Enclave pool shared key

I claim: 1. An apparatus, comprising: a device including at least one memory adapted to store run-time data for the device, and at least one processor that is adapted to execute processor-executable code that, in response to execution, enables the device to perform actions, including: forming an enclave pool, wherein the enclave pool includes a plurality of enclaves, wherein the enclaves are secure execution environments, and wherein each enclave of the enclave pool has an enclave key pair including a private enclave key and a public enclave key; generating a shared enclave pool key that is derived from the public enclave key of each enclave of the enclave pool; allocating a first enclave of the enclave pool to a first cryptlet; receiving a payload of the first enclave such that the payload of the first enclave has a first digital signature by the private enclave key of the first enclave; allocating a second enclave of the enclave pool to the first cryptlet; receiving a payload of the second enclave such that the payload of the second enclave has a second digital signature by the private enclave key of the second enclave; and validating, via the shared enclave pool key, the first digital signature and the second signature. 2. The apparatus of claim 1 , the actions further comprising: allocating a third enclave of the enclave pool to the first cryptlet; receiving a payload of the third enclave such that the payload of the third enclave has a third digital signature by the private enclave key of the third enclave; and further validating, via the shared enclave pool key, the third digital signature. 3. The apparatus of claim 1 , the actions further comprising: adding a new enclave to the enclave pool to form an updated enclave pool; and generating a new shared enclave pool key from the public enclave key of each enclave of the updated enclave pool, wherein validating the first digital signature and the second digital signature include validating the first digital signature and the second digital against the shared enclave key, and if no match is found, validating the first digital signature and the second digital against the new shared enclave key. 4. The apparatus of claim 1 , the actions further comprising: removing an enclave from the enclave pool to form an updated enclave pool; and generating a new shared enclave pool key from the public enclave key of each enclave of the updated enclave pool, wherein validating the first digital signature and the second digital signature include validating the first digital signature and the second digital against the shared enclave key, and if no match is found, validating the first digital signature and the second digital against the new shared enclave key. 5. The apparatus of claim 1 , wherein the enclaves of the plurality of enclaves are private, tamper-resistant execution environments that are secure from external interference. 6. The apparatus of claim 1 , wherein each enclave of the plurality of enclaves is at least one of a Virtual Secure Machine or a secure hardware enclave. 7. The apparatus of claim 1 , wherein the enclaves of the plurality of enclaves are secure execution environments in which code can be run in an isolated, private environment and for which results of the secure execution are capable of being attested to have run unaltered and in private. 8. The apparatus of claim 1 , wherein the first enclave is a hardware enclave, and wherein the private key of the first enclave is etched in silicon. 9. A processor-readable storage medium, having stored thereon process-executable code that, upon execution by at least one processor, enables actions, comprising: creating an enclave pool, wherein the enclave pool includes a plurality of enclaves, the enclaves are secure execution environments, and wherein each enclave of the enclave pool stores an enclave key pair including a private enclave key and a public enclave key; receiving the public enclave key of each enclave of the enclave pool; generating a shared enclave pool key that is based upon the public enclave key of each enclave of the enclave pool; assigning a first enclave of the enclave pool to a first cryptlet; receiving a payload of the first enclave such that the payload of the first enclave has a first signature by the private enclave key of the first enclave; assigning a second enclave of the enclave pool to the first cryptlet; receiving a payload of the second enclave such that the payload of the second enclave has a second signature by the private enclave key of the second enclave; and using the shared enclave pool key to validate the first signature and the second signature. 10. The processor-readable storage medium of claim 9 , the actions further comprising: allocating a third enclave of the enclave pool to the first cryptlet; receiving a payload of the third enclave such that the payload of the third enclave has a third digital signature by the private enclave key of the third enclave; and further validating, via the shared enclave pool key, the third digital signature. 11. The processor-readable storage medium of claim 9 , the actions further comprising: adding a new enclave to the enclave pool to form an updated enclave pool; and generating a new shared enclave pool key from the public enclave key of each enclave of the updated enclave pool, wherein validating the first digital signature and the second digital signature include validating the first digital signature and the second digital against the shared enclave key, and if no match is found, validating the first digital signature and the second digital against the new shared enclave key. 12. The processor-readable storage medium of claim 9 , the actions further comprising: removing an enclave from the enclave pool to form an updated enclave pool; and generating a new shared enclave pool key from the public enclave key of each enclave of the updated enclave pool, wherein validating the first digital signature and the second digital signature include validating the first digital signature and the second digital against the shared enclave key, and if no match is found, validating the first digital signature and the second digital against the new shared enclave key. 13. The processor-readable storage medium of claim 9 , wherein each enclave of the plurality of enclaves is at least one of a Virtual Secure Machine or a secure hardware enclave. 14. The processor-readable storage medium of claim 9 , wherein the first enclave is a hardware enclave, and wherein the private key of the first enclave is etched in silicon. 15. A method, comprising: forming an enclave pool, wherein the enclave pool includes a plurality of enclaves, wherein the enclaves are secure execution environments, and wherein each enclave of the enclave pool has an enclave key pair including a private enclave key and a public enclave key; generating a shared enclave pool key that is derived from the public enclave key of each enclave of the enclave pool; allocating a first enclave of the enclave pool to a first cryptlet; receiving a payload of the first enclave such that the payload of the first enclave has a first digital signature by the private enclave key of the first enclave; allocating a second enclave of the enclave pool to the first cryptlet; receiving a payload of the second enclave such that the payload of the second enclave has a second digital signature by the private enclave key of the second enclave; and validating, via the shared enclave pool key, the first digital signature and the second signature. 16