In some devices utilizing trusted execution environments, sensitive portions of an application may be executed and/or stored in a secure environment, called an enclave, to protect both code and data from compromise. An application such as a distributed ledger that supports data objects, such as private, smart contracts, may use these enclaves to preserve confidentiality of the data object by encrypting the state of the data object within the enclave. To accomplish this, the enclave may generate encryption keys that can be saved in local, secured storage provided by a secure platform, such as Software Guard Extensions (SGX), in one example. While distributed ledger technology has enabled the sharing of data objects between parties, current implementations may not allow private sharing, and may be limited in the permissions given to shared data objects. Thus, improved techniques for sharing data objects are desired.