Today the Enterprise Ethereum Alliance (EEA) announced the official release of the first version of the EEA Off-Chain Trusted Compute Specification. Blockchains like Ethereum require multiple servers to execute processor intensive tasks which can create scalability issues. The new specification enables these demanding tasks to be offloaded in a trusted manner. It also includes several privacy-enhancing features.
“Many enterprise blockchain use cases have demanding requirements for privacy, security, throughput, and latency that are difficult to achieve,” said EEA Executive Director Ron Resnick. “Temporarily moving some transactions off-chain for computation elsewhere, and then returning a summary to the main chain is a promising method for achieving such requirements.”
“I would like to thank Banco Santander, ConsenSys, iExec, Intel, Microsoft, Oracalize, SmartContract and all the EEA members that provided contributions to this important specification.”
It’s not surprising that Intel was heavily involved given its SGX technology for Trusted Execution Environments (TEEs). On a processor, TEEs allow for a segregated area where sensitive data is encrypted and cannot be snooped upon by other rogue applications while it’s being processed. While providing far greater security compared to conventional processing, many TEEs including Intel’s SGX, have occasionally proven vulnerable to more sophisticated attacks such as those exposed by last year’s Spectre and Foreshadow vulnerabilities.
In addition to TEEs, the specification includes support for Zero-Knowledge Proofs and Trusted Multiparty Compute (MPC). The latter enables private encrypted data to be used from multiple parties, and to calculate a result without the source data ever being revealed. For example, if three companies had pricing information for a product, it could provide an average of the prices without any party knowing each other’s prices.
The EEA outlined four needs the specification aims to address:
- Private transactions on a blockchain between mutually-untrusting parties without disclosing transaction details to other parties who also have access to the blockchain
- Disclosure of partial information to chosen parties on a blockchain, while maintaining the confidentiality of other information from those same chosen parties
- Offloading selected transactions from the main blockchain to a trusted compute environment to improve performance
- Attested oracles to provide trusted external information needed for some enterprise use cases. (An oracle is a way to use date from an API on a blockchain).
One of the participants, iExec, has provided a more detailed blog post. And the specification can be download from EEA website.
Additionally the EEA published version three of its Enterprise Ethereum Client Specification.