The Enterprise Ethereum Alliance* (EEA*) announced the EEA Trusted Compute Specification v1.0 at Consensus 2019, the annual gathering of the blockchain technology world. Software developers can use the Trusted Compute Spec to extend the benefits of blockchain computational trust to off-chain assets such as data, sensors, and compute capacity. By doing so, a developer can enhance the privacy and scalability of their blockchain solutions.
The Enterprise Ethereum Alliance Trusted Compute Working Group built the Trusted Compute Spec with contributions from Intel, ConsenSys*, iExec* and other EEA members. The effort was launched in 2018 to extend decentralized trust of the Ethereum blockchain with off-chain trusted compute resources. The Trusted Compute Spec works with smart contracts written for the public Ethereum network as well as private Ethereum blockchains in development within the EEA.
Blockchain Computational Trust
Blockchains embrace the notion of computational trust: they use computer processing to establish validity of transactions rather than an institution or intermediary. Gartner1 suggests that blockchains will create $3.1T of value for corporations by the year 2030, and two-thirds of that value will come from computational trust overtaking institutions and intermediaries.
However, the notion of computational trust creates privacy and scalability tradeoffs for blockchain developers. Transaction validation can be a time-consuming process, and it can become slower and require more compute power as a network grows. That is one of the reasons why Bitcoin and Ethereum operate at 3-15 transactions per second, while Visa can operate at over 24,000 transactions per second2.
Data privacy can be an issue, too. Blockchains typically replicate transaction data across validator nodes to assist with provenance. This replicated data can be a problem for developers who need to build strategies to prevent un-authorized participants from seeing valuable corporate data stored and replicated on-chain.
Fortunately, the Trusted Compute Specification provides a solution that developers can use to address these speed and privacy issues.
Trusted Compute Specification
The Trusted Compute Specification was designed to help developers gain the benefits of computational trust and mitigate its drawbacks. The Trusted Compute Specification specifies that a blockchain is used to enforce execution policies and ensure transaction auditability, while associated off-chain trusted compute resources execute transactions. By using trusted off-chain compute resources, a developer can accelerate throughput and improve data privacy.
The off-chain execution enabled by the Trusted Compute Specification allows complex transactions to execute on dedicated servers or cloud-based virtual machines (VMs). Once complete, the results of those transactions can be posted back to the shared ledger so that the developer gains access to dedicated compute power for faster execution, while gaining the benefits of blockchain computational trust.
Off-chain execution can help a developer deliver data confidentiality, as well. Developers can gain access to off-chain data stores and selectively post portions of the transaction results back on the blockchain. This allows access by the replicated blockchain network only to the select portion of the transaction data that the developer intends to share, and it leaves the rest of the transaction data off-chain in the original data store.
- Applications for the Trusted Compute Specification are numerous. It helps developers gain access to off-chain resources such as data stores, compute capacity, and sensors. By implementing the Trusted Compute Specification, developers can combine the blockchain world with the off-chain world for new and impactful decentralized applications.For example:
- Use a blockchain with an enterprise resource planning (ERP) database to help inform a supplier network of a critical component’s supply and demand. The Trusted Compute Specification provides a method for the developer to link the off-chain ERP application to the blockchain network while preserving the confidentiality of the ERP database.
- Automate transaction contracts with sensors that record the arrival weight and quality of a container of goods. The Trusted Compute Specification provides a method for the developer to establish a link to those sensors to trigger the contract.
- Execute compute-heavy genomic searches that occur between multiple medical facilities throughout the world. The Trusted Compute Specification provides a method for the developer to execute searches off-chain with dedicated compute resources and then go back to the main chain with the results.
Trusted Execution Environments and the Trusted Compute Specification
Developers who utilize the Trusted Compute Specification will find that hardware-based trusted execution environments (TEEs) like Intel® Software Guard Extensions (Intel® SGX) play a key role in helping extend computational trust to off-chain assets. Developers can use the attestation capability of Intel SGX to help verify that a specific off-chain workload has been loaded into an off-chain server for execution. The isolation of Intel SGX can help ensure that the code and data are not observed or manipulated from a source outside the TEE, including the service provider hosting the TEE.
A workload running off-chain in Intel SGX also can cryptographically sign the data output and return that data to the blockchain. The use of a TEE like Intel SGX can help a developer ensure that the desired off-chain workload has executed to completion by an intended workload processor, and the TEE can help validate the results of the execution, thereby helping to extend computational trust from on-chain to off-chain.
Get Started Today
Developers can learn more about the Trusted Compute Specification and download the 1.0 specification at the Enterprise Ethereum Alliance documents site.
A Developer Guide to Enhance Blockchain Scalability with TEE: The official EEA Off-Chain Trusted Compute Specification V1.0 announcement at Consensus 2019, the annual gathering of the blockchain technology world.
Can a Blockchain-Controlled Robot Change the Future?: Developers can combine IoT devices and 5G networks with blockchain technology to help people, computers, and sensors interact for a host of use cases.
Toward Web 3.0: A Trusted Compute API for Blockchain Solutions: Developers can accelerate the execution of complex smart contracts while preserving the privacy of sensitive off-chain data.
Intel® SGX Application Design: All Intel SGX applications share the same, basic structure. This means there are some common design principles that apply to all of them.
Michael J Reed is a senior director of Intel’s Blockchain Program Office, where he manages a team responsible for delivering new blockchain ledgers and applications that utilize unique elements of Intel® architecture. Mike has more than 20 years’ experience funding and driving technology ventures related to blockchain, crypto-currency, online payments, RFID, Internet of Things, cloud computing and consumer electronics.
1.The CIO’s Guide to Blockchain
2.Visa acceptance for retailers
Intel provides these materials as-is, with no express or implied warranties.
Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No component or product can be absolutely secure. Check with your system manufacturer or retailer or learn more at http://intel.com.
Intel and the Intel logo are trademarks of Intel Corporation in the United States and other countries. Other names and brands may be claimed as the property of others.
Copyright © Intel Corporation 2019