TEE Coprocessor

Introduction

Automata Network’s TEE Coprocessor extends the functionality of the blockchain by performing secure computation in isolated enclaves known as Trusted Execution Environments (TEEs).

Verifiable on-chain attestation

Attestations generated by the TEE Coprocessor provide publicly verifiable evidence across the entire technological stack, confirming:

1. Hardware authenticity: Hardware is genuine and satisfies the criteria for anti-tampering

2. Software integrity: The build process of the software is reproducible and based on audited code.

3. Prover identity: Private key is secured within the TEE to prevent counterfeit signatures

GitHub - automata-network/automata-dcap-v3-attestationGitHub

Reproducible build from source code

Reproducible builds are vital for ensuring that the software remains unaltered by malicious code, adhering strictly to the intended protocol. Anyone can replicate the building process to consistently yield identical binaries.

To achieve consistent builds across various environments, Automata's TEE Compile certifies the build process's integrity. Auditability is only half the story: Without any disruption to the the developer workflow, more people will be able to build high-assurance applications while reducing the likelihood of errors.

GitHub - automata-network/tee-compileGitHub

Cryptoeconomic-bonded TEE Committees

Operating within an enclave makes it immune to tampering, ensuring that physical hosts or system administrators cannot modify or edit the runtime code. Combining it with cryptoeconomic security deters liveness attacks and improves the construction of TEE systems.

The decentralized distribution of hardware vendors, known as TEE Committees, imposes a nearly-impossible cost for adversaries; with attackers having to breach both the separate security models of diverse TEE models, and major collusion.