TEEs: Scaling & Securing Blockchain Applications
Trusted Execution Environments: Enhancing Blockchain Security and Scalability
Hardware-based approaches are gaining traction as a practical solution for scaling and securing blockchains. Trusted Execution Environments (TEEs) are playing an increasingly important role, extending beyond privacy-preserving projects to enhance scalability and enable secure off-chain computation. Currently, over 50 teams are actively developing TEE-based blockchain projects. Cointelegraph Research examined the technical foundations and key applications of TEEs in blockchain systems, with the rewrite and edits made by Codeum.
How TEEs Work in Blockchains
While most blockchain technology relies on cryptography and distributed computing for security, TEEs introduce hardware-level trust.
A Trusted Execution Environment is an isolated area within a processor designed to keep data and code tamper-proof and confidential during execution. This secure enclave is inaccessible to the operating system and can prove its operations to third parties through remote attestation.
The CPU measures the Trusted Computing Base (boot firmware, OS kernel, and application binaries), saves it in secure hardware registers, and signs this measurement using a private attestation key embedded in the CPU. This generates a cryptographic attestation report that a remote verifier can check to confirm the enclave’s authenticity and integrity.
Layer 1 vs. Layer 2 Implementations
Leveraging hardware-level trust for confidential smart contract execution requires that blockchain nodes use chips with a TEE, particularly nodes responsible for transaction and block validation, and off-chain computation. In a Layer-1 setup, consensus nodes replicate an encrypted version of each contract’s state as part of the global ledger. Each node's TEE replicates the decryption, plaintext execution, and re-encryption of every transaction.
This hardware dependence introduces a trade-off between enhanced privacy and a smaller validator set. While requiring specific hardware limits the number of potential node operators, the remote attestation provided by TEEs partially offsets this concern.
An alternative is a Layer-2 scheme where TEE computations are secured by a dispute resolution mechanism, similar to rollups. This approach uses a similar encryption pipeline to an L1 setup but can improve scalability. However, most Layer-2 systems lose contract interoperability due to execution on separate machines.
TEEs use standard asymmetric cryptography to obfuscate function calls and smart contract code. Function calls are encrypted with the TEE’s public key before submission to the blockchain, then decrypted and executed within the enclave.
Secret Network, built with the Cosmos SDK and Intel SGX, pioneered private smart contracts facilitated by TEEs. Secret Contracts enable the development of confidential DeFi applications, hiding contract logic, inputs, outcomes, and state (excluding addresses). It also allows for Secret Tokens, where balances and transaction history remain confidential, visible only to owners or authorized smart contracts.
Vulnerabilities of TEEs
Private smart contract execution relies on the trustworthiness of the TEE hardware manufacturer. While a targeted attack by a corporation like Intel is unlikely, the Intel Management Engine (IME), embedded in most Intel CPUs since 2008, has faced multiple serious vulnerabilities.
TEE vendors may face government pressure to introduce backdoors or comply with surveillance mandates. Accidental vulnerabilities can also compromise TEE security. The Plundervolt attack, for example, exploited Intel’s dynamic voltage interface to induce computation faults inside SGX enclaves, enabling attackers to bypass integrity checks and extract keys and secrets from encrypted memory. Codeum offers services designed to find these vulnerabilities before they are exploited, ensuring robust security.
Private Smart Contract Execution with TEEs
To enable privacy-preserving DApps, smart contracts must execute in a way that keeps both logic and data confidential. TEEs can access the keys needed to decrypt contract data to read and run confidential smart contract code.
Compromised keys could allow attackers to decrypt previously stored contract data. To mitigate this, TEEs use distributed key management, splitting key control across multiple trusted nodes and frequently rotating short-term keys to limit the impact of a breach.
Ekiden pioneered such a system, serving as a foundation for similar models on other blockchains. The most sensitive keys are managed by a key-management committee (KMC) using threshold cryptography. The committee’s shares are proactively reshared to rotate who holds which share. Individual worker nodes hold limited-access, short-lived keys tied to specific tasks.
These keys are issued by the KMC for each contract and expire at the end of every epoch. To obtain a key, a worker node must prove its legitimacy to the KMC through secure channels. Each KMC member then generates a key share using a pseudo-random function and transmits it to the node, which reconstructs the full key after collecting enough shares.
Compromised KMC nodes can be revoked through governance, excluding them from future epochs, reducing the potential impact of a breach. When deploying a confidential contract, its enclave generates a fresh public key and publishes it on the blockchain along with the contract code and encrypted initial state.
Users retrieve this key to encrypt their inputs before sending them to the compute node. The node also provides a signing key bound to the enclave via attestation when it starts up, ensuring authenticity.
Other Uses of TEEs in Blockchains
Beyond private smart contract execution, TEEs can improve blockchain scalability and efficiency. TEE-enabled nodes can securely execute computationally intensive tasks off-chain and submit the results on-chain, reducing gas costs and increasing overall throughput.
iExec is a decentralized cloud computing platform using TEEs for off-chain computations. It uses Intel SGX-based enclaves to offload and isolate computation from the blockchain.
A requester, such as a smart contract or user, can purchase a confidential computation as a task on-chain. The blockchain notifies worker nodes to execute the task inside a secure enclave. Before execution, the enclave generates an attestation report containing cryptographic evidence of the enclave’s code and configuration.
This report is sent to a Secret Management Service, which verifies the enclave’s integrity and authenticity before computation begins.
Trusted execution environments can also provide MEV-resistant blockchain infrastructure. Unichain, an optimistic rollup on Ethereum developed by the Uniswap team and launched in October 2024, uses TEEs in its block-generation process. Its block builder, developed with Flashbots, constructs blocks within a protected enclave.
Transactions routed to the TEE builder are filtered, priority-ordered, and bundled into Flashblocks, allowing Unichain to achieve 1-second block times, with plans for 250-millisecond sub-blocks and improved transaction ordering. Building blocks within TEEs helps reduce MEV extraction by keeping mempool transactions encrypted. Unichain aims to build a DeFi-designated blockchain with these features.
Conclusion
Trusted execution environments are gaining momentum in blockchains as developers seek more efficient privacy solutions. TEEs can shape the future of decentralized applications with low-cost and high-latency secure computation. However, hardware requirements and trust assumptions mean that TEEs are not yet natively supported by most blockchains.
Expect TEE use cases to expand from privacy-preserving applications to scalability solutions for blockchains and off-chain computation for decentralized applications. This shift is driven by computationally demanding DApps, such as decentralized AI applications, where TEEs may facilitate low-cost, high-performance off-chain computation.