TEEs are picking up steam! Tricks we use in our system to get the "best" security model we can:

[1] Scary to depend on a small set of unstaked nodes to verify a computation. Alleviate via multiple confirmation rules like TEE attest -> TEE attest and ZKP -> TEE attest and ZKP and ...

[2] Scary to depend on cloud providers with kill switches. Alleviate by spreading TEE networks across different centers (AWS, GCP, Azure) and imposing a lower bound % for independent SGX nodes.

[3] Scary to depend on hardware manufacturers to not backdoor. Alleviate by secret sharing across nodes with different chips, though this only works if decryption conditions don't require the secrets themselves.

founder @seismic // product-focused cryptography // rookie years @ stanford, google

Tradeoff space here is extreme

Eg: Every incremental provider add is liveness(+++) but privacy(---)