DEV Community

Cover image for Unlocking Confidentiality: TEEs and FHE in Web3, Featuring Oasis Network's Pioneering Role with TEE
amio
amio

Posted on

Unlocking Confidentiality: TEEs and FHE in Web3, Featuring Oasis Network's Pioneering Role with TEE

#blockchain #web3

The blockchain landscape, celebrated for its transparency and trustless nature, faces a critical challenge: a fundamental lack of privacy. While the public ledger fosters trust and verifiable transactions, it simultaneously exposes sensitive data, hindering the adoption of blockchain technology in numerous high-value use cases. Imagine your entire financial history, voting record, or even a poker hand being publicly visible, this inherent transparency, while beneficial for some applications, becomes a nightmare for others requiring confidentiality. This deficiency has kept crypto in chains, preventing it from fulfilling its full potential. However, a new era of "Privacy 2.0" is emerging, driven by advanced privacy-enhancing technologies (PETs) like Fully Homomorphic Encryption (FHE) and Trusted Execution Environments (TEEs), along with Multi-Party Computation (MPC), promising to unlock new economies and applications through what is termed shared private state.

The Pervasive Problem: Fragmented Privacy and Data Vulnerability

Privacy in crypto is currently fragmented, incomplete, and stuck in its early phases. Phase 1, characterized by "special-purpose privacy" tools like mixers and shielded transactions (e.g., zk-SNARKs, Monero’s ring signatures), offers financial privacy but operates as isolated solutions, failing to address broader privacy needs or integrate into a unified system. Phase 2 introduced "Private State," leveraging Zero-Knowledge Proofs (ZKPs) for verifiable computations on private data, enabling programmable privacy within individual applications and blockchains, as seen with Aztec and Aleo. However, this phase remains limited; privacy is siloed, preventing collaborative, multi-party use cases and restricting composability and interoperability.

The true paradigm shift - Phase 3, or Shared Private State (Privacy 2.0) extends privacy to full-spectrum blockchain interactions, enabling advanced use cases like dark pools, private AI model training, and monetizable, privacy-preserving computation. Without this shared private state, crypto privacy remains insufficient for the complex demands of a digital-first world.

The stakes are high. Data breaches are not isolated incidents but symptoms of fundamentally flawed computation and storage systems that expose data during processing. The vulnerability is magnified in transparent blockchains, making critical industries hesitant to adopt the technology despite its potential. Modern AI platforms and cloud services also face similar risks, leading companies to restrict their adoption due to fears of data exploitation. Solving this privacy gap is not just about preventing breaches; it's about unlocking entirely new industries and use cases that were once unimaginable.

Critical applications demanding enhanced privacy include:

Dark pools and private trading strategies: Confidentiality is crucial for protecting trading strategies in dark pools, which constitute a significant portion of U.S. spot trading volume, a need blockchains alone cannot meet.
Confidential AI: The inability to perform private AI training, inferencing, and use private AI agents hinders breakthroughs in medicine, finance, and personalized models. Companies are stuck relying on public datasets due to the inability to securely train AI models on proprietary, high-value data.
Private DeFi: On-chain services are limited by the inability to securely share data like lending rates and collateral, exposing positions and limiting adoption of private DEXs and secure cross-chain swaps.
Hidden-Information Games: Transparency stifles innovation in games like poker or strategic bidding, which are essential for gaming and prediction markets.
Monetizing Personal Data: Individuals can securely share private data for AI training, research, or analytics, monetize it on their own terms, and remain anonymous, reclaiming control over their data's value from big tech.

The Technological Vanguard: FHE and TEEs

Privacy-enhancing technologies (PETs) like FHE, TEEs, and MPC have been in development for decades, with FHE and MPC conceptualized in the 1980s and TEEs emerging in the early 2000s. Today, these technologies are efficient and practical enough for real-world applications, driving the shift towards a confidential on-chain future.

Fully Homomorphic Encryption (FHE): The Holy Grail of Encryption

Fully Homomorphic Encryption (FHE) is a groundbreaking form of encryption that allows computations to be performed directly on encrypted data, producing an encrypted result that, when decrypted, is identical to the result of operations performed on plaintext data. Often hailed as the holy grail of encryption, FHE offers exceptional flexibility, enabling data to be stored anywhere, including on-chain, and processed without exposing it to the public or even the server owner. This capability is fantastic for retaining blockchain composability and flexibility.

However, FHE currently faces challenges related to high compute overhead and high latency. Despite these limitations, research teams are making significant progress, positioning FHE as a promising option for the near future. In terms of security, FHE is immune to side-channel attacks and, importantly, is based on lattice-based cryptography, which is believed to be resistant to quantum computing threats, making it a strong long-term solution for post-quantum security. While TEEs rely on attestation for integrity, FHE can achieve integrity through deterministic computation and, eventually, could integrate ZKPs for trustless verification. Currently, FHE is just beginning to enter production usage.

Trusted Execution Environments (TEEs): Practical Security Enclaves

A Trusted Execution Environment (TEE) is a secure enclave within a processor that enables computations on sensitive data without exposing it to the broader system. Within a TEE, data and code remain isolated and encrypted, ensuring both confidentiality and integrity even if the rest of the system is compromised. TEEs are often regarded as a practical solution for secure computation, offering a strong balance between security and performance.

Unlike FHE, TEEs rely on specialized hardware like Intel SGX or ARM TrustZone to provide this secure processing environment. This hardware dependency leads some to discount TEEs entirely. However, TEEs offer lower computational overhead and latency, making them an efficient option for real-world deployments today. While TEEs are vulnerable to certain side-channel attacks, ongoing research aims to address these, and side-channel attacks can be mitigated through protocol design. TEEs are already widely deployed in various blockchain applications, making them an accessible solution for current needs. Their security relies on conventional cryptographic principles and trusted hardware, meaning they are not inherently resistant to quantum attacks.

The Powerful Duo: FHE and TEEs Compared

The choice between FHE and TEEs often comes down to specific preferences and use cases, as both are vital for achieving confidentiality in the blockchain ecosystem. Here's a comparative overview:

Inco

  • Performance: TEEs offer fast execution due to their reliance on dedicated hardware for secure computation, making them efficient for real-time applications. FHE, by contrast, is currently slow and computationally intensive, though performance improvements are expected.

  • Compute: TEEs necessitate specialized trusted hardware components to create secure execution environments. FHE, using cryptographic methods, can theoretically run on any system.

  • Attack Risk: TEEs are known to be vulnerable to side-channel attacks, where information is extracted by analyzing power consumption or timing. FHE is immune to these but can be susceptible to collusion attacks in MPC setups, and without verifiable compute, the MPC network needs to trust the computation node.

  • Compute Verifiability: TEEs rely on attestation mechanisms to prove computation integrity, which requires trust in the hardware provider. FHE can achieve integrity through deterministic consensus mechanisms and potentially integrate ZKPs in the future for trustless verification.

  • Current Practicality: TEEs are widely deployed and accessible for blockchain applications today. FHE, while highly promising, is only just beginning to enter production usage.

  • Future Potential: TEEs will benefit from advancements in hardware security to address vulnerabilities, with mitigation strategies through protocol design. FHE is expected to see significant performance improvements, especially with specialized hardware acceleration, making it more viable for blockchain applications.

  • Quantum Resistance: TEEs are not inherently resistant to quantum attacks. FHE, based on lattice-based cryptography, is believed to be resistant to quantum computing threats, making it a strong long-term solution.

Multi-Party Computation (MPC): Collaborative Privacy

Multi-Party Computation (MPC) is another cornerstone of privacy-preserving technology, enabling multiple parties to collectively compute a function while keeping their individual inputs private. By distributing computations across participants, MPC eliminates the need for trust in any single entity, ensuring data confidentiality throughout the process. A key example is collaborative AI model training across organizations, such as hospitals jointly training a diagnostic AI model without sharing sensitive patient data. Data is split into cryptographic shares and distributed across an MPC network, where individual shares reveal no information.

MPC involves a typical lifecycle with two main phases:

Preprocessing Phase (Offline): Computationally expensive operations are performed upfront, before inputs are known, to optimize the online phase. This includes generating random values like Beaver triples and preparing cryptographic materials.

Online Phase: Parties provide their private inputs, which are split into shares and distributed. The actual computation is performed on these shared inputs, leveraging precomputed values from the preprocessing phase, ensuring input privacy. The final result is reconstructed by combining shares.

Post-Processing Phase may involve output verification or additional transformations.

MPC protocols (e.g., BGW, BDOZ, SPDZ) are designed for varying security and efficiency requirements. They operate under different security models that define trust (e.g., Honest Majority, where >50% must be honest, or Dishonest Majority, where privacy is preserved if at least one party is honest) and adversary behavior (e.g., Semi-Honest, who follow the protocol but try to infer information, or Malicious, who can arbitrarily deviate). Ensuring input privacy is straightforward with secret sharing, but detecting deviations requires advanced techniques and robust protocol design. Reputation serves as a foundational building block for ensuring trust assumptions hold, reducing collusion risks. To enforce honest behavior, protocols often incorporate staking/slashing mechanisms (penalizing misbehavior), Actively Validated Services (AVS) like EigenLayer, and cryptographic cheater identification.

Oasis Network: A Pioneer in TEE Adoption for Web3

The Oasis Network stands out as a TEE pioneer in Web3. It actively leverages TEEs to build a confidential decentralized ecosystem, addressing the core privacy challenges inherent in blockchain technology. Oasis's commitment is evident in its continuous research and development efforts, with its engineering team actively participating in ongoing discussions and R&D related to TEEs. Testament in one of their articles and doc

Oasis Network has demonstrated its leadership through key initiatives:

Sapphire: Oasis launched Sapphire, a native rollup that supports confidential dApps. Notably, Sapphire is the industry-first confidential Ethereum Virtual Machine (EVM) compatible ParaTime, providing a groundbreaking developer environment for building private and secure dApps. This directly supports the need for programmable privacy and addresses the limitations of Phase 2 by enabling confidential smart contracts that were previously unfeasible on transparent EVMs.

Runtime Offchain Logic: Oasis developed a framework that enables custom offchain logic that can be easily verifiable onchain, also relying on TEEs. This highlights the utility of TEEs in extending blockchain capabilities beyond the on-chain environment while maintaining verifiability.

Oasis recognizes that while TEEs introduce a hardware dependency, significant improvements in TEE infrastructure and protocol design have minimized possible vulnerabilities. By employing defense-in-depth methods, ongoing R&D efforts, and secure-via-physics design, Oasis aims to continuously improve security. The growing acceptance of TEEs within Web3, alongside ZKPs and FHE, further validates Oasis's strategic adoption.

The rationale behind Oasis Network's strong embrace of TEEs aligns with several critical advantages TEEs offer in the Web3 space:

Practicality and Readiness: TEEs provide a simple, efficient, and reliable way to implement private dApps. They are practical and production-ready today, offering an immediate solution for privacy in crypto, especially for applications like dark order books in DeFi.

Scalable Infrastructure Across Trust Boundaries: Flashbots' Rollup-Boost, leveraging TEEs, demonstrates how they enable scalable infrastructure across trust boundaries and harmonize efficiency with decentralization. This aligns with Oasis's vision for a robust and private blockchain ecosystem.

Confidential AI and Data Integrity: Oasis’s utilization of TEEs extends to securing advanced AI systems. OpenAI advocates for TEE adoption in AI accelerators to boost security, allowing GPUs to perform cryptographic self-checks and protect model weights. Researchers have highlighted how TEEs can be used to build scalable, privacy-protecting ML solutions and safeguard the IP embedded in models, ensuring tamper-proof results. TEEs are essential for AI safety, especially with the growth of Large Language Models (LLMs), as they enable isolated and verifiable code execution, adding integrity to AI workflows. Furthermore, TEEs can enable secure access to vast deep-web datasets previously unavailable to ML systems, bridging traditional web services and modern privacy requirements.

Transforming Trust in DePIN and Web3 Infrastructure: TEEs can evolve the notion of trust within Decentralized Physical Infrastructure Networks (DePIN) and other Web3 infrastructures from a traditional concept to one that is continuously verifiable. This capability is crucial for creating trustless and Web3-compliant AI computing by combining smart contract governance with clusterized TEE computing capacity.

Enhancing Rollup Security: Ethereum rollups, including projects like Scroll and Taiko, are adopting TEEs as part of multi-prover systems to bolster security. This approach, similar to client diversity, uses TEEs to add redundancy, mitigate risks from potential bugs in complex ZK circuits, enhance security without impacting finality or transaction costs, and pave the way for further decentralization of the proving process. Oasis's focus on a confidential EVM ParaTime with Sapphire suggests a similar approach to enhancing rollup security and decentralization through TEEs.

Enabling True Exclusive Ownership : TEEs provide the only way to achieve true exclusive ownership of digital assets and accounts, a feature not possible with FHE, MPC, or ZK proofs alone. Remote attestation offers cryptographic proof of non-interference, bridging Web2 authentication and Web3 autonomy with practical, production-ready implementation. This capability is revolutionary for managing blockchain assets privately, allowing for renting, sharing, and pooling of credentials without direct on-chain traces.

Addressing TEE Vulnerabilities: Oasis acknowledges and actively works on how to protect privacy despite TEE vulnerabilities. By leveraging TEEs, confidential ParaTimes like Sapphire and Cipher offer enormous flexibility to developers while implementing strategies to minimize risks.

The Confidential Future: A Multimodal Approach

From the above, the shift from fragmented transactional privacy to comprehensive digital privacy is redefining how we interact and protect our data. Technologies like MPC, FHE, and TEEs are advancing to a point where they are efficient and practical for real-world applications. While ZKPs are widely discussed, they are not designed to enable shared private state by themselves. Emerging approaches like zkML use ZKPs for verifiable inference, but shared private state is better addressed by MPC and FHE, with TEEs playing a complementary role.

The solution to blockchain's confidentiality problem is on the horizon, and both FHE and TEE approaches will be vital in realizing this future. They enable new use cases and pave the way for widespread Web3 adoption. This multimodal future, combining PETs for resilient systems, will be the catalyst for limitless innovation, solving real-world challenges from empowering individuals to monetize their data securely to enabling businesses to collaborate on sensitive information without risk, and paving the way for transformative use cases we haven't even imagined yet

Top comments (1)