Open in app

Sign in

Write

Sign in

Trusted Execution Environments (TEEs): Ensuring Security and Privacy in Blockchain and Smart Contracts

Sisu Stake
14 min readMar 17, 2023

--

Trusted Execution Environments, or TEEs, are digital fortresses enabling secure and isolated execution of code and data storage within computing systems. TEEs can prevent unwanted access and data tampering even when the main operating system and other applications on the system are compromised. They utilize cutting-edge hardware, like Intel Software Guard Extensions (SGX) and ARM TrustZone. However, they can also be achieved with software solutions through virtualization.

The implications of TEEs are vast, with applications in finance, healthcare, the internet of things (IoT), automotive, and blockchain. Everyday examples of how TEEs are used include payment applications like Apple Pay and Samsung Pay. Below, we will delve into the workings of TEEs, their ability to enhance security and privacy, and the possibilities they unlock for the blockchain industry.

How TEEs work

TEE enclaves establish a secure and isolated space within a computing system, separate from the operating system and other software to create a secure buffer. They rely on a powerful combination of hardware and software to ensure their security. The hardware enables secure storage and isolation. The software provides a seamless interface for developers to write and execute code within the TEE.

TEE’s secure bootstrapping feature is particularly noteworthy as it enables it to immediately take control of the system and verify the software and data it interacts with for integrity. TEEs leverage dedicated hardware and encryption to safeguard the data and code stored within them. Making it impossible (in theory) for attackers to read or modify the stored data even if they gain access to the TEE.

Keep in mind no security technology is impenetrable to exploitation. Although the exploitation of TEEs is rare, they have been past exploits. For example, in 2017 the ROCA vulnerability was discovered, and in 2018 the Meltdown and Spectre vulnerabilities were found. In the case of Roca, Meltdown, and Spectre the vulnerabilities were fixed after becoming known to researchers. It’s always important to ensure the proper design, implementation, and update schedules are in place when working with TEEs to effectively address any newly discovered vulnerabilities.

Uses of TEEs in Blockchain and Smart Contracts

In blockchain and smart contract technology, security and privacy through TEEs are useful for maintaining system integrity. As such, TEEs are becoming an increasingly essential tool for ensuring cybersecurity. Their ability to create a secure and isolated environment for executing smart contracts and storing sensitive data has made them an indispensable asset in the blockchain world.

Let us explore some of the primary use cases for TEEs in blockchain and smart contract technology:

Secure Storage of Private Keys

In blockchain technology, private keys are akin to the key to a safe deposit box containing digital assets. A breach of the private key can result in tampering with the assets and manipulation of the blockchain.

TEEs come to the rescue by providing a secure and isolated environment for storing private keys. The private keys stored within the TEE are off-limits to hackers and malicious actors, even if they gain access to the system. Segregation through TEEs mitigates the risk of a security breach and upholds the blockchain’s sanctity. For example, SBLWT and TEEOD have demonstrated TEE-based proof of concepts (1,2).

Secure Execution of Smart Contracts

Smart contracts allow for the automated execution of agreements with transparency and security. However, vulnerabilities and attacks are possible, putting the integrity of the contract at risk. To mitigate this risk, TEEs offer a secure and isolated environment for smart contract execution, ensuring that contracts are executed as intended and free from manipulation.

In blockchain systems utilizing TEEs, smart contracts can be executed in a secure environment, protecting the code and data from external attacks (3,4).

One type of attack is called the “reentrancy attack.” In this scenario, a hacker takes advantage of a weakness in a smart contract and repeatedly calls a vulnerable function, causing it to execute multiple times before the previous execution has finished (3,4). The attack can result in unintended outcomes, such as the hacker stealing funds from the contract (3,4).

TEEs provide a secure environment where smart contract functions can execute without interruption or modification by external actors (4). The code and data of the contract are protected within this secure enclave, preventing any unauthorized access or tampering. As a result, TEEs can avoid reentrancy attacks and ensure the smart contract’s integrity (4).

Another attack that TEEs can help prevent is the “front-running attack” (4). In this attack, a malicious actor observes a transaction about to be executed on the blockchain and quickly submits a competing transaction that takes advantage of the same conditions as the original transaction. Front-running can result in the hacker receiving a larger reward or manipulating the contract in their favor (4).

TEEs can prevent front-running attacks by providing a secure transaction environment. The TEE ensures that external actors cannot observe or interfere with the transaction, thus preventing the exploitation of vulnerable transactions and protecting the integrity of the smart contract (3).

In essence, TEEs can be instrumental in securing the execution of smart contracts and preventing a range of attacks, including reentrancy and front-running attacks (4). By providing a secure enclave for executing code and safeguarding data, TEEs can enhance the reliability and integrity of smart contracts (4).

Moreover, TEEs can also be used to attempt to guarantee privacy for smart contracts. Confidential smart contracts can be executed within TEEs, safeguarding sensitive data such as wallet addresses from other participants in the network (5). With TEEs, smart contracts can provide the benefits of automation and transparency while ensuring high security and privacy.

Additional Applications of TEEs

Intellectual Property Protection

TEEs are versatile tools harnessable for other purposes beyond the blockchain world. For instance, they can shield copyrighted material by encrypting and storing it within the TEE. Encrypted storage restricts access to only authorized applications inside the TEE, thwarting any unauthorized attempts to access or copy protected content.

Arm Limited is an example of a company utilizing TEEs for IP protection. Arm’s TrustZone solution is designed to safeguard sensitive data and applications and can be found in various products like wearables, smartphones, and IoT devices (6).

Secure Storage of and Usage of Biometric Data

TEEs can serve as secure enclaves for storing biometric data such as facial recognition and fingerprints. By isolating sensitive information within the TEE, it is shielded from the prying eyes of the operating system and other applications.

An example of this application can be found in the Android operating system (7). Biometric data such as fingerprints are stored in a separate area of the device, inaccessible to the main operating system. This secure storage is achieved through a TEE, which also prevents the exportation of this information. The regular operating system can only request verification of the user’s biometric identity from the TEE without accessing the biometric data directly (7).

Secure Boots and Updates

TEEs can protect the device’s firmware and software updates from malicious interference. During the boot sequence, TEEs can authenticate the integrity of the firmware and operating system, preventing malicious code from executing.

Secure boot goes hand in hand with securely updating firmware via the TEE, ensuring that only authorized updates are installed. In the mobile device sector, TEEs are increasingly being adopted by leading companies to provide a trusted platform for their devices and systems.

In the IoT space, TEEs are also gaining traction. Samsung’s Knox platform for IoT devices leverages TEEs to provide secure booting and firmware updates, preventing malicious attacks (8). Additionally, Google’s Pixel smartphones rely on TEEs, first enabled by the Titan M Chip, to guarantee that only authorized firmware is installed during the boot process, making them less susceptible to attacks (9).

TEEs are a crucial tool in the arsenal of any security-conscious company. As the need for secure systems continues to grow, using TEEs for secure booting and updates will likely become more widespread.

TEEs vs Other Approaches

While some theoretical alternatives exist to TEEs for secure computations, such as interacting with smart contracts and storing private keys, we will compare how they measure against the robustness of TEEs. Let us briefly examine them.

Hardware Security Modules (HSMs)

HSMs and TEEs are two hardware-based security solutions offering exceptional protection for sensitive data and cryptographic operations (10). However, HSMs are expensive and have more hardware than TEEs. Any vulnerability or weakness in the implementation could compromise the data security and operations it protects (10).

In contrast, TEEs are general-purpose secure environments engineered to protect a broader range of applications and use cases than HSMs. Although TEEs also use hardware-based security mechanisms, their design is optimized for protecting sensitive data and executing code across various applications (such as IP protection and secure boots/updates.)

Additionally, TEEs can be implemented using software and hardware (e.g., Qualcomm Secure Execution Environment), making them more accessible and adaptable (11).

Sandboxing

Sandboxing is another approach to secure computing involving the execution of code within a restricted environment. Sandboxing is a powerful security technique, but is not infallible, and can still be vulnerable to attacks.

Two noteworthy examples of sandboxing include the Google Chrome Sandbox and Docker Container Sandbox. Both examples also illustrate how and why sandboxing can fail.

The Google Chrome web browser uses a sophisticated sandboxing technique to isolate each tab, plugin, and extension from the rest of the system. Google Chrome’s approach prevents malicious code from exploiting vulnerabilities in the browser and gaining access to the underlying operating system.

Despite using a sandboxing technique to isolate each tab, plugin, and extension from the rest of the system, Google Chrome can still be vulnerable to specific attacks. In 2020, researchers uncovered a flaw in Chrome’s sandboxing mechanism that could allow an attacker to escape the sandbox and execute arbitrary code on the underlying operating system (12).

Docker is another widely used containerization platform employing sandboxing to isolate applications and services from each other and the underlying host system. Each container has its own file system, network interface, and resources, reducing the risk of interference and security breaches.

While Docker’s sandboxing technique is designed to isolate applications and services from each other and the underlying host system, it, too, can be vulnerable to attacks. In 2019, a vulnerability was discovered in Docker that could allow an attacker to gain access to the host system by exploiting a weakness in the sandboxing mechanism (13).

In both cases, the vulnerabilities were caused by weaknesses or flaws in the sandboxing mechanisms, allowing attackers to bypass the isolation and access the underlying system. In contrast, TEEs offer a far more secure environment for executing code entirely separate from the host OS and immune to potential vulnerabilities.

Zero Knowledge Proofs (ZKPs)

ZKPs are a cryptographic technique allowing one party to prove to another that they know a piece of information without revealing it, making it possible for secure and private interactions between parties without requiring them to trust each other. ZKPs have numerous applications, including in blockchain, online voting, and digital identity management.

ZKPs can seem like a magic bullet for secure computing, validating computations without revealing underlying data. Examples of its use in cryptocurrency and messaging applications (e.g., ZEC and Signal.)

In data storage and execution, applying zero-knowledge proofs (ZKPs) can be demanding regarding computational resources, and its feasibility may extend to only some use cases (14). In contrast, TEEs provide a more efficient and secure solution for executing code and storing data in an isolated environment via lower computational overhead and faster processing times.

Utilizing both TEEs and ZKPs

TEEs and ZKPs are not mutually exclusive. It is possible to combine TEEs and ZKP. TEEs’ exceptional capacity can be further augmented with ZKPs, adding security and privacy.

One potential method involves using ZKPs to validate the integrity and confidentiality of data and code within a TEE (15). Combining the two can ensure that the code and data inside the TEE is trustworthy and that computations executed within the TEE are performed correctly without revealing sensitive data.

The combination of ZKPs and TEEs has the potential to provide enhanced security and privacy features for applications such as confidential computing, secure multiparty computation, and private blockchain networks.

Fully Homomorphic Encryption (FHE), Partial Homomorphic Encryption (PHE), and Threshold FHE

FHE, PHE, and Threshold FHE are all promising approaches to secure computing, but they come with significant challenges. While enabling computations on encrypted data, FHE is computationally demanding and complex to implement(16). While PHE is less computationally demanding, it offers only partial computation capabilities that result from only supporting one mathematical function at a time (17, 18). Lastly, threshold FHE allows multiple mathematical functions to be performed during encryption; they can only be performed a limited number of times (17, 18).

In contrast, TEEs provide a secure and isolated environment for executing code and storing data, making them a more efficient and practical solution for secure computing. TEEs are better equipped to handle multiple complex computations securely and efficiently by providing a dedicated hardware environment for computations.

Multiparty Computation

MPC is a powerful tool enabling multiple parties to perform computations without revealing their inputs. MPC can be helpful in blockchain for key management and protection (19). By allowing secure computation on distributed data, MPC preserves the privacy of individual data (20, 21).

While the potential benefits of MPC are considerable, integrating it into real-world applications can be challenging. One significant obstacle is the high level of communication required, which can be cumbersome (22). Moreover, it is worth noting that MPC is not immune to collusion, where actors in the network can work together to compromise encryption (22). As a result, care must be taken to address these issues and ensure that MPC can be effectively and securely integrated into practical use cases.

Conversely, TEEs provide a more accessible and straightforward solution to secure computation and data storage, offering a secure and isolated environment for executing code and storing data without revealing confidential information.

Limitations of TEEs

TEEs undoubtedly offer unparalleled security and privacy benefits, but it is essential to acknowledge their drawbacks and limitations.

One of the challenges associated with TEEs is the requirement of specific hardware and software, necessitating engineers capable of working with the hardware and software. Additionally, TEEs may introduce some modest latency, which could affect performance (23).

Furthermore, TEEs have limited resources, which can restrict their capabilities, especially for resource-intensive applications like machine learning, large-data processing, and graphics-intensive applications like video games (23). Resource limitations are not a flaw but rather a vital attribute. The constraints placed upon memory, processing power, and other resources assist in guaranteeing security.

TEEs can also pose a single point of failure, potentially allowing attackers to compromise sensitive data or execute malicious code. The lack of standardization due to many proprietary designs of TEEs (e.g., SGX, TrustZone, and Knox) may lead to compatibility issues between different systems, reducing their usefulness in specific scenarios (15).

Finally, TEEs are typically only available on specific hardware platforms, limiting their accessibility to developers and users. While TEEs offer a robust security solution, they should be implemented and used with an understanding of their limitations.

TEEs are the Best Option

In secure computing, few technologies can match the unparalleled advantages of TEEs. TEE technology offers unparalleled advantages in secure computing. In contrast to HSMs, which can be costly and require additional hardware, TEEs are more adaptable and easily integrated. While sandboxing provides robust security measures, it remains vulnerable to specific attacks.

ZKPs offer a secure means of validating computations without exposing underlying data but can be computationally demanding for some applications. FHE, PHE, and Threshold FHE all present significant challenges, including computational demands and limited computation capabilities. MPC is a powerful tool for preserving individual data privacy but falls short of TEEs in terms of efficiency when executing complex computations securely due to its high communication requirements.

TEEs provide a distinctive combination of hardware and software security measures, creating a secure and isolated environment for executing code and storing data. Compared to other secure computing approaches like ZKP, FHE, MPC, PHE, and threshold FHE, TEEs are more practical, efficient, and accessible, making them an ideal solution for applications that require secure computation and data storage, such as blockchain wallets and smart contracts.

The Big Picture

Trusted Execution Environments are essential for securing various fields, including blockchain and smart contract technology. TEEs establish a secure and isolated space within computing systems, separated from the operating system and other software. The powerful combination of hardware and software security measures enables safe storage and isolation for executing code and storing data.

Compared to different approaches, such as hardware security modules, sandboxing, FHE, PHE, threshold FHE, and MPC, TEEs provide a more efficient and practical solution for secure computing. TEEs offer a unique combination of hardware and software security measures, allowing for secure computation and data storage, and can be used with other security measures (e.g., ZKPs.)

The implications of TEEs in blockchain and smart contract technology are significant. Private keys, the lifeline of blockchain technology, can be securely stored within TEEs, mitigating the risk of a security breach and upholding the blockchain’s sanctity. TEEs also offer a secure and isolated environment for executing smart contracts, ensuring that contracts are executed as intended and free from manipulation. Confidential smart contracts can also be performed within TEEs, safeguarding sensitive data from other participants in the network.

However, the applications of TEEs are not limited to blockchain and smart contracts. They can also serve as a secure enclave for storing biometric data, protecting intellectual property, and securing firmware and software updates

TEEs are set to revolutionize blockchain’s security and privacy approach. The increasing adoption of TEEs across various industries from finance to the automotive sector underscores their potential to unlock immense possibilities in blockchain and smart contract technology. As technology advances, TEEs will likely continue to be indispensable tools for ensuring the integrity and security of blockchain systems.

References

  1. Dai, W., Deng, J., Wang, Q., Cui, C., Zou, D., & Jin, H. (2018). SBLWT: A Secure Blockchain Lightweight Wallet Based on Trustzone. IEEE Access, 6, 40638–40648. https://doi.org/10.1109/ACCESS.2018.2856864.
  2. Pereira, S., Cerdeira, D., Rodrigues, C., & Pinto, S. (2021). Towards a Trusted Execution Environment via Reconfigurable FPGA. CoRR, abs/2107.03781. Retrieved from https://arxiv.org/abs/2107.03781.
  3. Atzei, N., Bartoletti, M., & Cimoli, T. (2017). A Survey of Attacks on Ethereum Smart Contracts (SoK). In M. Maffei & M. Ryan (Eds.), Principles of Security and Trust. POST 2017. Lecture Notes in Computer Science (Vol. 10204). Springer. https://doi.org/10.1007/978-3-662-54455-6_8
  4. Li, X., Jiang, P., Chen, T., Luo, X., & Wen, Q. (2020). A survey on the security of blockchain systems. Future Generation Computer Systems, 107,841–853. https://doi.org/10.1016/j.future.2017.08.020
  5. Bowman, M., Miele, A., Steiner, M., & Vavala, B. (2018). Private Data Objects: An Overview. CoRR, abs/1807.05686. Retrieved from http://arxiv.org/abs/1807.05686.
  6. Williamson, P. (2018, May 23). New Arm IP Helps Protect IoT Devices from Increasingly Prevalent Physical Threats. Arm Newsroom. Retrieved from https://www.arm.com/company/news/2018/05/new-arm-ip-helps-protect-iot-devices-from-increasingly-prevalent-physical-threats
  7. Smith, S. (2021, April 21). Using biometrics for authentication in Android. Samsung Insights. https://insights.samsung.com/2021/04/21/using-biometrics-for-authentication-in-android-2/
  8. Samsung. (2019, September 4). Samsung Trusted Boot and TrustZone Integrity Management Explained. Samsung Insights. https://insights.samsung.com/2019/09/04/samsung-trusted-boot-and-trustzone-integrity-management-explained/
  9. Melotti, D., Rossi-Bellom, M., & Continella, A. (2022). Reversing and Fuzzing the Google Titan M Chip. In Reversing and Offensive-Oriented Trends Symposium (ROOTS ’21) (pp. 1–10). Association for Computing Machinery. doi: 10.1145/3503921.3503922.
  10. Felton, D. (2021, March 2). Comparing the TEE to Integrated HSMs. Trustonic Technical Articles. Retrieved from https://www.trustonic.com/technical-articles/comparing-the-tee-to-integrated-hsms/
  11. Chi, L. (2019, April 27). Guard Your Data with the Qualcomm Snapdragon Mobile Platform. Qualcomm Technologies, Inc. Retrieved from https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/guard_your_data_with_the_qualcomm_snapdragon_mobile_platform2.pdf
  12. SecurityWeek. (2022, January 12). Chrome Sandbox Escape Vulnerability Earns Researchers $20,000. SecurityWeek. Retrieved from https://www.securityweek.com/chrome-sandbox-escape-vulnerability-earns-researchers-20000/
  13. Trail of Bits. (2019, July 19). Understanding Docker Container Escapes. Trail of Bits Blog. Retrieved from https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
  14. Zhang, Y. (2020). Zero-Knowledge Proofs for Machine Learning. In Proceedings of the 2020 Workshop on Privacy-Preserving Machine Learning in Practice (PPMLP’20) (p. 7). Association for Computing Machinery. doi: 10.1145/3411501.3418608.
  15. Rabimba, K., Xu, L., Chen, L., Zhang, F., Gao, Z., & Shi, W. (2022). Lessons Learned from Blockchain Applications of Trusted Execution Environments and Implications for Future Research. In Workshop on Hardware and Architectural Support for Security and Privacy (HASP ’21) (pp. 5–12). Association for Computing Machinery. doi: 10.1145/3505253.3505259.
  16. Inpher. (n.d.). What is Fully Homomorphic Encryption? Retrieved from https://inpher.io/technology/what-is-fully-homomorphic-encryption/
  17. Splunk Inc. (2021, February 16). Homomorphic Encryption: What It Is and How It Works. Retrieved from https://www.splunk.com/en_us/blog/learn/homomorphic-encryption.html
  18. AI Multiple. (n.d.). Homomorphic encryption: Use cases and trends in 2021. Retrieved from https://research.aimultiple.com/homomorphic-encryption/
  19. CryptoAPIs. (n.d.). MPC. Retrieved from https://cryptoapis.io/products/wallet-as-a-service/mpc
  20. Sepior. (2021, February 4). MPC and Blockchain: A Match Made in Heaven. Retrieved from https://sepior.com/blog/mpc-and-blockchain-a-match-made-in-heaven/
  21. 101 Blockchains. (2021, September 21). MPC (Multi-Party Computation) in Blockchain: Ultimate Guide. Retrieved from https://101blockchains.com/mpc-multi-party-computation/
  22. AI Multiple. (2023, January 5th). Secure Multi-Party Computation: Use cases and trends in 2021. Retrieved from https://research.aimultiple.com/secure-multi-party-computation/
  23. Akram, A., Giannakou, A., Akella, V., Lowe-Power, J., & Peisert, S. (2021). Performance Analysis of Scientific Computing Workloads on General Purpose TEEs. In 2021 IEEE International Parallel and Distributed Processing Symposium (IPDPS) (pp. 1066–1076). IEEE. https://doi.org/10.1109/IPDPS49936.2021.00115.
Blockchain
Blockchain Privacy
Cybersecurity
Cryptocurrency
Privacy

--

--

Sisu Stake
Sisu Stake

Written by Sisu Stake

1 Follower
1 Following

Privacy is essential for Web3.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech