Author: Yin Hang, Co-founder & Chief Developer at Phala

You may think that hardware and blockchain have nothing to do with each other. After all, from Bitcoin to Ethereum, blockchain is dominated by software, and hardware-based solutions often have a centralized suspicion. However, in terms of privacy protection, introducing hardware is a common practice. Hardware is the basis for practicality, and the combination of software and hardware can achieve a greater effect than the sum of its parts. Through clever combinations, Phala can achieve an excellent balance between decentralization, scalability, and confidentiality.

#1 TEE-based Blockchain Confidentiality

Phala Network uses confidential smart contracts to achieve blockchain confidentiality. Unlike traditional contracts, it runs in a special hardware area (Trusted Execution Environment) inside the CPU. This area is highly isolated from other components, and any attempts to read TEE data, including malicious attacks, are futile.

The program running in TEE is called pRuntime. pRuntime maintains the operation of miners and Gatekeeper nodes in TEE and is responsible for handling TEE remote attestation, on-chain registration, key management, and confidential contract execution.

However, how can we make users trust that smart contracts are running in pRuntime and not just a forged TEE environment? At this time, we need to understand what "Remote Attestation" is.

"An application that hosts an enclave can also ask the enclave to produce a report and then pass this report to a platform service to produce a type of credential that reflects enclave and platform state. This credential is known as a quote. This quote can then be passed to entities off of the platform and verified…" - Source

Remote attestation is the key to ensuring the security and trustworthiness of the TEE system. Quoting from Intel can prove that the code (determined by the hash value) and certain data necessary for the execution are indeed running in the latest version of the SGX enclave.

#2 Secret Provisioning

Remote attestation is the soul of confidential smart contracts. However, if we cannot establish end-to-end encrypted communication between TEE and third parties, the application scope will be limited. Therefore, Intel SGX also uses the Secret Provisioning protocol to elegantly solve this problem.

With the Secret Provisioning protocol, we can establish a trust chain from users to pRuntime:

1. The blockchain publicly displays the hash of the legitimate pRuntime code.
2. pRuntime runs a remote attestation protocol, obtains a remote attestation report that includes the hash value of the proven code (pRuntime itself), and the public key of the identity authentication key pair (with timeliness).
3. The remote attestation report is submitted and verified on the blockchain.
4. The blockchain compares the hash value returned by the remote report (aiming to prove that the participant is indeed a legitimate pRuntime running in TEE).
5. The identity authentication public key is registered on the blockchain (only the currently running pRuntime can use this key pair).

Once registration is completed, any message signed with this identity will be generated exclusively by this pRuntime. Users can further establish a TLS-like connection with pRuntime using the registered identity public key.

When communication with TEE is required, users can obtain the registered pRuntime public key from the blockchain and use their Substrate account and public key to perform ECDH Diffie-Hellman protocol key agreement and obtain the key for communication with pRuntime.

After the trust chain is established, the identity key uniquely represents the identity of pRuntime. In theory, as long as TEE has no hardware vulnerabilities (which we will continue to discuss in the following sections), a successful remote attestation can ensure that all communications with pRuntime are secure and trustworthy.

#3 On-chain Upgrades

On-chain upgrades can greatly reduce the risks posed by hardware upgrades and hard forks, making them crucial. Substrate inherently supports runtime on-chain upgrades, which can be completed in the governance module. Similarly, the runtime in TEE can also be upgraded.

When upgrading pRuntime, the new hash needs to be submitted to the blockchain. Subsequently, the community can review the code, discuss it, and vote in favor of the upgrade through an on-chain governance process similar to Substrate.

Once there is an upgrade on the chain, Phala's Gatekeepers and miners must upgrade pRuntime as soon as possible. This process is relatively easier for miners because they do not need to be online 24/7. They simply need to pause mining, upgrade, and then continue mining. Gatekeepers, on the other hand, bear the responsibility of availability and need to be online as

熱點：冷錢包 區(qū)塊鏈 錢包