In the midst of the growing interest in practical ways to evolve and protect blockchains, the equipment -based approaches are ready. The role of confidence execution environments (TEE) in blockchain systems has gradually extended projects preserving confidentiality to applications that improve scalability and allow a secure calculation outside the chain. Currently, more than 50 teams are working on Blockchain projects based on Tee. In this article, Cointelegraph Research explores the technical foundations of the Tees in blockchain systems and examines the key uses of this technology.
T-shirt mechanics in blockchains
Most blockchain technologies are based on cryptography and computer distributed to maintain security. The tees add a different approach, namely material confidence.
A confidence execution environment is an isolated area within a peripheral processor designed to maintain data and codes to the test and confidential during execution. The resulting secure enclave is inaccessible to the rest of the operating system and can prove to third parties by the remote certificate which instructions it executes.
To do this, the CPU measures the computer base of trust, which includes the start -up firmware, the kernel of the operating system and the application binaries and records it in secure hardware registers. He then signs this measure using a private certificate integrated into the CPU. This produces a cryptographic certificate report that a remote verifier can check to confirm the authenticity and integrity of the enclave.
Take advantage of this confidential confidential entry confidence of the intelligent contract requires that blockchain nodes use fleas with a tee. This requirement generally applies to the nodes responsible for the transaction as well as the validation of the blocks and the calculation outside the chain. In a layer 1 configuration, the consensus nodes continue to reproduce a quantified version of the state of each contract within the framework of the major world book.
Each nodes contains a T-shirt that reproduces deciphering, clear text execution and reactivity of each transaction. This material dependence introduces a compromise between improved confidentiality and a smaller validators. Fewer people can execute nodes if specific equipment is required. However, the additional trust that this requires is partially negotiated by the T-shirts remotely attests.
An alternative design is a layer 2 diagram in which TEE calculations are not set by distributed consensus, but by a dispute settlement mechanism, as seen in the rollers. This approach uses an encryption pipeline similar to an L1 configuration but can help improve scalability. However, most layer 2 systems lose the interoperability of contracts because they are executed on distinct machines, which means that contracts cannot be called.
Tees use standard asymmetrical cryptography to obscure function calls and intelligent contract code. Function calls are encrypted with the TEE public key before being subjected to the blockchain, decrypted in the enclave and executed.
Secret Network, built with the SDK Cosmos and Intel SGX, was the first blockchain to have private intelligent contracts facilitated by the tee. Secret contracts allow developers to create confidential deffi applications, which mask contractual logic, entries, results and state, but not addresses. It also allows the creation of secret tokens, whose sales and history of transactions remain confidential and are only visible their owners or explicitly authorized intelligent contracts.
Vulnerabilities of trusted execution environments
The private execution of the intelligent contract depends on the reliability of the manufacturer of TEE equipment. Although it is doubtful that a company like Intel compromises its reputation with a targeted attack on blockchain systems, the Intel management engine (IME), an autonomous system integrated in most Intel processors since 2008, contained multiple serious vulnerabilities over the years.
TEE suppliers may be the influence of the government to introduce deadlines, comply with surveillance mandates or give access to encrypted data under national security laws. Accidental vulnerabilities could also undermine the safety of a tee. For example, Pluntervolt’s attack exploited the Dynamic Intel tension interface to induce calculation defects in SGX enclaves, which allowed attackers to bypass integrity checks and extract the keys and secrets of encrypted memory.
Private execution of intelligent contracts with t-shirts
To activate DAPPS preserving confidentiality, intelligent contracts must run in a way that maintains logic and confidential data. To read and execute the Confidential Intelligent Contract Code, T-shirts can access the required keys to decipher the data from the contract.
If these keys are never compromised, an attacker could decipher previously stored contractual data. To avoid this, confidence execution environments use the management of distributed keys which divides the control of keys on several trusted nodes and frequently runs short -term keys to limit the impact of a violation.
Ekiden was the first to design such a system, and it served as a basis for similar models on other blockchains. The most sensitive keys are managed by the KMC (Key Management Committee, which is a group of the most reliable nodes) with a threshold crypt. The actions of the committee are proactively to run which holds the part. Meanwhile, individual workers’ nodes contain short -term keys to limited access linked to specific tasks.
These keys are issued by the KMC for each contract and expire at the end of each era. To obtain a key, a worker’s knot must first prove its legitimacy at kmc via secure channels. Each KMC member then generates a key share using a pseudo-random function and transmits it to the node, which rebuilds the key once it has collected a sufficient number of actions.
If a KMC node is compromised, its access can be revoked by governance and will be excluded from future eras. This reduces the potential impact of a violation, but does not completely eliminate it. When a confidential contract is deployed, its enclave generates a new public key and publishes it on the blockchain with the contract code and the encrypted initial state.
Users who later call the contract recover this key to encrypting their entries before sending them to the calculation node. To guarantee authenticity, the node also provides a signature key linked to the enclave via the certificate when starting.
Other cases of using t-shirts in blockchains
Beyond the private execution of intelligent contracts, T-shirts can considerably improve the scalability and efficiency of blockchain. Compatible TEE nodes can safely perform intensive tasks in calculation and subject the current results. Thus, applications can discharge the general costs of calculating the blockchain layer to the environment outside of confidence. This can help reduce gas costs and increase the overall flow of the chain.
IEXEC is one of the largest decentralized computing cloud platforms that use confidence execution environments for chain calculations. He uses enclaves based on Intel SGX to unload and isolate the blockchain calculation.
An applicant, generally a smart contract or user, can buy a confidential calculation as an onchain task. The blockchain then informs the work nodes to perform the task inside a secure enclave. Before execution, the enclave generates a certificate report containing cryptographic evidence of the code and the configuration of the enclave.
This report is sent to a secret management service, which checks the integrity and authenticity of the enclave. It is only if the enclave passes this verification that the real calculation begins.
Confidence enforcement environments can also be used to provide a Blockchain infrastructure to the MEV test. Unichain, an optimistic roll on Ethereum developed by the United team and launched in October 2024, operates the T-shirts in its block generation process. Its block builder, developed in collaboration with Flashbots, uses t-shirts to build blocks in a protected enclave.
When sent to the T-shirt manufacturer, transactions are filtered, controlled by priority and grouped in flash blocks. This allows Unichain to reach block hours for 1 second, with plans to introduce sub-blocks of 250 milliseconds and improve the control of transactions. The construction of blocks inside you helps reduce the extraction of MEV because Mempool transactions remain encrypted. With these features, Unichain aims to build an designated blockchain.
Conclusion
Confidence in blockchains are gaining momentum because developers are looking for more efficient privacy solutions. T-shirts have the potential to shape the future of decentralized applications with a secure calculation at low cost and high latency. Despite their potential, t-shirts are not yet natively supported by most blockchains due to material requirements and confidence assumptions.
In the future, we expect the use cases to develop privacy preservation applications and focus on scalability solutions for blockchains and off -chain calculation for decentralized applications. This change is motivated by the emergence of DAPP more demanding in calculation, such as decentralized AI applications. T-shirts can facilitate these use cases with a low-cost and high performance chain calculation.
This article does not contain investment advice or recommendations. Each investment and negotiation movement involves risks and readers should conduct their own research when they make a decision.
This article is for general information purposes and is not intended to be and must not be considered as legal or investment advice. The points of view, the thoughts and opinions expressed here are the only of the author and do not reflect or do not necessarily represent the opinions and opinions of Cointellegraph.
Cointtelegraph does not approve of the content of this article or any product mentioned here. Readers must do their own research before taking measures related to any product or company mentioned and assume full responsibility for their decisions.
