Enclave writers should be aware that even though two running instances of the same enclave can be distinguished at the time they attest, there is no Intel SGX mechanism to prevent one enclave instance from having access to the sealed data of another enclave when both enclaves use the EGETKEY instruction. Both instances will return the same key value for the enclave – this is a basic premise for keeping data secret across power cycles.
For more information on distinguishing two running instances of the same enclave, see Distinguishing between Running Enclave Instances.
Should you need to keep separate TCB’s over different instances, it is recommended that the enclave writer assign a different identity to the enclave through the enclave signature mechanism.
For more information about the enclave signature mechanism, see Distinguishing between Running Enclave Instances.