EnclaveScale is a distributed, hardware-assisted telemetry architecture providing post-extraction attestation, enabling operators to collaboratively model high-resolution generative AI power transients. Existing cryptographic techniques scale poorly for 10-Hz streaming or fail to authenticate origins, permitting malicious hosts to spoof sensor inputs. We implement and evaluate a post-extraction pipeline utilizing DCAP attestation, differential privacy noise injection, and Byzantine rejection across 32 GCP Confidential VMs, achieving 0\% post-extraction attack success rate. This edge-DP approach distils continuous GPU transients into discrete Markov-chain transition matrices, guaranteeing event-level differential privacy. To mitigate pre-ingestion vulnerabilities, we propose an SPDM-authenticated first-mile layer. While current platforms lack attested I/O, emerging hardware architectures integrate PCIe IDE and TDISP to natively prevent host-level synthesis, securing the end-to-end provenance boundary. A Global Aggregation Enclave verifies these cryptographic proofs prior to capacity-weighted aggregation. Evaluation demonstrates a steady-state throughput of $131{,}406$ samples/s per enclave, amortising attestation overhead to $0.23\,μ$s/sample. On empirical NVML-sampled H100, A100, and L4 traces, EnclaveScale achieves a dynamic orchestration margin error of $1.3$\,MW compared to $0.1$\,MW for an honest-aggregator central-DP baseline. EnclaveScale establishes a secure foundation for dynamic multi-tenant power orchestration, obfuscating sub-second anomalies locally and protecting macro-workload confidentiality via spatial dilution during global aggregation.

翻译：EnclaveScale是一种分布式硬件辅助遥测架构，提供提取后验证能力，使运营商能够协同建模高分辨率生成式AI功率瞬态。现有加密技术在10Hz流式处理中扩展性差，或无法认证数据源，使得恶意主机可伪造传感器输入。我们实现并评估了一种利用DCAP验证、差分隐私噪声注入及拜占庭拒绝机制的提取后流水线，在32台GCP机密虚拟机上达到0%提取后攻击成功率。该边缘差分隐私方法将连续GPU瞬态转化为离散马尔可夫链转移矩阵，确保事件级差分隐私。为缓解注入前漏洞，我们提出SPDM认证的首英里层。尽管当前平台缺乏认证I/O，新兴硬件架构通过集成PCIe IDE与TDISP原生阻止宿主机级合成，保障端到端溯源边界。全局聚合飞地（Global Aggregation Enclave）在容量加权聚合前验证这些密码学证明。评估表明，每飞地稳态吞吐量达131,406个样本/秒，验证开销摊销至0.23微秒/样本。基于NVML采集的H100、A100与L4经验轨迹，EnclaveScale动态编排边际误差为1.3兆瓦，而诚实聚合器中央差分隐私基线为0.1兆瓦。EnclaveScale为动态多租户功率编排建立安全基础，本地混淆亚秒级异常，并通过全局聚合时的空间稀释保护宏观工作负载机密性。