Trusted execution environments (TEEs) ensure data is stored and processed in a protected environment. TEEs provide a simple, efficient, and reliable way to implement private dApps. They’re practical and production-ready today versus further-out solutions like zero-knowledge proofs and fully homomorphic encryption.

TEEs introduce a hardware dependency, leading some to discount them entirely. However, there have also been significant improvements in TEE infrastructure and protocol design, minimizing possible vulnerabilities. With defense-in-depth methods, ongoing R&D efforts, protocols, and secure-via-physics design, security will continue to improve. Many have come around on TEEs, and their use in crypto is increasing. 

Oasis Network is one of the TEE pioneers in Web3. This includes the launch of Sapphire, a native rollup that supports confidential dApps, and Runtime Offchain Logic, a framework that enables custom offchain logic that can be easily verifiable onchain. Both rely on TEEs, and the Oasis engineering team actively participates in ongoing discussions and R&D efforts. Below is a summary of recent TEE research and developments.

Flashbots Introduces TEE-based Rollup-Boost

Flashbots introduced Rollup-Boost, a block-building platform for rollups enabled by trusted execution environments. Co-designed by Uniswap/OP Labs and set to be deployed on Unichain, Rollup-Boost leverages trusted execution environments for things like coprocessing, certifiable priority ordering, validity proofs, and more. 

Takeaways: 

• TEEs make it possible to create infrastructure that’s scalable across trust boundaries.
• Rollup-Boost highlights the potential of TEEs to harmonize efficiency and decentralization.

Read the article here. 

Research Directions for Verifiable Crypto-Physically Secure TEEs

‍Researcher Sylvain Bellemare reviews TEE limitations and theorizes how to implement chips that would be secure against physical attacks and not require trusting the chip manufacturer. The paper advocates for physical unclonable functions to secure the root-of-trust, masking & redundancy techniques to secure computations, and open-source hardware to verify that a chip matches its expected design.

Takeaways: 

• A massive amount of hardware research already exists, and it may benefit those using TEEs within a Web3 context.
• There’s a lot more work to be done regarding TEEs.

 Read the full paper here.

An Open-Source SGX-Sidecar for CosmWasm Blockchains

Cycles Protocol (Informal systems) launched “Quartz,” a sidecar that allows developers on any Cosmos chain to use SGX for privacy and offchain computing. Quartz is based on Cycles’ privacy architecture, which requires computing a settlement flow across private user data. To protect this data while efficiently computing the algorithm requires a TEE.

Takeaways: 

• Quartz enables any use case where a CosmWasm contract wants to have its own private compute or wants to verify offchain actions.
• This initial release contains rudimentary features. It is not yet ready for production use.

Read the full announcement here.

Autonomous Trusted Execution Environment Manifesto

Poetic Technologies outlined a vision of an open-source software and hardware architecture for confidential computation centered on TEEs. The manifesto discusses advantages/issues with current TEEs and considerations related to creating open versions, e.g., physical attacks, physical unclonable functions, and quantum physics, plus other emerging components, e.g., reproducible builds, mitigation tools, and formal verification.

Takeaways: 

• The idea of autonomous TEEs and the initiative to realize them is a work in progress.
• Updates on the different parts of the necessary technological substrate will be coming soon. 

Read the vision here. 

TEEs & Secure MPC for Privacy-Preserving Machine Learning

Researchers from Bagel highlight the need to address data & model security risks in AI, and in this article, discuss how TEEs can be used to build scalable, privacy-protecting ML solutions. In particular, they walk through training/inference examples, showing how developers might safeguard the IP embedded in their models and ensure that the models produce reliable and tamper-proof results.

Takeaways: 

• Privacy is essential for AI safety and particularly needed given the explosion of growth around LLMs.
• TEEs and their ability to enable isolated and verifiable code execution are one solution for adding integrity to AI workflows. 

Read the piece here. 

OpenAI Calls for TEE Adoption in AI Accelerators to Boost Security

OpenAI is pushing for a new approach to protect AI systems, particularly the model weights that power tools like ChatGPT. They're doing this by bringing TEEs to GPUs and AI accelerators. This approach would allow GPUs to flex some security muscle:

• Cryptographic self-checks.
• Keeping model weights locked until they're needed.
• Giving each GPU its own cryptographic ID. 

Takeaways:

• Securing advanced AI systems will require an evolution in infrastructure security.
• TEEs could allow model weights to be protected with strong controls at the hardware layer.

Read the full article here.

Why TEEs Are The Optimal Networking Infrastructure for Web3 & DeAI

M1 Capital and others explore the possibility of turning trusted execution environments into trustless ones, i.e., how TEEs can be verified within a trustless Web3 system. The proposed solution: by combining smart contract governance with clusterized TEE computing capacity from various providers, it's possible to minimize human administration from cloud governance, enabling trustless and Web3-compliant AI computing.

Takeaways: 

• TEEs can transform the notion of trust within DePIN ecosystems and other Web3 infra from a traditional concept to one that's continuously verifiable.
• As the demand for more secure, private, and efficient blockchain solutions grows, the role of TEEs will expand. 

Read the full article here. 

Confidential Computing & Privacy: Policy Implications of TEEs

The Future of Privacy Forum released a report on the policy implications of TEEs. The report discusses use cases in areas with sensitive data/tight regulations, e.g., finance and healthcare. It concludes that as the adoption of TEEs continues, issues like the risk of re-identification, regulatory restrictions related to access and “sale,” law enforcement access, cross-border data transfers, and data localization will require more definition. 

Takeaways: 

• TEEs promise a significant shift in trustworthiness & verifiability of data processing for use cases like the training/use of AI models.
• The usefulness and potential regulatory compliance benefits will depend on the configuration and management of a TEE and its accompanying attestation service.

Read the report here. 

Trusted Execution Environments for Greater Rollup Security  

Ethereum rollups continually explore ways to bolster security, including the adoption of trusted execution environments. In this sense, Scroll and Taiko are at the forefront of implementing TEEs as part of multi-prover systems. Following a similar logic to client diversity, both projects leverage TEEs to add redundancy to their protocols. 

Generally, this approach aims to:

1. Mitigate risks associated with potential bugs in complex ZK circuits
2. Enhance security without significantly impacting finality time or transaction costs
3. Pave the way for further decentralization of the proving process

Takeaways:

• Multi-prover systems using TEEs can significantly reduce the risk of catastrophic failures due to bugs in a single-prover
• TEE provers offer a balance of performance and security, validating all state transitions efficiently
• Both examples show TEEs as a stepping stone towards more decentralized and robust rollup infrastructures.

Read about Scroll's implementation here and Taiko’s here. 

Building in the Dark: Mapping the Crypto Privacy Landscape

Variant Fund published a comprehensive overview of the Web3 privacy sector, diving deep into generalizable approaches, including trusted execution environments. This piece mentions TEEs as a practical, easy-to-use, and performant solution for privacy in crypto, particularly suitable for certain applications, such as dark order books in DeFi. 

Takeaways:

• Choosing the right privacy solution depends on specific use cases and trust requirements.
• TEE's mention alongside popular solutions like ZK & FHE shows growing acceptance of their use within Web3.

Read the guide here.

Setting Your Pet Rock Free 

Flashbots and Nous Research introduced a breakthrough TEE architecture by enabling provably autonomous agents with exclusive control of digital assets and accounts. Their implementation uses Intel TDX to generate and secure credentials entirely within TEEs. This creates a system where even developers lose access after deployment. Published with a live demonstration on Twitter (@tee_hee_he), the project proves how TEEs can reshape conventional web accounts into verifiably autonomous systems through hardware-based guarantees.

Takeaways:

• TEEs provide the only way to achieve true "exclusive ownership" - a feature impossible with FHE, MPC, or ZK proofs
• Remote attestation offers cryptographic proof of non-interference, solving the "mechanical turk" problem
• The architecture bridges Web2 authentication and Web3 autonomy with practical, production-ready implementation

Read the full implementation details here.

Props for Machine-Learning Security

In their recent research paper, Ari Juels and Farinaz Koushanfar show how TEEs can unlock a completely new data frontier for ML systems. Their "props" architecture repurposes TEE-based oracles from blockchain systems to tap into deep-web data - a massive, previously inaccessible resource that is 100x larger than the surface web. The framework provides a production-ready way to authenticate sensitive data sources and secure ML pipelines without modifying existing infrastructure, showing how TEEs can bridge traditional web services and modern privacy requirements.

Takeaways:

• TEEs enable secure access to vast deep-web datasets previously unavailable to ML systems
• Props show how blockchain TEE infrastructure can be practically repurposed for ML security
• The architecture provides a working solution for private, verifiable ML using existing technology

‍

‍

Open Source Initiative

• Poetic Intents: Seeding the Next Generation of TEEs.

‍

Benchmarking & Wikis

• Marlin: Benchmarking the Oyster TEE-based Coprocessor Against zkML 
• Phala: Benchmarking Confidential Computing on Nvidia H100
• TEE Wiki - Trusted Execution Environment
• Blockchain Projects Working With Trusted Execution Environments
• SGX and TEE on the Blockchain Resources

‍

Talks

• The TEE Stack | Andrew Miller
• How to Win Friends and TEE-fluence People | Ethan Buchman
• Web3 Smart Privacy with Oasis A Developer Workshop
• Zero-Knowledge Podcast - TEEs | Andrew Miller
• TEEs for Blockchain Applications | Ari Juels
• Why TEEs Suck Both Less and More Than You Think | Phil Daian
• Enhancing ZK-Rollup Security With TEEs
• TEE.Salon - YouTube Playlist

This article may be periodically updated in the future to include new articles and reports.