diff --git a/README.md b/README.md
index 49c68e3..dca85e0 100644
--- a/README.md
+++ b/README.md
@@ -104,7 +104,7 @@ Trick: To run VOD faster, replace the big YOLO model (`yolov3.*`) with the tiny
   $ mkdir -p program && \
   cp detector.wasm program && \
   mkdir -p output && \
-  RUST_LOG=info RUST_BACKTRACE=1 freestanding-execution-engine -i video_input program program_data -o output -r program/detector.wasm -x jit -c -d -e
+  RUST_LOG=info RUST_BACKTRACE=1 freestanding-execution-engine -i video_input -i program -i program_data -i output -r program/detector.wasm
   ```
 
 ## End-to-end Veracruz deployment
diff --git a/deploy_linux_pnm.sh b/deploy_linux_pnm.sh
index 64b8bda..abfb105 100755
--- a/deploy_linux_pnm.sh
+++ b/deploy_linux_pnm.sh
@@ -32,20 +32,20 @@ PROGRAM_DATA_DIR="${PROGRAM_DATA_DIR:-program_data}"
 VIDEO_INPUT_DIR="${VIDEO_INPUT_DIR:-video_input}"
 OUTPUT_DIR="${OUTPUT_DIR:-output}"
 PROGRAM_BASENAME="detector"
-PROGRAM_PATH_LOCAL="${PROGRAM_PATH_LOCAL:-./$PROGRAM_BASENAME}"
-PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-/$PROGRAM_DIR/$PROGRAM_BASENAME}"
+PROGRAM_PATH_LOCAL="${PROGRAM_PATH_LOCAL:-$PROGRAM_BASENAME}"
+PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-./$PROGRAM_DIR/$PROGRAM_BASENAME}"
 COCO_BASENAME="coco.names"
 COCO_PATH_LOCAL="${COCO_PATH_LOCAL:-$PROGRAM_DATA_DIR/$COCO_BASENAME}"
-COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$COCO_BASENAME}"
+COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$COCO_BASENAME}"
 YOLOV3_CFG_BASENAME="yolov3.cfg"
 YOLOV3_CFG_PATH_LOCAL="${YOLOV3_CFG_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
-YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
+YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
 YOLOV3_WEIGHTS_BASENAME="yolov3.weights"
 YOLOV3_WEIGHTS_PATH_LOCAL="${YOLOV3_WEIGHTS_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
-YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
+YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
 INPUT_VIDEO_BASENAME="in.h264"
 INPUT_VIDEO_PATH_LOCAL="${INPUT_VIDEO_PATH_LOCAL:-$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
-INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-/$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
+INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-./$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
 
 # PKI
 CA_CERT_CONF_PATH="${CA_CERT_CONF_PATH:-$VERACRUZ_PATH/workspaces/ca-cert.conf}"
@@ -63,7 +63,7 @@ RESULT_CLIENT_KEY_PATH="result_client_key.pem"
 
 POLICY_PATH="${POLICY_PATH:-policy.json}"
 
-PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/proxy_cleanup.sh}"
+PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/sdk/proxy_cleanup.sh}"
 
 SERVER_LOG="${SERVER_LOG:-server.log}"
 SERVER_ATTEMPTS="${SERVER_ATTEMPTS:-60}"
@@ -125,23 +125,16 @@ done
 echo "=============Generating policy"
 $POLICY_GENERATOR_PATH \
     --max-memory-mib 2000 \
-    --enclave-debug-mode \
-    --enable-clock \
     --proxy-attestation-server-ip $PAS_ADDRESS:$PAS_PORT \
     --proxy-attestation-server-cert $CA_CERT_PATH \
     --veracruz-server-ip $VC_SERVER_ADDRESS:$VC_SERVER_PORT \
     --certificate-expiry "$(date --rfc-2822 -d 'now + 100 days')" \
     --css-file $RUNTIME_MANAGER_PATH \
-    --certificate $PROGRAM_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:w" \
-    --certificate $DATA_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DATA_DIR/:w" \
-    --certificate $VIDEO_CLIENT_CERT_PATH \
-    --capability "/$VIDEO_INPUT_DIR/:w" \
-    --certificate $RESULT_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:x,/$OUTPUT_DIR/:r,stdout:r,stderr:r" \
-    --program-binary $PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL \
-    --capability "/$PROGRAM_DIR/:r,/$PROGRAM_DATA_DIR/:r,/$VIDEO_INPUT_DIR/:r,/program_internal/:rw,/$OUTPUT_DIR/:w,stdout:w,stderr:w" \
+    --certificate "$PROGRAM_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:w" \
+    --certificate "$DATA_CLIENT_CERT_PATH => ./$PROGRAM_DATA_DIR/:w" \
+    --certificate "$VIDEO_CLIENT_CERT_PATH => ./$VIDEO_INPUT_DIR/:w" \
+    --certificate "$RESULT_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:x,./$OUTPUT_DIR/:r" \
+    --program-binary "$PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL => ./$PROGRAM_DIR/:r,./$PROGRAM_DATA_DIR/:r,./$VIDEO_INPUT_DIR/:r,./program_internal/:rw,./$OUTPUT_DIR/:w" \
     --output-policy-file $POLICY_PATH || exit 1
 
 
@@ -170,7 +163,7 @@ curl -X POST -H 'Content-Type: application/corim-unsigned+cbor; profile=http://a
 
 if [ -z $SERVERLESS ]; then 
     echo "=============Running veracruz server"
-    RUST_LOG=error RUNTIME_ENCLAVE_BINARY_PATH=$RUNTIME_MANAGER_PATH $SERVER_PATH $POLICY_PATH &> $SERVER_LOG &
+    RUST_LOG=info RUNTIME_ENCLAVE_BINARY_PATH=$RUNTIME_MANAGER_PATH $SERVER_PATH $POLICY_PATH &> $SERVER_LOG &
 fi
 
 
@@ -193,7 +186,7 @@ echo "=============Provisioning program"
 RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
     --program $PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL \
     --identity $PROGRAM_CLIENT_CERT_PATH \
-    --key $PROGRAM_CLIENT_KEY_PATH || exit
+    --key $PROGRAM_CLIENT_KEY_PATH || exit 1
 
 echo "=============Provisioning data"
 RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
@@ -215,22 +208,9 @@ RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH || exit 1
 
-echo "=============Querying results (stdout and stderr)"
-dump=$(RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    --result stdout=- \
-    --result stderr=- \
-    --identity $RESULT_CLIENT_CERT_PATH \
-    --key $RESULT_CLIENT_KEY_PATH \
-    -n)
-echo "$dump"
-frame_count=$(echo "$dump" | grep "^Frames:" | awk '{print $2}')
-
 echo "=============Querying results (predictions)"
-for ((i=0;i<frame_count;i++)); do
-       result_line="$result_line --result /$OUTPUT_DIR/prediction.$i.jpg=prediction.$i.jpg"
-done
 RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    $result_line \
+    --result "./$OUTPUT_DIR/prediction.0.jpg=prediction.0.jpg" \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH
 
diff --git a/deploy_linux_wasm.sh b/deploy_linux_wasm.sh
index 8f7d5c9..a249b02 100755
--- a/deploy_linux_wasm.sh
+++ b/deploy_linux_wasm.sh
@@ -32,19 +32,19 @@ VIDEO_INPUT_DIR="${VIDEO_INPUT_DIR:-video_input}"
 OUTPUT_DIR="${OUTPUT_DIR:-output}"
 PROGRAM_BASENAME="detector.wasm"
 PROGRAM_PATH_LOCAL="${PROGRAM_PATH_LOCAL:-./$PROGRAM_BASENAME}"
-PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-/$PROGRAM_DIR/$PROGRAM_BASENAME}"
+PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-./$PROGRAM_DIR/$PROGRAM_BASENAME}"
 COCO_BASENAME="coco.names"
 COCO_PATH_LOCAL="${COCO_PATH_LOCAL:-$PROGRAM_DATA_DIR/$COCO_BASENAME}"
-COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$COCO_BASENAME}"
+COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$COCO_BASENAME}"
 YOLOV3_CFG_BASENAME="yolov3.cfg"
 YOLOV3_CFG_PATH_LOCAL="${YOLOV3_CFG_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
-YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
+YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
 YOLOV3_WEIGHTS_BASENAME="yolov3.weights"
 YOLOV3_WEIGHTS_PATH_LOCAL="${YOLOV3_WEIGHTS_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
-YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
+YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
 INPUT_VIDEO_BASENAME="in.h264"
 INPUT_VIDEO_PATH_LOCAL="${INPUT_VIDEO_PATH_LOCAL:-$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
-INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-/$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
+INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-./$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
 
 # PKI
 CA_CERT_CONF_PATH="${CA_CERT_CONF_PATH:-$VERACRUZ_PATH/workspaces/ca-cert.conf}"
@@ -62,7 +62,7 @@ RESULT_CLIENT_KEY_PATH="result_client_key.pem"
 
 POLICY_PATH="${POLICY_PATH:-policy.json}"
 
-PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/proxy_cleanup.sh}"
+PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/sdk/proxy_cleanup.sh}"
 
 SERVER_LOG="${SERVER_LOG:-server.log}"
 SERVER_ATTEMPTS="${SERVER_ATTEMPTS:-60}"
@@ -124,23 +124,16 @@ done
 echo "=============Generating policy"
 $POLICY_GENERATOR_PATH \
     --max-memory-mib 2000 \
-    --enclave-debug-mode \
-    --enable-clock \
     --proxy-attestation-server-ip $PAS_ADDRESS:$PAS_PORT \
     --proxy-attestation-server-cert $CA_CERT_PATH \
     --veracruz-server-ip $VC_SERVER_ADDRESS:$VC_SERVER_PORT \
     --certificate-expiry "$(date --rfc-2822 -d 'now + 100 days')" \
     --css-file $RUNTIME_MANAGER_PATH \
-    --certificate $PROGRAM_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:w" \
-    --certificate $DATA_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DATA_DIR/:w" \
-    --certificate $VIDEO_CLIENT_CERT_PATH \
-    --capability "/$VIDEO_INPUT_DIR/:w" \
-    --certificate $RESULT_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:x,/$OUTPUT_DIR/:r,stdout:r,stderr:r" \
-    --program-binary $PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL \
-    --capability "/$PROGRAM_DATA_DIR/:r,/$VIDEO_INPUT_DIR/:r,/program_internal/:rw,/$OUTPUT_DIR/:w,stdout:w,stderr:w" \
+    --certificate "$PROGRAM_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:w" \
+    --certificate "$DATA_CLIENT_CERT_PATH => ./$PROGRAM_DATA_DIR/:w" \
+    --certificate "$VIDEO_CLIENT_CERT_PATH => ./$VIDEO_INPUT_DIR/:w" \
+    --certificate "$RESULT_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:x,./$OUTPUT_DIR/:r" \
+    --program-binary "$PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL => ./$PROGRAM_DATA_DIR/:r,./$VIDEO_INPUT_DIR/:r,./program_internal/:rw,./$OUTPUT_DIR/:w" \
     --output-policy-file $POLICY_PATH || exit 1
 
 
@@ -208,22 +201,9 @@ RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH || exit 1
 
-echo "=============Querying results (stdout and stderr)"
-dump=$(RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    --result stdout=- \
-    --result stderr=- \
-    --identity $RESULT_CLIENT_CERT_PATH \
-    --key $RESULT_CLIENT_KEY_PATH \
-    -n)
-echo "$dump"
-frame_count=$(echo "$dump" | grep "^Frames:" | awk '{print $2}')
-
 echo "=============Querying results (predictions)"
-for ((i=0;i<frame_count;i++)); do
-       result_line="$result_line --result /$OUTPUT_DIR/prediction.$i.jpg=prediction.$i.jpg"
-done
 RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    $result_line \
+    --result "./$OUTPUT_DIR/prediction.0.jpg=prediction.0.jpg" \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH
 
diff --git a/deploy_nitro_pnm.sh b/deploy_nitro_pnm.sh
index 5f93ffa..6effbd7 100755
--- a/deploy_nitro_pnm.sh
+++ b/deploy_nitro_pnm.sh
@@ -11,7 +11,7 @@ VERACRUZ_PATH="${VERACRUZ_PATH:-$HOME/veracruz}"
 POLICY_GENERATOR_PATH="${POLICY_GENERATOR_PATH:-$VERACRUZ_PATH/workspaces/host/target/$PROFILE/generate-policy}"
 CLIENT_PATH="${CLIENT_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-host/target/$PROFILE/veracruz-client}"
 SERVER_PATH="${SERVER_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-host/target/$PROFILE/$BACKEND-veracruz-server}"
-EIF_PATH="${EIF_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-runtime/runtime_manager.eif}"
+EIF_PATH="${EIF_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-runtime/nitro_runtime_manager.eif}"
 PCR0_PATH="${PCR0_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-runtime/PCR0}"
 NATIVE_MODULE_SANDBOXER_PATH="${NATIVE_MODULE_SANDBOXER_PATH:-$VERACRUZ_PATH/native-module-sandboxer/build/native-module-sandboxer}"
 
@@ -35,19 +35,19 @@ VIDEO_INPUT_DIR="${VIDEO_INPUT_DIR:-video_input}"
 OUTPUT_DIR="${OUTPUT_DIR:-output}"
 PROGRAM_BASENAME="detector"
 PROGRAM_PATH_LOCAL="${PROGRAM_PATH_LOCAL:-./$PROGRAM_BASENAME}"
-PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-/$PROGRAM_DIR/$PROGRAM_BASENAME}"
+PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-./$PROGRAM_DIR/$PROGRAM_BASENAME}"
 COCO_BASENAME="coco.names"
 COCO_PATH_LOCAL="${COCO_PATH_LOCAL:-$PROGRAM_DATA_DIR/$COCO_BASENAME}"
-COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$COCO_BASENAME}"
+COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$COCO_BASENAME}"
 YOLOV3_CFG_BASENAME="yolov3.cfg"
 YOLOV3_CFG_PATH_LOCAL="${YOLOV3_CFG_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
-YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
+YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
 YOLOV3_WEIGHTS_BASENAME="yolov3.weights"
 YOLOV3_WEIGHTS_PATH_LOCAL="${YOLOV3_WEIGHTS_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
-YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
+YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
 INPUT_VIDEO_BASENAME="in.h264"
 INPUT_VIDEO_PATH_LOCAL="${INPUT_VIDEO_PATH_LOCAL:-$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
-INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-/$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
+INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-./$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
 
 # PKI
 CA_CERT_CONF_PATH="${CA_CERT_CONF_PATH:-$VERACRUZ_PATH/workspaces/ca-cert.conf}"
@@ -65,7 +65,7 @@ RESULT_CLIENT_KEY_PATH="result_client_key.pem"
 
 POLICY_PATH="${POLICY_PATH:-policy.json}"
 
-PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/proxy_cleanup.sh}"
+PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/sdk/proxy_cleanup.sh}"
 
 NITRO_LOG="${NITRO_LOG:-nitro.log}"
 SERVER_LOG="${SERVER_LOG:-server.log}"
@@ -129,23 +129,16 @@ done
 echo "=============Generating policy"
 $POLICY_GENERATOR_PATH \
     --max-memory-mib 2000 \
-    --enclave-debug-mode \
-    --enable-clock \
     --proxy-attestation-server-ip $PAS_ADDRESS:$PAS_PORT \
     --proxy-attestation-server-cert $CA_CERT_PATH \
     --veracruz-server-ip $VC_SERVER_ADDRESS:$VC_SERVER_PORT \
     --certificate-expiry "$(date --rfc-2822 -d 'now + 100 days')" \
-    --pcr-file $PCR0_PATH \
-    --certificate $PROGRAM_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:w" \
-    --certificate $DATA_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DATA_DIR/:w" \
-    --certificate $VIDEO_CLIENT_CERT_PATH \
-    --capability "/$VIDEO_INPUT_DIR/:w" \
-    --certificate $RESULT_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:x,/$OUTPUT_DIR/:r,stdout:r,stderr:r" \
-    --program-binary $PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL \
-    --capability "/$PROGRAM_DIR/:r,/$PROGRAM_DATA_DIR/:r,/$VIDEO_INPUT_DIR/:r,/program_internal/:rw,/$OUTPUT_DIR/:w,stdout:w,stderr:w" \
+    --pcr0-file $PCR0_PATH \
+    --certificate "$PROGRAM_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:w" \
+    --certificate "$DATA_CLIENT_CERT_PATH => ./$PROGRAM_DATA_DIR/:w" \
+    --certificate "$VIDEO_CLIENT_CERT_PATH => ./$VIDEO_INPUT_DIR/:w" \
+    --certificate "$RESULT_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:x,./$OUTPUT_DIR/:r" \
+    --program-binary "$PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL => ./$PROGRAM_DIR/:r,./$PROGRAM_DATA_DIR/:r,./$VIDEO_INPUT_DIR/:r,./program_internal/:rw,./$OUTPUT_DIR/:w" \
     --output-policy-file $POLICY_PATH || exit 1
 
 
@@ -219,22 +212,9 @@ RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH || exit 1
 
-echo "=============Querying results (stdout and stderr)"
-dump=$(RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    --result stdout=- \
-    --result stderr=- \
-    --identity $RESULT_CLIENT_CERT_PATH \
-    --key $RESULT_CLIENT_KEY_PATH \
-    -n)
-echo "$dump"
-frame_count=$(echo "$dump" | grep "^Frames:" | awk '{print $2}')
-
 echo "=============Querying results (predictions)"
-for ((i=0;i<frame_count;i++)); do
-       result_line="$result_line --result /$OUTPUT_DIR/prediction.$i.jpg=prediction.$i.jpg"
-done
 RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    $result_line \
+    --result "./$OUTPUT_DIR/prediction.0.jpg=prediction.0.jpg" \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH
 
diff --git a/deploy_nitro_wasm.sh b/deploy_nitro_wasm.sh
index 2d7c759..e7fa7c0 100755
--- a/deploy_nitro_wasm.sh
+++ b/deploy_nitro_wasm.sh
@@ -10,7 +10,7 @@ VERACRUZ_PATH="${VERACRUZ_PATH:-$HOME/veracruz}"
 POLICY_GENERATOR_PATH="${POLICY_GENERATOR_PATH:-$VERACRUZ_PATH/workspaces/host/target/$PROFILE/generate-policy}"
 CLIENT_PATH="${CLIENT_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-host/target/$PROFILE/veracruz-client}"
 SERVER_PATH="${SERVER_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-host/target/$PROFILE/$BACKEND-veracruz-server}"
-EIF_PATH="${EIF_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-runtime/runtime_manager.eif}"
+EIF_PATH="${EIF_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-runtime/nitro_runtime_manager.eif}"
 PCR0_PATH="${PCR0_PATH:-$VERACRUZ_PATH/workspaces/$BACKEND-runtime/PCR0}"
 
 # Attestation
@@ -33,19 +33,19 @@ VIDEO_INPUT_DIR="${VIDEO_INPUT_DIR:-video_input}"
 OUTPUT_DIR="${OUTPUT_DIR:-output}"
 PROGRAM_BASENAME="detector.wasm"
 PROGRAM_PATH_LOCAL="${PROGRAM_PATH_LOCAL:-./$PROGRAM_BASENAME}"
-PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-/$PROGRAM_DIR/$PROGRAM_BASENAME}"
+PROGRAM_PATH_REMOTE="${PROGRAM_PATH_REMOTE:-./$PROGRAM_DIR/$PROGRAM_BASENAME}"
 COCO_BASENAME="coco.names"
 COCO_PATH_LOCAL="${COCO_PATH_LOCAL:-$PROGRAM_DATA_DIR/$COCO_BASENAME}"
-COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$COCO_BASENAME}"
+COCO_PATH_REMOTE="${COCO_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$COCO_BASENAME}"
 YOLOV3_CFG_BASENAME="yolov3.cfg"
 YOLOV3_CFG_PATH_LOCAL="${YOLOV3_CFG_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
-YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
+YOLOV3_CFG_PATH_REMOTE="${YOLOV3_CFG_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_CFG_BASENAME}"
 YOLOV3_WEIGHTS_BASENAME="yolov3.weights"
 YOLOV3_WEIGHTS_PATH_LOCAL="${YOLOV3_WEIGHTS_PATH_LOCAL:-$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
-YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-/$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
+YOLOV3_WEIGHTS_PATH_REMOTE="${YOLOV3_WEIGHTS_PATH_REMOTE:-./$PROGRAM_DATA_DIR/$YOLOV3_WEIGHTS_BASENAME}"
 INPUT_VIDEO_BASENAME="in.h264"
 INPUT_VIDEO_PATH_LOCAL="${INPUT_VIDEO_PATH_LOCAL:-$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
-INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-/$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
+INPUT_VIDEO_PATH_REMOTE="${INPUT_VIDEO_PATH_REMOTE:-./$VIDEO_INPUT_DIR/$INPUT_VIDEO_BASENAME}"
 
 # PKI
 CA_CERT_CONF_PATH="${CA_CERT_CONF_PATH:-$VERACRUZ_PATH/workspaces/ca-cert.conf}"
@@ -63,7 +63,7 @@ RESULT_CLIENT_KEY_PATH="result_client_key.pem"
 
 POLICY_PATH="${POLICY_PATH:-policy.json}"
 
-PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/proxy_cleanup.sh}"
+PROXY_CLEANUP_SCRIPT_PATH="${PROXY_CLEANUP_SCRIPT_PATH:-$VERACRUZ_PATH/sdk/proxy_cleanup.sh}"
 
 NITRO_LOG="${NITRO_LOG:-nitro.log}"
 SERVER_LOG="${SERVER_LOG:-server.log}"
@@ -127,23 +127,16 @@ done
 echo "=============Generating policy"
 $POLICY_GENERATOR_PATH \
     --max-memory-mib 2000 \
-    --enclave-debug-mode \
-    --enable-clock \
     --proxy-attestation-server-ip $PAS_ADDRESS:$PAS_PORT \
     --proxy-attestation-server-cert $CA_CERT_PATH \
     --veracruz-server-ip $VC_SERVER_ADDRESS:$VC_SERVER_PORT \
     --certificate-expiry "$(date --rfc-2822 -d 'now + 100 days')" \
-    --pcr-file $PCR0_PATH \
-    --certificate $PROGRAM_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:w" \
-    --certificate $DATA_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DATA_DIR/:w" \
-    --certificate $VIDEO_CLIENT_CERT_PATH \
-    --capability "/$VIDEO_INPUT_DIR/:w" \
-    --certificate $RESULT_CLIENT_CERT_PATH \
-    --capability "/$PROGRAM_DIR/:x,/$OUTPUT_DIR/:r,stdout:r,stderr:r" \
-    --program-binary $PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL \
-    --capability "/$PROGRAM_DATA_DIR/:r,/$VIDEO_INPUT_DIR/:r,/program_internal/:rw,/$OUTPUT_DIR/:w,stdout:w,stderr:w" \
+    --pcr0-file $PCR0_PATH \
+    --certificate "$PROGRAM_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:w" \
+    --certificate "$DATA_CLIENT_CERT_PATH => ./$PROGRAM_DATA_DIR/:w" \
+    --certificate "$VIDEO_CLIENT_CERT_PATH => ./$VIDEO_INPUT_DIR/:w" \
+    --certificate "$RESULT_CLIENT_CERT_PATH => ./$PROGRAM_DIR/:x,./$OUTPUT_DIR/:r" \
+    --program-binary "$PROGRAM_PATH_REMOTE=$PROGRAM_PATH_LOCAL => ./$PROGRAM_DIR/:r,./$PROGRAM_DATA_DIR/:r,./$VIDEO_INPUT_DIR/:r,./program_internal/:rw,./$OUTPUT_DIR/:w" \
     --output-policy-file $POLICY_PATH || exit 1
 
 
@@ -217,22 +210,9 @@ RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH || exit 1
 
-echo "=============Querying results (stdout and stderr)"
-dump=$(RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    --result stdout=- \
-    --result stderr=- \
-    --identity $RESULT_CLIENT_CERT_PATH \
-    --key $RESULT_CLIENT_KEY_PATH \
-    -n)
-echo "$dump"
-frame_count=$(echo "$dump" | grep "^Frames:" | awk '{print $2}')
-
 echo "=============Querying results (predictions)"
-for ((i=0;i<frame_count;i++)); do
-       result_line="$result_line --result /$OUTPUT_DIR/prediction.$i.jpg=prediction.$i.jpg"
-done
 RUST_LOG=error $CLIENT_PATH $POLICY_PATH \
-    $result_line \
+    --result "./$OUTPUT_DIR/prediction.0.jpg=prediction.0.jpg" \
     --identity $RESULT_CLIENT_CERT_PATH \
     --key $RESULT_CLIENT_KEY_PATH