Data clean rooms using defined access in trusted execution environment

What is claimed is: 1. A method performed by executing instructions on at least one hardware processor, the method comprising: creating an application on a data-provider platform, the application comprising one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks; sharing provider data with the application on the data-provider platform; installing, in a trusted execution environment (TEE), an application instance of the application, the application instance comprising one or more APIs corresponding to the one or more APIs in the application on the data-provider platform; sharing consumer data with the application instance from a data-consumer platform; invoking one or more of the APIs of the application instance to execute respective associated underlying code blocks on the TEE, the respective associated underlying code blocks not being visible on the TEE; and saving output of the one or more respective associated underlying code blocks to the data-consumer platform. 2. The method of claim 1 , wherein the application instance is, by default, not authorized to exfiltrate consumer data from the data-consumer platform. 3. The method of claim 1 , wherein the respective associated underlying code blocks not being visible on the TEE comprises a source code of the respective associated underlying code blocks not being visible on the TEE. 4. The method of claim 1 , wherein the saved output comprises aggregated output data. 5. The method of claim 4 , wherein the saved output does not include any of the shared provider data. 6. The method of claim 1 , wherein the saved output comprises a relation. 7. The method of claim 6 , wherein the relation includes only a subset of the consumer data that was shared with the application instance. 8. A computer system comprising: at least one hardware processor; and one or more non-transitory computer readable storage media containing instructions that, when executed by the at least one hardware processor, cause the computer system to perform operations comprising: creating an application on a data-provider platform, the application comprising one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks; sharing provider data with the application on the data-provider platform; installing, in a trusted execution environment (TEE), an application instance of the application, the application instance comprising one or more APIs corresponding to the one or more APIs in the application on the data-provider platform; sharing consumer data with the application instance from a data-consumer platform; invoking one or more of the APIs of the application instance to execute respective associated underlying code blocks on the TEE, the respective associated underlying code blocks not being visible on the TEE; and saving output of the one or more respective associated underlying code blocks to the data-consumer platform. 9. The computer system of claim 8 , wherein the application instance is, by default, not authorized to exfiltrate consumer data from the data-consumer platform. 10. The computer system of claim 8 , wherein the respective associated underlying code blocks not being visible on the TEE comprises a source code of the respective associated underlying code blocks not being visible on the TEE. 11. The computer system of claim 8 , wherein the saved output comprises aggregated output data. 12. The computer system of claim 11 , wherein the saved output does not include any of the shared provider data. 13. The computer system of claim 8 , wherein the saved output comprises a relation. 14. The computer system of claim 13 , wherein the relation includes only a subset of the consumer data that was shared with the application instance. 15. One or more non-transitory computer readable storage media containing instructions that, when executed by at least one hardware processor of a computer system, cause the computer system to perform operations comprising: creating an application on a data-provider platform, the application comprising one or more application programming interfaces (APIs) corresponding to one or more underlying code blocks; sharing provider data with the application on the data-provider platform; installing, in a trusted execution environment (TEE), an application instance of the application, the application instance comprising one or more APIs corresponding to the one or more APIs in the application on the data-provider platform; sharing consumer data with the application instance from a data-consumer platform; invoking one or more of the APIs of the application instance to execute respective associated underlying code blocks on the TEE, the respective associated underlying code blocks not being visible on the TEE; and saving output of the one or more respective associated underlying code blocks to the data-consumer platform. 16. The one or more non-transitory computer readable storage media of claim 15 , wherein the application instance is, by default, not authorized to exfiltrate consumer data from the data-consumer platform. 17. The one or more non-transitory computer readable storage media of claim 15 , wherein the respective associated underlying code blocks not being visible on the TEE comprises a source code of the respective associated underlying code blocks not being visible on the TEE. 18. The one or more non-transitory computer readable storage media of claim 15 , wherein the saved output comprises aggregated output data. 19. The one or more non-transitory computer readable storage media of claim 18 , wherein the saved output does not include any of the shared provider data. 20. The one or more non-transitory computer readable storage media of claim 15 , wherein the saved output comprises a relation. 21. The one or more non-transitory computer readable storage media of claim 20 , wherein the relation includes only a subset of the consumer data that was shared with the application instance.