TEE with ZK and ZKrollup

Introduction

In the blockchain space, our vision is to bring privacy, security, and verifiability to users. Our ultimate goal is to design a system that can simultaneously fulfill these attributes. However, relying on a single proof system to achieve this is impractical for several reasons:

• No single cryptographic system can be guaranteed to be 100% secure. For instance, zero-knowledge proofs (zk) can have soundness bugs that are difficult to detect, while Multi-Party Computation (MPC) is susceptible to collusion risks between nodes.

• Privacy in zkRollups cannot be fully guaranteed because sequencers can extract user transaction data during proof generation.

• Verifiability in Fully Homomorphic Encryption (FHE) computations is challenging because the FHE server may not perform computations correctly, and without knowing the correct result, we cannot verify its accuracy.

The Need for Multi-Proof Systems

In the blockchain space, our vision is to bring privacy, security, and verifiability to users. Our ultimate goal is to design a system that can simultaneously fulfill these attributes. However, relying on a single proof system to achieve this is impractical for several reasons:

• No single cryptographic system can be guaranteed to be 100% secure. For instance, zero-knowledge proofs (zk) can have soundness bugs that are difficult to detect, while Multi-Party Computation (MPC) is susceptible to collusion risks between nodes.

• Privacy in zkRollups cannot be fully guaranteed because sequencers can extract user transaction data during proof generation.

• Verifiability in Fully Homomorphic Encryption (FHE) computations is challenging because the FHE server may not perform computations correctly, and without knowing the correct result, we cannot verify its accuracy.

There are several benefits we can gain by introducing TEE:

1. Hardware-grade safety: The privacy, confidentiality, and data integrity is guaranteed by hardware secure enclave.

2. No computation overhead: Applications run TEE have nearly same speed compare with running in normal CPU env

3. Low verification cost: The Gas consumption to verify TEE proof is minimal, requiring just an ECDSA verification.

4. No Privacy Leak: The execution of ZK Prover running in TEE can be verified that it generates proofs without leaking any user data.

We can not guarantee any single cryptography system is 100% secure. At the same time, the current Zero-Knowledge (ZK) solution is secure theoretically but still does not guarantee system-wide bug-free operation, especially from an engineering perspective, which remains challenging due to the complexity of ZK implementation. Here's where multi-proof systems come into play, to hedge the bugs in ZK implementation, a hardware solution, Trusted Execution Environment (TEE), can be used as a 2-factor verifier to offer double security to ZK projects like zk-Rollups. Inspired by Vitalik Buterin's presentation and a recent post by Justin Drake.

Case Studies

🚀 Phala Network: Run zk-Rollup STF (state transition function) in TEE

🔒 Primus: Build Trustless zkTLS with TEE

💾 Running SP1 zkVM in TEE H200 with Low Overhead