Lessons Learned from Blockchain Applications of Trusted Execution Environments and Implications for Future Research

TL;DR

This paper reviews how trusted execution environments (TEEs) are used in blockchain applications, analyzing their security assumptions, challenges, and implications for future hardware TEE design to improve security and reliability.

Contribution

It provides a comprehensive analysis of TEE applications in blockchain, highlighting open challenges and guiding future research directions in hardware TEE development.

Findings

TEEs are widely adopted in blockchain for security and access control.

Implementation challenges and security pitfalls are identified in current TEE use cases.

The paper suggests opportunities for improving hardware TEE design for blockchain applications.

Abstract

Modern computer systems tend to rely on large trusted computing bases (TCBs) for operations. To address the TCB bloating problem, hardware vendors have developed mechanisms to enable or facilitate the creation of a trusted execution environment (TEE) in which critical software applications can execute securely in an isolated environment. Even under the circumstance that a host OS is compromised by an adversary, key security properties such as confidentiality and integrity of the software inside the TEEs can be guaranteed. The promise of integrity and security has driven developers to adopt it for use cases involving access control, PKS, IoT among other things. Among these applications include blockchain-related use cases. The usage of the TEEs doesn't come without its own implementation challenges and potential pitfalls. In this paper, we examine the assumptions, security models, and operational environments of the proposed TEE use cases of blockchain-based applications. The exercise and analysis help the hardware TEE research community to identify some open challenges and opportunities for research and rethink the design of hardware TEEs in general.