Architecture

+------------------------------------------------+      +-----------------------------------+
| REGION 1                                       |      | REGION 2                          |
| (local data processing & residency required)   |      | (no data residency)               |
|                                                |      |                                   |
|  +----------------------------------+          |      |  +-----------------------------+  |
|  | TEE Cluster 1                    |          |      |  | TEE Cluster 2               |  |
|  |   [Node 1] <--> [Node 2]         |<---------|----->|  |   [Node 3] <--> [Node 4]    |  |
|  +----------------+-----------------+          |      |  +---------------+-------------+  |
|                   ^                            |      |                  ^                |
|                   |                            |      |                  |                |
|                   v                            |      |                  |                |
|  +----------------+-----------------+          |      |                  |                |
|  | Regional Storages                |<---------|------|------------------+                |
|  |   [Content Addressable Storage]  |          |      |                                   |
|  |   [Regulatory Vault]             |          |      |                                   |
|  +----------------------------------+          |      |                                   |
|                                                |      |                                   |
+------------------------------------------------+      +-----------------------------------+

Connections
-----------
  Cluster 1  <-->  Cluster 2   (cross-region threshold key sharing)
  Cluster 1  <-->  Regional Storages    (in-region storage)
  Cluster 2  <-->  Regional Storages    (remote access to Region 1 storages)