Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution (1804.05141v7)

Abstract: Smart contracts are applications that execute on blockchains. Today they manage billions of dollars in value and motivate visionary plans for pervasive blockchain deployment. While smart contracts inherit the availability and other security assurances of blockchains, however, they are impeded by blockchains' lack of confidentiality and poor performance. We present Ekiden, a system that addresses these critical gaps by combining blockchains with Trusted Execution Environments (TEEs). Ekiden leverages a novel architecture that separates consensus from execution, enabling efficient TEE-backed confidentiality-preserving smart-contracts and high scalability. Our prototype (with Tendermint as the consensus layer) achieves example performance of 600x more throughput and 400x less latency at 1000x less cost than the Ethereum mainnet. Another contribution of this paper is that we systematically identify and treat the pitfalls arising from harmonizing TEEs and blockchains. Treated separately, both TEEs and blockchains provide powerful guarantees, but hybridized, though, they engender new attacks. For example, in naive designs, privacy in TEE-backed contracts can be jeopardized by forgery of blocks, a seemingly unrelated attack vector. We believe the insights learned from Ekiden will prove to be of broad importance in hybridized TEE-blockchain systems.

• The paper presents a secure hybrid architecture that decouples computation from consensus using TEEs, achieving 600x throughput improvement and 400x latency reduction compared to Ethereum.
• The paper establishes a formal security model within the Universal Composability framework that rigorously guarantees secure, concurrent smart contract execution.
• The paper demonstrates Ekiden's practical impact through evaluations on diverse applications, enabling privacy-sensitive and scalable decentralized systems.

Analysis of Ekiden: Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts

The paper "Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts" addresses critical shortcomings in contemporary smart contract implementations, particularly focusing on poor performance and lack of confidentiality. These limitations are in part due to the inherent properties of the underlying blockchain technology. The authors present Ekiden, a cohesive system that integrates blockchains with Trusted Execution Environments (TEEs) to achieve significant improvements in both confidentiality and scalability.

Key Contributions

The authors propose several core contributions to the research community through Ekiden:

1. Secure Hybrid Architecture: Ekiden's architecture decouples computation from consensus, a sharp contrast to systems like Ethereum where each participant replicates computation. This design leverages TEEs for computation over private data, ensuring that sensitive information remains confidential while maintaining high throughput. The system exemplifies impressive performance, achieving 600x more throughput and 400x less latency at a fraction of the cost compared to the Ethereum mainnet.
2. Formal Security Model: Ekiden's security model is rigorously presented through an ideal functionality defined within the Universal Composability (UC) framework. This model facilitates a comprehensive security analysis, providing formal guarantees about what the system can achieve under concurrent composition.
3. Enhancements for TEE-Blockchain Systems: The paper provides an in-depth examination of design patterns that maximize the security and performance of hybrid TEE-blockchain systems. These include solutions for key challenges such as maintaining confidentiality against block-forgery attacks, reliable failover strategies when TEEs crash, and effective key management.
4. Robust Evaluation: A thorough evaluation across diverse applications, from machine learning frameworks to smart building models, demonstrates the system's practicality. The authors highlight results where Ekiden processes transactions significantly faster and with higher throughput than traditional setups, notably outperforming Ethereum by orders of magnitude.

Implications and Future Directions

The integration of TEEs and blockchains in Ekiden showcases the potential of combining cryptographic hardware with distributed consensus systems. By addressing both confidentiality and performance, Ekiden asserts itself as a viable platform capable of handling complex, privacy-sensitive applications that were previously deemed unfeasible on standard blockchain architecture.

The research posits several critical implications for the development and deployment of decentralized applications:

• Enhanced Confidentiality: By preserving confidentiality through TEEs, sensitive computations can now be securely outsourced, broadening the potential for blockchain applications in areas like finance and medical data analytics which necessitate high privacy standards.
• Increased Throughput: The system's decoupled architecture and efficient execution model allow smart contracts to operate at scale, thus supporting a wider adoption of blockchain technology across industries constrained by performance limitations.

Looking forward, the application of Ekiden could extend to more sophisticated coordination forms across distributed systems. Advanced key management and inter-node communication protocols could further refine the interaction between TEEs and blockchains. There remains a vivid interest in evolving Ekiden to accommodate a more robust threat model that reduces reliance on individual hardware components.

Conclusion

In summary, the Ekiden platform represents a methodological advance in the development of blockchain smart contracts, addressing confidentiality and performance limitations comprehensively. It provides the necessary tools and models to explore new application domains previously hindered by traditional blockchain constraints. As distributed ledger technologies continue to evolve, the principles and contributions provided by Ekiden offer a substantial foundation for realizing highly confidential and efficient contract execution frameworks in the near future.