by Peyman Momeni, Co-Founder at Fairblock; Setareh Ghorshi, Cryptography Engineer at Fairblock; Zheng Leong Chua, Co-Founder at Automata Network
Intel SGX was breached. Have you found yourself wondering “what now?” Is there any point in using TEEs anymore? In this article, we will argue that there’s still a lot in store for TEEs and their viability for confidential computing solutions.
Let’s put the breach news on pause for a moment. Think about on-chain confidentiality schemes like Fully Homomorphic Encryption (FHE) and Identity-Based Encryption (IBE). In web3, these schemes rely on MPCs for key management and decentralization. In these MPC networks, a master secret key is distributed among the nodes and no single party has access to it. Once conditions for decryption are met, such as a specific block time, price, or computation, validators must extract private key shares and submit them on-chain for aggregation and decryption.
However, even though validators are economically incentivized to act honestly and not collude, 67% of them can theoretically coordinate a large attack that cannot be traced back to individual validators. Adding accountability to multi-party decryption means that if a set of parties collude to decrypt, their action can be caught. The consequences of such an attack are not normally loss of funds and safety, as the system will fall back to the current state of public chains. This property is very important in on-chain confidentiality schemes utilizing MPC.
The fewer nodes in the network, the more significant this problem will be. But on the other hand, having more nodes is costly and slow. So what can we do?