diff --git a/.vitepress/sidebar.ts b/.vitepress/sidebar.ts
index 4522226..8b5a5c8 100644
--- a/.vitepress/sidebar.ts
+++ b/.vitepress/sidebar.ts
@@ -161,10 +161,6 @@ export function getSidebar() {
                 text: 'Build your first SGX app',
                 link: '/guides/build-iapp/advanced/build-your-first-sgx-iapp',
               },
-              {
-                text: 'End-to-end Encryption',
-                link: '/guides/build-iapp/advanced/protect-the-result',
-              },
               {
                 text: 'Access Confidential Assets',
                 link: '/guides/build-iapp/advanced/access-confidential-assets',
diff --git a/README.md b/README.md
index ae4e142..74f1223 100644
--- a/README.md
+++ b/README.md
@@ -173,7 +173,6 @@ please see our [CONTRIBUTING.md](CONTRIBUTING.md) guide.**
 - Refactor "advanced" section in build-iapp
 - Rework src\get-started\protocol\iexec-doracle.md (transfer to guide or
   rewrite)
-- Talk about encrypting results in use-iapp (link in outputs, iapp generator...)
 - Rework src\get-started\protocol\oracle.md (transfer to guide or rewrite)
 - Talk about iApp secret
 - Improve Guide in build-iapp section - be more clear for builder ( how to
diff --git a/src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md b/src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md
index c7b3cc4..c7a7f24 100644
--- a/src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md
+++ b/src/guides/build-iapp/advanced/build-your-first-sgx-iapp.md
@@ -560,7 +560,6 @@ to use some confidential data to get the full potential of the **Confidential
 Computing** paradigm. Check out next chapters to see how:
 
 - [Access confidential assets from your iApp](access-confidential-assets.md)
-- [Protect the result](/guides/build-iapp/advanced/protect-the-result.md)
 
 <script setup>
 import { computed } from 'vue';
diff --git a/src/guides/build-iapp/advanced/protect-the-result.md b/src/guides/build-iapp/advanced/protect-the-result.md
deleted file mode 100644
index bc232ab..0000000
--- a/src/guides/build-iapp/advanced/protect-the-result.md
+++ /dev/null
@@ -1,156 +0,0 @@
----
-title: End-to-End Encryption
-description:
-  Learn how to implement end-to-end encryption for your Confidential Computing
-  applications to protect results and ensure complete data privacy
----
-
-# Protect the result
-
-Previous tutorials showed how to build
-[Confidential Computing applications](/protocol/tee/intel-sgx) that run securely
-inside enclaves and combine them with confidential assets to get the most out of
-confidential computing advantages. This chapter pushes things further to protect
-the workflow in an end to end mode. That means the next step would be encrypting
-results.
-
-::: warning
-
-Before going any further, make sure you managed to
-[Build your first application with Scone framework](/guides/build-iapp/advanced/build-your-first-sgx-iapp.md).
-
-:::
-
-::: tip Prerequisites:
-
-- [Docker](https://docs.docker.com/install/) 17.05 or higher on the daemon and
-  client.
-- [iExec SDK](https://www.npmjs.com/package/iexec) 8.0.0 or higher.
-- Familiarity with the basic concepts of [Intel® SGX](/protocol/tee/intel-sgx)
-  and [SCONE](https://scontain.com) framework.
-
-:::
-
-::: info
-
-You don't need to change your application's code or redeploy it to add this
-feature.
-
-:::
-
-Assuming your application is deployed (if not please check how to do it
-[with Scone](/guides/build-iapp/advanced/build-your-first-sgx-iapp.md#deploy-the-tee-app-on-iexec)),
-before triggering an execution you need to generate an RSA key-pair, then push
-the public key to the [Secret Management Service](/protocol/tee/intel-sgx). The
-latter, in turn, will provide it, at runtime, to the enclave running your
-Confidential Computing application.
-
-To generate the key-pair, go to `~/iexec-projects` and use the following SDK
-command:
-
-Make sure your
-[`chain.json`](/guides/build-iapp/advanced/build-your-first-sgx-iapp.md#update-chain-json)
-content is correct.
-
-```bash
-iexec result generate-encryption-keypair
-```
-
-This generates two files in `.secrets/beneficiary/`. Make sure to back up the
-private key in the file `<0x-your-wallet-address>_key`.
-
-```bash
-.secrets
-├── beneficiary
-│   ├── <0x-you-wallet-address>_key
-│   └── <0x-you-wallet-address>_key.pub
-...
-```
-
-Now, push the public key to the SMS:
-
-```bash twoslash
-iexec result push-encryption-key --tee-framework --chain {{chainName}} scone
-```
-
-And check it using:
-
-```bash twoslash
-iexec result check-encryption-key --tee-framework --chain {{chainName}} scone
-```
-
-Now to see that in action, you'd need to trigger a task and specify yourself as
-the beneficiary in the command:
-
-```bash twoslash
-iexec app run <0x-your-app-address> \
-    --chain {{chainName}}
-    --workerpool {{workerpoolAddress}} \
-    --tag tee,scone \
-    --encrypt-result \
-    --watch
-```
-
-Wait for the task to be `COMPLETED` and download the result:
-
-```bash twoslash
-iexec task show --chain {{chainName}} <0x-your-task-id> --download
-```
-
-If you extract the obtained zip and try to read the content of the file
-`iexec_out/result.zip.aes` you will find it encrypted:
-
-```bash
-mkdir /tmp/trash && \
-    unzip <0x-your-task-id>.zip -d /tmp/trash && \
-    cat /tmp/trash/iexec_out/result.zip.aes
-```
-
-`iexec_out/result.zip` :
-
-```bash
-)3XqYvȿzEfRu<\ݵmm疞rc(a{{'ܼ͛q/[{Ht>hgD$g\.kj"s?"
hJ_Q41_[{XԚa蘟vEr肽
-Յ]9WTL*
-          tdzO`!e&snoL3K6L9%
-```
-
-Now you should decrypt the result by running:
-
-```bash
-iexec result decrypt <0x-your-task-id.zip>
-```
-
-A new zip file appears in the current folder under the name `results.zip`.
-Eventually, unzip it:
-
-```bash
-unzip results.zip -d my-decrypted-result
-```
-
-And you can see the content of your result file:
-
-```bash
-$ cat my-decrypted-result/result.txt
-Hello, world!
-```
-
-Voilà! By finishing this part, you should be able to use confidential computing
-on iExec like a Ninja. All parts of the workflow are protected: the execution,
-the dataset, and the result.
-
-You can go to the advanced section and learn more about managing orders on the
-iExec to effectively monetize your applications and datasets.
-
-<script setup>
-import { computed } from 'vue';
-import useUserStore  from '@/stores/useUser.store';
-import {getChainById} from '@/utils/chain.utils';
-
-// Get current chain info
-const userStore = useUserStore();
-const selectedChain = computed(() => userStore.getCurrentChainId());
-
-const chainData = computed(() => getChainById(selectedChain.value));
-const chainName = computed(() => chainData.value.chainName);
-const workerpoolAddress = computed(() => chainData.value.workerpoolAddress);
-</script>
diff --git a/src/guides/build-iapp/outputs.md b/src/guides/build-iapp/outputs.md
index b3541f5..0fb9433 100644
--- a/src/guides/build-iapp/outputs.md
+++ b/src/guides/build-iapp/outputs.md
@@ -145,5 +145,3 @@ Continue building with these guides:
   Control who can use your iApp
 - **[Debugging Your iApp](/guides/build-iapp/debugging)** - Troubleshoot
   execution issues
-- **[How to Get and Decrypt Results](/guides/use-iapp/getting-started)** -
-  User-side result handling
diff --git a/src/guides/use-iapp/run-iapp-without-ProtectedData.md b/src/guides/use-iapp/run-iapp-without-ProtectedData.md
index 36d35ed..00211f0 100644
--- a/src/guides/use-iapp/run-iapp-without-ProtectedData.md
+++ b/src/guides/use-iapp/run-iapp-without-ProtectedData.md
@@ -200,3 +200,140 @@ const taskId = await iexec.order.matchOrders({
   workerpoolorder: workerpoolOrders.orders[0].order,
 });
 ```
+
+## 🔐 Encrypt Results (Advanced)
+
+::: info
+
+DataProtector handles encryption automatically If you're using DataProtector,
+result encryption is handled automatically. This section is only needed for
+manual encryption when not using DataProtector.
+
+:::
+
+Secure your outputs with end‑to‑end encryption so only you (the beneficiary) can
+read them. Results leave the enclave and may traverse untrusted storage and
+networks; encryption ensures nobody else (operators, storage providers,
+intermediaries) can access the content.
+
+### 1) Generate your encryption key pair
+
+The beneficiary key pair is the root of trust for result confidentiality. The
+public key will be used inside the TEE to encrypt results for the beneficiary;
+the private key stays with the beneficiary to decrypt them locally.
+
+Run from your iExec project directory:
+
+```bash
+iexec result generate-encryption-keypair
+```
+
+This creates two files in `.secrets/beneficiary/`:
+
+```
+.secrets/
+└─ beneficiary/
+   ├─ <0x-your-wallet-address>_key       # PRIVATE KEY (keep safe)
+   └─ <0x-your-wallet-address>_key.pub   # PUBLIC KEY
+```
+
+Back up the private key securely. You will only need it locally to decrypt
+results.
+
+### 2) Push your public key to the SMS
+
+The Secret Management Service securely delivers your public key, at runtime, to
+the enclave running your iApp. Without this, the iApp cannot encrypt outputs for
+you.
+
+Make the public key available to TEEs at runtime:
+
+```bash
+iexec result push-encryption-key --tee-framework scone
+```
+
+Verify it:
+
+```bash
+iexec result check-encryption-key --tee-framework scone
+```
+
+### 3) Run the iApp with encrypted results
+
+The --encrypt-result flag instructs the platform to perform envelope encryption
+inside the enclave using your public key, so the archive that leaves the TEE is
+unreadable to others.
+
+Trigger a task and request encrypted outputs:
+
+```bash
+iexec app run <0x-app-address> \
+  --workerpool <0x-workerpool-address> \
+  --tag tee,scone \
+  --encrypt-result \
+  --watch
+```
+
+When completed, download the results archive:
+
+```bash
+iexec task show <0x-task-id> --download
+```
+
+Inside the archive, `iexec_out/result.zip.aes` is encrypted.
+
+Note: Results are encrypted for the task beneficiary. Ensure the beneficiary
+address is yours to be able to decrypt the archive.
+
+If you extract the archive and try to read the encrypted file, you'll see
+unreadable content:
+
+```bash
+mkdir /tmp/trash && \
+    unzip <0x-your-task-id>.zip -d /tmp/trash && \
+    cat /tmp/trash/iexec_out/result.zip.aes
+```
+
+The output will look like:
+
+```bash
+)3XqYvzEfRu<\ݵmm疞rc(a{{'ܼ͛q/[{hgD$g\.kj"s?"hJ_Q41_[{XԚa蘟vEr肽
+Յ]9WTL*tdzO`!e&snoL3K6L9%
+```
+
+This confirms the results are properly encrypted and unreadable without the
+private key.
+
+### 4) Decrypt results locally
+
+Results are encrypted end‑to‑end; only your private key can decrypt them. This
+step restores the plaintext so you can use the output files.
+
+Use your private key generated in step 1:
+
+```bash
+iexec result decrypt iexec_out/result.zip.aes
+```
+
+This produces `results.zip`. Extract it to view plaintext outputs:
+
+```bash
+unzip results.zip -d my-decrypted-result
+```
+
+And you can see the content of your result file:
+
+```bash
+$ cat my-decrypted-result/result.txt
+Hello, world!
+```
+
+Your results are now decrypted and ready to use.
+
+### Notes and tips
+
+- Keep the private key offline and backed up.
+- You can rotate keys by re-running generation and push steps; old tasks remain
+  decryptable with the old private key.
+- iApp code does not need changes to enable result encryption; it is enforced by
+  the TEE using the public key from SMS.