your
+target network. Edit `chain.json` as follows (or create it if missing):
 
 ::: code-group
 
@@ -69,29 +280,29 @@ Modify your `chain.json` as follows to reference the TDX Workerpool:
 
 :::
 
-### Update `iexec.json`
+### Deploy the TEE iApp on iExec
 
-TEE applications need a few more keys in the `iexec.json` file; run this to add
-them automatically:
+TEE apps require additional fields during deployment. Prepare the TEE app
+template and select the **TDX** framework:
 
 ```bash
 iexec app init --tee-framework tdx
 ```
 
-Your `iexec.json` should now look like this example:
+Edit `iexec.json` and fill in the standard keys and the TDX `mrenclave` object:
 
 ```json
 {
   ...
   "app": {
     "owner": "<your-wallet-address>", // starts with 0x
-    "name": "tee-tdx-hello-world", // application name
+    "name": "tee-tdx-hello-world", // app name
     "type": "DOCKER",
-    "multiaddr": "<docker-hub-user>/hello-world:1.0.0", // app image
-    "checksum": "<checksum>", // starts with 0x, update it with your own image digest
+    "multiaddr": "docker.io/<docker-hub-user>/hello-world:1.0.0", // app image
+    "checksum": "<checksum>", // starts with 0x, update with your image digest
     "mrenclave": {
-      "framework": "TDX", // TEE framework (keep default value)
-   }
+      "framework": "TDX" // TEE framework (keep default value)
+    }
   },
   ...
 }
@@ -99,98 +310,209 @@ Your `iexec.json` should now look like this example:
 
 ::: info
 
-See [Deploy your iApp on iExec](/guides/build-iapp/deploy-&-run.md) to retrieve
-your image `<checksum>`.
+See [Deploy your iApp on iExec](/guides/build-iapp/deploy-&-run.md) to obtain
+your image `<checksum>` (digest).
 
 :::
 
-### Deploy and run the TEE iApp
+Deploy the iApp:
 
-Deploy the iApp with the standard command:
+```bash twoslash
+iexec app deploy --chain {{chainName}}
+```
 
-```bash
-iexec app deploy
+List your last deployed app:
+
+```bash twoslash
+iexec app show --chain {{chainName}}
 ```
 
-To execute the iApp in TDX, add `--tag tee,tdx` to the `iexec app run` and
-select the TDX workerpool for your target network.
+## Run the iApp
+
+iExec runs applications on decentralized infrastructure; execution is paid in
+**RLC** on Arbitrum networks.
+
+::: info
+
+To run an application you must have enough RLC staked on your iExec account to
+pay for the computing resources.
+
+When you request an execution, the task cost is reserved from your account’s
+stake, then distributed to workers (see
+[Proof of Contribution](/protocol/proof-of-contribution)).
+
+At any time you can:
+
+- view your balance
+
+```bash twoslash
+iexec account show --chain {{chainName}}
+```
+
+- deposit RLC from your wallet to your iExec account
+
+```bash twoslash
+iexec account deposit --chain {{chainName}} <amount>
+```
+
+- withdraw RLC from your iExec account to your wallet (only stake can be
+  withdrawn)
+
+```bash twoslash
+iexec account withdraw --chain {{chainName}} <amount>
+```
+
+:::
+
+To run a **TDX** iApp, use the TEE **tee** and **tdx** tags and a **TDX
+workerpool** for the target network.
+
+```bash twoslash
+iexec app run --chain {{chainName}} --tag tee,tdx --workerpool {{workerpoolAddress}} --watch
+```
 
 ::: code-group
 
 ```bash [Arbitrum Sepolia (testnet)]
-iexec app run --tag tee,tdx --workerpool 0x2956f0cb779904795a5f30d3b3ea88b714c3123f --watch
+iexec app run --chain arbitrum-sepolia-testnet --tag tee,tdx --workerpool 0x2956f0cb779904795a5f30d3b3ea88b714c3123f --watch
 ```
 
 ```bash [Arbitrum Mainnet]
-iexec app run --tag tee,tdx --workerpool 0x8ef2ec3ef9535d4b4349bfec7d8b31a580e60244 --watch
+iexec app run --chain arbitrum-mainnet --tag tee,tdx --workerpool 0x8ef2ec3ef9535d4b4349bfec7d8b31a580e60244 --watch
 ```
 
 :::
 
+Task execution on iExec is asynchronous.
+
+```mermaid
+graph TD
+    Requester["Requester (or anyone)"] --> |"1 . Match compatible orders \n(request, application, dataset & workerpool orders) \n & Wait result" | Blockchain
+    Blockchain --> |2 . Notify new deal with tasks to compute| Scheduler
+    Worker --> |3 . Request new task to compute| Scheduler
+    Worker --> |4 . Run application| Application[Application image]
+    Worker --> |5.a. Push result| ResultStorage["Result Storage"]
+    Worker --> |5.b. Commit result proof| Blockchain
+    Workerpool --> |6 . Publish result link or callback| Blockchain
+
+    subgraph Workerpool
+        Scheduler
+        Worker
+        Application
+    end
+```
+
+Guarantees about completion times (fast/slow) are described in the
+[category section](/protocol/pay-per-task): maximum deal/task time, maximum
+computing time, etc.
+
+When the task completes, copy the `taskid` from the `iexec app run` output (a
+32-byte hex string).
+
+Download the result:
+
+```bash twoslash
+iexec task show --chain {{chainName}} <taskid> --download my-result
+```
+
+You can get the `taskid` for a `dealid` with:
+
+```bash twoslash
+iexec deal show --chain {{chainName}} <dealid>
+```
+
+::: info
+
+A task result is a zip file containing the application output files.
+
+:::
+
+For this hello-world app, the output includes `result.txt`. Unpack and read it:
+
+```bash
+unzip my-result.zip -d my-result
+cat my-result/result.txt
+```
+
+Congratulations! You have executed your application on iExec in a TDX Trust
+Domain.
+
+## Publish your app on the iExec Marketplace
+
+Your app is deployed and you have completed an execution. To let others run it,
+publish an **apporder** (see
+[iApp access and pricing](/guides/build-iapp/manage-access) for how orders
+work).
+
+```bash twoslash
+iexec app publish --chain {{chainName}}
+```
+
 ::: info
 
-Remember, you can access task and iApp logs by following the instructions on
-page [Debug your tasks](/guides/build-iapp/debugging).
+`iexec app publish` allows custom access rules (`iexec app publish --help`).
 
 :::
 
+Check published app orders:
+
+```bash twoslash
+iexec orderbook app --chain {{chainName}} <your app address>
+```
+
+## Next steps
+
+In this tutorial you used **Intel TDX** on iExec to run a confidential workload.
+To go further with confidential data and result protection:
+
+- [Access confidential assets from your iApp](/guides/build-iapp/advanced/access-confidential-assets)
+- [Protect the result](/guides/build-iapp/advanced/protect-the-result)
+
+Deeper TEE context:
+
+- [Intel TDX Technology](/protocol/tee/intel-tdx)
+- [Introduction to TEE technologies](/protocol/tee/introduction)
+
 ## Using iApp Generator
 
-The iApp Generator provides a simplified way to deploy and run TDX applications
-with minimal configuration.
+The [iApp Generator](/references/iapp-generator) can deploy and run **TDX** apps
+with less manual `iexec.json` editing.
 
 ### Enabling TDX in iApp Generator
 
-#### Environment Variable Method
-
-**Enable TDX for deployment and execution**:
+**Enable TDX for deployment and execution:**
 
 ```bash
-# Set the experimental flag
 export EXPERIMENTAL_TDX_APP=true
-
-# Deploy and run with TDX
 iapp deploy
 iapp run <app-address>
 ```
 
-:::warning Environment Variable Declaration
-
-The syntax for setting environment variables differs between operating systems:
+::: warning Environment variable declaration
 
 - **Mac/Linux**: `export EXPERIMENTAL_TDX_APP=true`
 - **Windows**: `set EXPERIMENTAL_TDX_APP=true`
 
 :::
 
-#### Per-Command Method
-
-**Enable TDX for specific commands**:
+**Per command:**
 
 ```bash
-# Deploy TDX-enabled iApp
 EXPERIMENTAL_TDX_APP=true iapp deploy
-
-# Run with TDX
 EXPERIMENTAL_TDX_APP=true iapp run <app-address>
-
-# Debug TDX execution
 EXPERIMENTAL_TDX_APP=true iapp debug <taskId>
 ```
 
-#### Verification
-
-**Check if TDX is enabled**:
+**Verify TEE tags on the app:**
 
 ```bash
-# Your deployed iApp should show TDX-related tags
 iexec app show <app-address>
 ```
 
-### DataProtector SDK Configuration
+### DataProtector SDK with TDX
 
-⚠️ **To use** the iExec DataProtector SDK with TDX support, you must configure
-the SDK with the right SMS endpoint.
+To use **DataProtector** with TDX, point the SDK at the TDX SMS (same hosts as
+in [Update `chain.json`](#update-chain-json) above).
 
 ::: code-group
 
@@ -212,8 +534,7 @@ const dataProtector = new IExecDataProtector(web3Provider, {
 
 :::
 
-⚠️**You need** to specify the TDX workerpool in your `processProtectedData`
-call.
+Pass the TDX **workerpool** in `processProtectedData`:
 
 ::: code-group
 
@@ -235,85 +556,41 @@ await dataProtector.core.processProtectedData({
 
 :::
 
-### Protected Data Compatibility
-
-:::warning Protected Data Requirements
-
-**TDX iApp may require TDX-compatible protected data.** Check compatibility
-before using protected data with TDX iApp.
-
-:::
-
-**Important**: The exact process for creating TDX-compatible protected data may
-differ from standard protected data creation. Consult the latest DataProtector
-documentation for TDX-specific requirements.
-
-### Development Workflow
+TDX iApps may require **TDX-compatible** protected data. Check the latest
+[DataProtector](/references/dataProtector) documentation for requirements.
 
-#### 1. **Local Testing**
+**Local test (same as non-TEE):**
 
 ```bash
-# Test locally (same as regular iApp)
 iapp test --protectedData "mock_name"
-
-# TDX only affects remote deployment/execution
 ```
 
-#### 2. **Deployment**
+## Current limitations (experimental TDX / iApp Generator)
 
-```bash
-# Deploy TDX iApp
-EXPERIMENTAL_TDX_APP=true iapp deploy
-```
+::: danger Production warnings
 
-#### 3. **Execution**
-
-```bash
-# Run with TDX
-EXPERIMENTAL_TDX_APP=true iapp run <app-address>
-```
-
-## Current Limitations
-
-:::danger Production Warnings
-
-- **🚫 NOT for production use**
-- **🚫 Limited worker availability**
-- **🚫 Unstable execution** environment
-- **🚫 Breaking changes** without notice
+- **Not** intended for production use without your own review
+- **Worker availability** and behavior may change
+- **Breaking changes** possible in experimental flags and endpoints
 
 :::
 
-## What's Next?
-
-### **Continue with TDX Development**
-
-**Enhance your TDX application**:
-
-- **[Debugging Your iApp](/guides/build-iapp/debugging)** - Troubleshoot
-  execution issues and TDX-specific problems
-- **[Inputs](/guides/build-iapp/inputs)** - Handle data inputs
-- **[Outputs](/guides/build-iapp/outputs)** - Handle data outputs in TEE
-  environment with TDX
-- **[iApp Access Control and Pricing](/guides/build-iapp/manage-access)** -
-  Configure access control for your TDX applications
-
-### **Learn More About TEE Technologies**
-
-**Deepen your understanding**:
+### Related resources
 
-- **[Intel TDX Technology](/protocol/tee/intel-tdx)** - Comprehensive guide to
-  TDX technology and benefits
-- **[Introduction to TEE Technologies](/protocol/tee/introduction)** -
-  Foundation concepts of TEE technologies
+- [iApp Generator reference](/references/iapp-generator)
+- [Debugging your iApp](/guides/build-iapp/debugging)
+- [Inputs](/guides/build-iapp/inputs) / [Outputs](/guides/build-iapp/outputs)
+- [iApp access and pricing](/guides/build-iapp/manage-access)
 
-### **Related Resources**
+<script setup>
+import { computed } from 'vue';
+import useUserStore  from '@/stores/useUser.store';
+import {getChainById} from '@/utils/chain.utils';
 
-**Explore the iExec ecosystem**:
+const userStore = useUserStore();
+const selectedChain = computed(() => userStore.getCurrentChainId());
 
-- **[iApp Generator Reference](/references/iapp-generator)** - Complete iApp
-  Generator documentation
-- **[DataProtector SDK](/references/dataProtector)** - Work with protected data
-  in TDX
-- **[Advanced iApp Building](/guides/build-iapp/advanced/quick-start)** -
-  Advanced development techniques
+const chainData = computed(() => getChainById(selectedChain.value));
+const chainName = computed(() => chainData.value?.chainName ?? 'arbitrum-sepolia-testnet');
+const workerpoolAddress = computed(() => chainData.value?.workerpoolAddress ?? '0x2956f0cb779904795a5f30d3b3ea88b714c3123f');
+</script>

From 0181fa0a49884d61142574ee8f90389aaf50c3ad Mon Sep 17 00:00:00 2001
From: raorla <159026312+raorla@users.noreply.github.com>
Date: Thu, 23 Apr 2026 10:08:41 +0200
Subject: [PATCH 05/10] Update iExec SDK version in prerequisites

---
 src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
index 38d5362b..897d1d93 100644
--- a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
@@ -14,7 +14,7 @@ app with **Intel TDX (Trust Domain Extensions)** on the iExec protocol.
 
 - [Docker](https://docs.docker.com/install/) 17.05 or higher on the daemon and
   client.
-- [iExec SDK](https://www.npmjs.com/package/iexec) 8.0.0 or higher.
+- [iExec SDK](https://www.npmjs.com/package/iexec) 8.24.0 or higher.
 - Familiarity with the basics of [Intel TDX](/protocol/tee/intel-tdx) and the
   iExec workflow described in
   [Deploy and run an iApp](/guides/build-iapp/deploy-&-run).

From 8cb9d349cf34bbe7cc86f88d6d67dfb47e5b0960 Mon Sep 17 00:00:00 2001
From: raorla <159026312+raorla@users.noreply.github.com>
Date: Thu, 23 Apr 2026 10:09:14 +0200
Subject: [PATCH 06/10] Remove mrenclave configuration from TDX app

Removed mrenclave section from app configuration.
---
 src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
index 897d1d93..1dae1214 100644
--- a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
@@ -300,9 +300,6 @@ Edit `iexec.json` and fill in the standard keys and the TDX `mrenclave` object:
     "type": "DOCKER",
     "multiaddr": "docker.io/<docker-hub-user>/hello-world:1.0.0", // app image
     "checksum": "<checksum>", // starts with 0x, update with your image digest
-    "mrenclave": {
-      "framework": "TDX" // TEE framework (keep default value)
-    }
   },
   ...
 }

From d055aa6ee02f46bcc9c0a9208ca4ca96e517c381 Mon Sep 17 00:00:00 2001
From: paypes <43441600+abbesBenayache@users.noreply.github.com>
Date: Thu, 23 Apr 2026 10:31:13 +0200
Subject: [PATCH 07/10] refactor: remove EXPERIMENTAL_TDX_APP

---
 .../advanced/build-your-first-tdx-iapp.md     | 14 ++---
 .../iapp-generator/building-your-iexec-app.md | 51 ++++++-------------
 2 files changed, 18 insertions(+), 47 deletions(-)

diff --git a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
index 1dae1214..252fda72 100644
--- a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
@@ -480,24 +480,16 @@ with less manual `iexec.json` editing.
 **Enable TDX for deployment and execution:**
 
 ```bash
-export EXPERIMENTAL_TDX_APP=true
 iapp deploy
 iapp run <app-address>
 ```
 
-::: warning Environment variable declaration
-
-- **Mac/Linux**: `export EXPERIMENTAL_TDX_APP=true`
-- **Windows**: `set EXPERIMENTAL_TDX_APP=true`
-
-:::
-
 **Per command:**
 
 ```bash
-EXPERIMENTAL_TDX_APP=true iapp deploy
-EXPERIMENTAL_TDX_APP=true iapp run <app-address>
-EXPERIMENTAL_TDX_APP=true iapp debug <taskId>
+iapp deploy
+iapp run <app-address>
+iapp debug <taskId>
 ```
 
 **Verify TEE tags on the app:**
diff --git a/src/references/iapp-generator/building-your-iexec-app.md b/src/references/iapp-generator/building-your-iexec-app.md
index 01caeb02..2c5708f7 100644
--- a/src/references/iapp-generator/building-your-iexec-app.md
+++ b/src/references/iapp-generator/building-your-iexec-app.md
@@ -123,16 +123,14 @@ algorithms and data processing here.
 
 ### `iapp init`
 
-**Purpose**: Initialize a new iApp project  
-**Usage**: `iapp init`  
-**What it does**: Creates project structure, configuration files, and basic
-templates through interactive prompts.
+**Purpose**: Initialize a new iApp project **Usage**: `iapp init` **What it
+does**: Creates project structure, configuration files, and basic templates
+through interactive prompts.
 
 ### `iapp test`
 
-**Purpose**: Test your iApp locally before deployment  
-**Usage**: `iapp test [options]`  
-**Options**:
+**Purpose**: Test your iApp locally before deployment **Usage**:
+`iapp test [options]` **Options**:
 
 - `-v, --version` [boolean] – Show version number
 - `--args <string>` – Arguments accessible inside the iApp (use quotes to group)
@@ -145,18 +143,16 @@ templates through interactive prompts.
 
 ### `iapp deploy`
 
-**Purpose**: Deploy your iApp to the iExec network  
-**Usage**: `iapp deploy [options]`  
-**Options**:
+**Purpose**: Deploy your iApp to the iExec network **Usage**:
+`iapp deploy [options]` **Options**:
 
 - `--chain <string>` – Specify the blockchain network for deployment (e.g.,
   `arbitrum-mainnet`, `arbitrum-sepolia-testnet`)
 
 ### `iapp run <iAppAddress>`
 
-**Purpose**: Execute your deployed iApp on a worker node  
-**Usage**: `iapp run <iAppAddress> [options]`  
-**Positional arguments**:
+**Purpose**: Execute your deployed iApp on a worker node **Usage**:
+`iapp run <iAppAddress> [options]` **Positional arguments**:
 
 - `<iAppAddress>` – Address of the deployed iApp to run
 
@@ -174,9 +170,8 @@ templates through interactive prompts.
 
 ### `iapp debug <taskId>`
 
-**Purpose**: Retrieve detailed execution logs from worker nodes  
-**Usage**: `iapp debug <taskId> [options]`  
-**Positional arguments**:
+**Purpose**: Retrieve detailed execution logs from worker nodes **Usage**:
+`iapp debug <taskId> [options]` **Positional arguments**:
 
 - `<taskId>` – The ID of the task to debug
 
@@ -187,35 +182,19 @@ templates through interactive prompts.
 
 ### `iapp mock <inputType>`
 
-**Purpose**: Create a mocked input for testing  
-**Usage**: `iapp mock <inputType> [options]`  
-**Positional arguments**:
+**Purpose**: Create a mocked input for testing **Usage**:
+`iapp mock <inputType> [options]` **Positional arguments**:
 
 - `<inputType>` – Type of input to mock [choices: "protectedData"]
 
 ### `iapp wallet <action>`
 
-**Purpose**: Manage wallet-related operations  
-**Usage**: `iapp wallet <action> [options]`  
-**Positional arguments**:
+**Purpose**: Manage wallet-related operations **Usage**:
+`iapp wallet <action> [options]` **Positional arguments**:
 
 - `<action>` – Import a new wallet or select one from the keystore [choices:
   "import", "select"]
 
-## TDX Configuration
-
-### `EXPERIMENTAL_TDX_APP=true`
-
-**Purpose**: Enable Intel [TDX](/protocol/tee/intel-tdx) support  
-**Usage**: Set as environment variable before running commands  
-**Example**: `EXPERIMENTAL_TDX_APP=true iapp deploy`
-
-**Available with**:
-
-- `iapp test`
-- `iapp deploy`
-- `iapp run <app-address>`
-
 ## Next Steps
 
 Your iApp is now running on iExec!

From 1933a43c783309cd221832c35249a3920524a982 Mon Sep 17 00:00:00 2001
From: raorla <159026312+raorla@users.noreply.github.com>
Date: Thu, 23 Apr 2026 10:36:55 +0200
Subject: [PATCH 08/10] Remove duplicate sidebar entry for Intel TDX app

Removed duplicate entry for 'Build Intel TDX app' in sidebar.
---
 .vitepress/sidebar.ts | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.vitepress/sidebar.ts b/.vitepress/sidebar.ts
index 7b01030a..a6858d70 100644
--- a/.vitepress/sidebar.ts
+++ b/.vitepress/sidebar.ts
@@ -157,6 +157,10 @@ export function getSidebar() {
                 text: 'Quick Start',
                 link: '/guides/build-iapp/advanced/quick-start',
               },
+              {
+                text: 'Build Intel TDX app',
+                link: '/guides/build-iapp/advanced/build-your-first-tdx-iapp',
+              },
               {
                 text: 'End-to-end Encryption',
                 link: '/guides/build-iapp/advanced/protect-the-result',
@@ -168,11 +172,7 @@ export function getSidebar() {
               {
                 text: 'Access Confidential Assets',
                 link: '/guides/build-iapp/advanced/access-confidential-assets',
-              },
-              {
-                text: 'Build Intel TDX app',
-                link: '/guides/build-iapp/advanced/build-your-first-tdx-iapp',
-              },
+              },              
             ],
           },
         ],

From ccdc80a0f42b903de7bd90e7e5a8998a482dc742 Mon Sep 17 00:00:00 2001
From: raorla <159026312+raorla@users.noreply.github.com>
Date: Thu, 23 Apr 2026 10:38:55 +0200
Subject: [PATCH 09/10] Delete limitations section from TDX/iApp guide

Removed section on current limitations for experimental TDX/iApp Generator.
---
 .../build-iapp/advanced/build-your-first-tdx-iapp.md   | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
index 252fda72..cf3f078b 100644
--- a/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-tdx-iapp.md
@@ -554,16 +554,6 @@ TDX iApps may require **TDX-compatible** protected data. Check the latest
 iapp test --protectedData "mock_name"
 ```
 
-## Current limitations (experimental TDX / iApp Generator)
-
-::: danger Production warnings
-
-- **Not** intended for production use without your own review
-- **Worker availability** and behavior may change
-- **Breaking changes** possible in experimental flags and endpoints
-
-:::
-
 ### Related resources
 
 - [iApp Generator reference](/references/iapp-generator)

From ff53524d1430128e207595c4fd41e86c2cde0433 Mon Sep 17 00:00:00 2001
From: paypes <43441600+abbesBenayache@users.noreply.github.com>
Date: Thu, 23 Apr 2026 14:37:48 +0200
Subject: [PATCH 10/10] style: run format

---
 .vitepress/sidebar.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.vitepress/sidebar.ts b/.vitepress/sidebar.ts
index a6858d70..69caccab 100644
--- a/.vitepress/sidebar.ts
+++ b/.vitepress/sidebar.ts
@@ -172,7 +172,7 @@ export function getSidebar() {
               {
                 text: 'Access Confidential Assets',
                 link: '/guides/build-iapp/advanced/access-confidential-assets',
-              },              
+              },
             ],
           },
         ],