TEE wat do - HackMD

# TEE wat do ![image3](https://hackmd.io/_uploads/rkbey-nkC.png) Recent discussion on the blend of cryptographic and cryptoeconomic security prescribes differing perspectives on how blockchain security systems work as a whole. The main question that we’re trying to explore is simple. What are the limits of both approaches, and what can be done to improve their usefulness? ## Cryptoeconomic security Cryptoeconomics applies financial motivations to the way people behave, and attempts to approximate the end results of those actions based on incentive designs. This assumption underpins what is known as slashing, which punishes any rule-flouting nodes by destroying some or all of the validator’s stake. One way to reason about cryptoeconomic security is to consider unslashable offenses. Let’s explain this briefly with a concrete example that is commonly observed: In a Multi-Party Computation setup with N number of validators, a subset T is able to decrypt the secret. The anxiety is that there is no way of proving if any of the T validators actually colluded and decrypted the secret when they were not supposed to. No amount of economic disincentives will prevent the collusion of T validators if they can get away with the offense without incurring a slashing penalty. ![image2](https://hackmd.io/_uploads/ByGrJZ310.png) No slashing ergo implies no security. Security can be engineered through deliberately designed economic incentives, but it is not foolproof. ## Cryptographic security Execution secured by cryptography, such as zero-knowledge proofs, also makes security feasible. Anyone can verify that the computation was performed exactly according to the rules, and this guarantee of correctness prevents collusion. The inherent costs and development time in zero-knowledge (ZK) proofs on blockchain prevents rapid deployment, but a combination of advancements in hardware and algorithms have made proof setups cheaper and less computationally intensive over time. A more recent example is that of proof aggregation, which seeks to make verification cheaper by (i) shifting the cost of on-chain verification into cost of off-chain proving and (ii) amortizing the cost among multiple proofs. Industry examples include Polygon and NEBRA. That said, it will still be some time before we overcome the design limitations of cryptography. ZK is fundamentally mathematically complex and expensive technology. State-of-the-art algorithms require orders of magnitude more computation, making it infeasible for workloads that are already computationally bounded like LLM training or inference. ## TEE security Looking at current attempts to achieve security, these can be broadly broken down into two categories: (i) Cryptoeconomic, and therefore creating structures involving incentives to set and guide specific behaviors, (ii) Cryptographic, and therefore expected to be solved with pure mathematics if they are to be solved at all, and we suggest that hardware enclaves represent a third (iii) Trusted Execution Environments (TEE). ![image1](https://hackmd.io/_uploads/SyHQJ-2kA.png) TEEs have the ability to isolate sensitive computation from the rest of the operating system in a secure enclave, and strike a balance between cryptographic/cryptoeconomics. With considerably lower hardware requirements and costs, we expect the same unconditional security afforded by cryptographic primitives from TEE under certain threat models and assumptions, without the associated complexities and overheads. At the same time, TEE security can sidestep the nuanced ‘pitfalls’ of cryptoeconomic security. Attestation is a fundamental concept that is performed on the hardware environment to provide technical assurances on the secure enclave. By verifying that the TEE is indeed genuine, we can make assertions on its integrity. Any computation that is performed within a TEE that succeeds attestation is guaranteed to be correct. Conversely, if a TEE fails attestation, it is no longer trustworthy and can be penalized by slashing. The above scenario is a great example to showcase how TEE security can work intuitively, at present, with cryptoeconomic systems such as EigenLayer. Current language around security designs of blockchains is a missed opportunity to think about the advantages of TEE-based designs. Instead of a purist insistence on either cryptographic or cryptoeconomic methods, it might be far better to mitigate worst-case scenarios by layering TEEs with either or both.