Written by: Oliver Jaros, Analyst at CMT Digital, and Shlok Khemani, decentralised.co
Translated by: Yangz, Techub News
Uber’s San Francisco headquarters is similar to most tech companies, with an open floor plan where employees can move freely and share their ideas. However, in the center of the main floor, there is a room that few employees go to. The metal and glass exterior, a switch that turns clear glass opaque, and the frequent presence of security personnel make this room seem very mysterious. This is Uber’s "war room," a space that operates 24/7 and is mainly used for executives to brainstorm solutions to the biggest problems facing the company.
To maintain confidentiality, the room is strictly open on a "need to know" basis. This confidentiality is necessary, as Uber needs to compete fiercely with rivals around the world to dominate the ride-hailing market, and rivals won't miss any opportunity to leak their strategies. What happens in the war room stays in this room.
a16z This practice of setting up private cubicles within otherwise accessible spaces is common. Apple places designated teams in additional buildings separate from its headquarters when it’s working on secret projects. The Capitol and other U.S. government buildings have sensitive information facilities (SCIFs) that provide soundproof walls and electromagnetic shielding for sensitive discussions. We also have safes in our own homes or hotel rooms. Secure Enclaves have extended beyond the physical world. Today, we primarily store data and process information through computers. As our dependence on silicon-based machines continues to grow, so does the risk of attack and breaches. Like Uber’s war room, computers need an isolated space to store the most sensitive data and perform critical calculations. This space is called a Trusted Execution Environment (TEE).
While TEE has become a buzzword in the cryptocurrency industry, its purpose and functionality are often misunderstood. With this article, we hope to change that. Here, we’ll explain everything you need to know about TEEs, including what they are, why they’re important, how we use them every day, and how they can help build better Web3 applications.
TEEs are everywhere
First, let’s take a look at the definition of TEE. TEE is a dedicated secure area within the device’s main processor that ensures the confidentiality of the data and code being processed. TEE provides an isolated execution environment independent of the main operating system and is critical to maintaining data security for applications that process sensitive information. TEE mainly provides two types of guarantees.
Isolated execution: TEE runs code in an isolated environment. This means that even if the main operating system is compromised, the code and data in the TEE remain secure.
Memory encryption: Data processed within the TEE is encrypted. This ensures that even if an attacker has access to the physical memory, they cannot decipher sensitive information stored in the TEE.
To understand the importance of TEE, the iPhone, the device you are probably reading this article on, is a good example. FaceID has become the primary way for iPhone to authenticate user access to the device. In a few hundred milliseconds, the following process is carried out inside the device:
First, a dot projector casts a pattern of more than 30,000 invisible infrared (IR) dots onto the user's face. An IR camera captures this pattern and an IR image of the face. In low-light conditions, a flood illuminator improves visibility.
Next, a processor takes this raw data and creates a mathematical model of the face, including depth data, outlines, and unique features.
Finally, the mathematical model is compared with the model stored when FaceID was initially set up. If the model is accurate enough, a "success" signal is sent to the iOS system and the device is unlocked. If the comparison fails, the device will remain locked.
FaceID is not only used to unlock devices, but also to authenticate other actions, such as logging into apps and making payments. Therefore, any security breach can have serious consequences. If the model creation and matching process is compromised, non-device owners can unlock the device, access the owner's personal data, and conduct fraudulent financial transactions.
If an attacker manages to extract the stored mathematical model of a user’s face, it would result in the theft of biometric data and a serious privacy violation. Of course, Apple was methodical in its implementation of FaceID. All processing and storage happens through The Secure Enclave, an independent processor built into the iPhone and other Apple devices that functions isolated from other memory and processes. It’s designed so that an attacker cannot access it even if the rest of the device is compromised. In addition to biometrics, it also stores and protects a user’s payment information, passwords, keychain, and health data.
Apple’s The Secure Enclave is just one example of a TEE. Since most computers process sensitive data and computations, nearly all processor manufacturers now offer some form of TEE. Intel offers Software Guard Extensions (SGX), AMD has the AMD Secure Processor, ARM has TrustZone, Qualcomm offers Secure Foundation, and Nvidia’s latest GPUs come with confidential computing capabilities. TEEs also come in software variants. For example, AWS Nitro Enclaves allows users to create isolated computing environments to protect and process highly sensitive data within Amazon’s regular EC2 instances.
Similarly, Google Cloud and Microsoft Azure also offer confidential computing. Apple also recently announced Private Cloud Compute, a cloud intelligence system designed to privately process AI requests that devices cannot service locally. Similarly, OpenAI is also developing secure infrastructure for AI cloud computing. TEEs are exciting in part because they are ubiquitous in personal computers and cloud service providers. It enables developers to create apps that benefit from users' sensitive data without worrying about data leaks and security vulnerabilities. It also directly improves the user experience through innovations such as biometric authentication and passwords. So, what does all this have to do with cryptocurrency?
Remote Attestation
TEE makes it possible for computations that cannot be tampered with by outsiders, and blockchain technology can provide similar computational guarantees. Smart contracts are essentially computer code that, once deployed, execute automatically and cannot be changed by external participants. However, there are some limitations to running computations on the blockchain:
Compared to regular computers, blockchains have limited processing power. For example, a block on Ethereum is generated every 12 seconds and can only hold up to 2 MB of data. That’s less than the capacity of a floppy disk, which is an outdated technology. While blockchains are getting faster and more powerful, they still can’t execute complex algorithms, like the one behind FaceID.
Blockchain lacks native privacy. All ledger data is visible to everyone, making it unsuitable for applications that rely on private information such as personal identity, bank balances, credit scores, and medical history.
TEEs do not have these limitations. While TEEs are slower than regular processors, they are still orders of magnitude faster than blockchains. In addition, TEEs are inherently privacy-preserving and encrypt all processed data by default. Of course, on-chain applications that require privacy and greater computing power can benefit from the complementary capabilities of TEEs. However, blockchains are highly trusted computing environments, and every data point on the ledger should be traceable to its source and replicated across numerous independent computers. In contrast, TEE processes occur in local physical or cloud environments. So, we need a way to combine these two technologies, which requires remote verification.
The TEE generates a report containing information about its state and the code running inside it.
The report is cryptographically signed using a key that only the real TEE hardware can use.
The signed report is sent to the remote verifier.
The verifier checks the signature to ensure that the report is coming from the real TEE hardware. It then checks the report content to confirm that the expected code is running and has not been modified.
If verification succeeds, the remote party can trust the TEE and the code running inside it.
To combine blockchain with TEE, these reports can be published on the chain and verified by designated smart contracts. So, how does TEE help us build better cryptocurrency applications?
Practical use cases of TEE in blockchain
As the "leader" in Ethereum's MEV infrastructure, Flashbot's solution MEV-boost separates block proposers from block builders and introduces a trusted entity intermediary called a "relay" between the two. The relayer verifies the validity of the block, conducts auctions to select the winning block, and prevents validators from taking advantage of MEV opportunities discovered by builders.
MEV-Boost Architecture
However, problems still arise if relayers are centralized, such as three relayers processing more than 80% of the blocks. As outlined in this blog post, this centralization presents the risk of relayers censoring transactions, colluding with builders to give certain transactions priority over others, and the risk that relayers themselves could steal MEV.
So why don’t smart contracts implement relay functionality directly? First, relay software is too complex to run directly on the chain. In addition, relayers are used to keep inputs (blocks created by builders) private to prevent MEV from being stolen. TEE can solve this problem very well. By running the relay software in TEE, the relayer can not only keep the input blocks private, but also prove that the winning block was selected fairly without collusion. Currently, SUAVE (under testing) being developed by Flashbots is a TEE-driven infrastructure. Recently, this magazine and CMT Digital discussed how solver networks and intents can help chains abstract and solve user experience problems for cryptocurrency applications. We both mentioned such a solution, namely the order flow auction, which is a generalized version of the auction conducted in MEV boost, and TEE can improve the fairness and efficiency of these order flow auctions.
In addition, TEE is also very helpful for DePIN applications. DePIN is a network of devices that contribute resources (such as bandwidth, computing, energy, mobile data or GPU) in exchange for token rewards, so the supply side has every incentive to cheat the system by changing the DePIN software, for example, showing repeated contributions from the same device to earn more rewards. However, as we have seen, most modern devices have some form of built-in TEE. DePIN projects can require the generation of proof of the device's unique identifier created through the TEE to ensure that the device is authentic and runs the expected security software, thereby remotely verifying that the contribution is legitimate and secure. Bagel is a data DePIN project that is exploring the use of TEE. In addition, TEE also plays an important role in the Passkey technology that Joel recently discussed. Passkey is an authentication mechanism that stores private keys in the TEE of a local device or cloud solution. Users do not need to manage mnemonics, support cross-platform wallets, allow social and biometric authentication, and simplify the key recovery process. Clave and Capsule use the technology for embedded consumer wallets, while hardware wallet company Ledger uses TEEs to generate and store private keys. CMT Digital-invested Lit Protocol provides decentralized signing, encryption, and computation infrastructure for developers of applications, wallets, protocols, and AI agents. The protocol uses TEEs as part of its key management and computation network. There are other variations of TEEs as well. As generative AI advances, it’s becoming increasingly difficult to distinguish between AI-generated images and real images. To this end, large camera manufacturers such as Sony, Nikon, and Canon are integrating technology that assigns digital signatures to captured images in real time. They are also providing infrastructure for third parties to check the provenance of images by verifying proofs. While this infrastructure is currently centralized, we expect these proofs to be verified on-chain in the future.
Last week, I wrote about how zkTLS can bring Web2 information to Web3 in a verifiable way. We discussed two approaches to using zkTLS, including multi-party computation (MPC) and proxies. TEEs offer a third approach, where server connections are handled in a secure enclave on the device and proofs of computations are published on-chain. Clique is a project that is implementing TEE-based zkTLS. Additionally, Ethereum L2 solutions Scroll and Taiko are experimenting with multi-proof approaches that aim to integrate TEEs with ZK proofs. TEEs can generate proofs faster and more cost-effectively without increasing finality time. They complement ZK proofs by increasing the diversity of proof mechanisms and reducing errors and vulnerabilities.
"Rose has thorns"
While TEEs are versatile and have been applied to various areas of cryptocurrency, adopting the technology is not without its challenges. Builders adopting TEEs are encouraged to keep some of these points in mind. First, the main consideration is that TEEs require a trusted setup. This means that developers and users must trust that the device manufacturer or cloud provider will uphold security assurances and will not have (or provide external actors such as governments) a backdoor into the system. Another potential issue is side-channel attacks (SCA). Imagine a multiple-choice test in a classroom where you can’t see anyone’s test paper, but you can observe how long your classmates take to choose different answers. Side-channel attacks work in a similar way. Attackers use indirect information such as power consumption or timing changes to infer sensitive data processed within the TEE. Mitigating these vulnerabilities requires careful implementation of cryptographic operations and constant-time algorithms to minimize observable changes in the execution of TEE code. TEEs such as Intel SGX have been shown to have vulnerabilities.
The 2020 SGAxe attack exploited a vulnerability in Intel SGX to extract cryptographic keys from secure enclaves, potentially exposing sensitive data in cloud environments. In 2021, researchers demonstrated the “SmashEx” attack, which can cause an SGX enclave to crash and potentially leak confidential information. The “Prime+Probe” technique is also a side-channel attack that can extract cryptographic keys from SGX peripherals by observing cache access patterns. All of these examples highlight the cat-and-mouse game between security researchers and potential attackers. One reason most servers in the world use Linux is its strong security. This is due to its open source nature and the thousands of programmers who continuously test the software and address vulnerabilities that arise. The same approach applies to hardware. OpenTitan is an open source project that aims to make the Silicon Root of Trust (RoT, another term for TEE) more transparent, trusted, and secure.
Future Outlook
In addition to TEEs, there are several other privacy-preserving technologies available to builders, such as zero-knowledge proofs, multi-party computation, and fully homomorphic encryption. A comprehensive comparison of these technologies is beyond the scope of this article, but TEEs have two distinct advantages. The first is its ubiquity. While the infrastructure for other technologies is still nascent, TEEs have become mainstream and integrated into most modern computers, reducing technical risk for founders looking to leverage privacy technologies. Second, TEEs have much lower processing overhead than other technologies. While this feature involves security tradeoffs, it is a practical solution for many use cases. Finally, if you are considering whether TEEs are right for your product, ask yourself the following questions:
Does the product require complex off-chain computations to be proven on-chain?
Do application inputs or key data points need to be kept private?
However, it is important to note that users are adopting these applications not because they use TEE, but because they are excellent products that solve real problems. We have seen this trend in wallets such as Capsule, which has a greatly improved user experience compared to browser wallets. Many DePIN projects may only use TEE for authentication rather than as part of their core product, but they will also accumulate huge value. With each passing week, we are more confident that "we are in the transition from fat protocol theory to fat application theory". We hope that technologies such as TEE can also follow this trend. The timeline on X will not tell you this, but as technologies such as TEE mature, the cryptocurrency field will usher in unprecedented exciting times.
Author: TechubNews; from the ChainDD content open platform "DeDeHao", this article only represents the author's point of view, not the official position of ChainDD. For all "DeDeHao" articles, the originality and authenticity of the content are guaranteed by the contributors. If the article is plagiarized, falsified, etc., the legal consequences will be borne by the contributors themselves. If there are any infringements, violations, or other inappropriate remarks on the DeDeHao platform, please supervise the readers. Once confirmed, the platform will be offline immediately. If you encounter any problems with the content of the article, please contact WeChat: chaindd123
