SoK: TEE-assisted Confidential Smart Contract

TL;DR

This paper systematically analyzes TEE-assisted confidential smart contracts, categorizing existing solutions, identifying common properties and flaws, and providing a framework to guide future development and evaluation of privacy-preserving smart contract systems.

Contribution

It offers a comprehensive taxonomy and analysis framework for TEE-assisted smart contracts, highlighting design challenges and guiding future research in this area.

Findings

Existing systems are categorized into layer-one and layer-two solutions.

Identifies fundamental flaws and security challenges in current designs.

Provides a framework for evaluating and guiding future TEE-assisted smart contract development.

Abstract

The blockchain-based smart contract lacks privacy since the contract state and instruction code are exposed to the public. Combining smart-contract execution with Trusted Execution Environments (TEEs) provides an efficient solution, called TEE-assisted smart contracts, for protecting the confidentiality of contract states. However, the combination approaches are varied, and a systematic study is absent. Newly released systems may fail to draw upon the experience learned from existing protocols, such as repeating known design mistakes or applying TEE technology in insecure ways. In this paper, we first investigate and categorize the existing systems into two types: the layer-one solution and layer-two solution. Then, we establish an analysis framework to capture their common lights, covering the desired properties (for contract services), threat models, and security considerations (for underlying systems). Based on our taxonomy, we identify their ideal functionalities and uncover the fundamental flaws and reasons for the challenges in each specification design. We believe that this work would provide a guide for the development of TEE-assisted smart contracts, as well as a framework to evaluate future TEE-assisted confidential contract systems.