One-Line Description

A Trust-Weighted Consensus Mechanism for Multi-TEE Distributed network. A "Proof of Attestation" where multiple TEEs coordinate in verifying the integrity of computation by proving trust among network peers.

What is Proof of Attestation?

This consensus mechanism works on the fundamentals of threshold cryptography and distributed attestation key verification. TEEs in a network mutually verify each other's hardware attestation reports and publish their results to on-chain Protocol. The Protocol then calculates trust scores for each TEE in network based on peer verifications, creating a Multi-TEE network of trust that's resilient against attacks.

This approach incorporates elements of Byzantine Fault Tolerance, allowing the network to function correctly even if a percentage of nodes are compromised or malicious. Rather than relying on a centralized attestation authority (a single point of failure), trust is distributed across the network. When compromise occurs, the network detects and restricts faulty nodes gracefully rather than catastrophic failure.

What Problems Does Proof of Attestation Solve?

Centralization Vulnerabilities:

The Primary Threat this system Eliminates is dependence on centralized remote attestation authorities, which, if compromised, could undermine trust across entire TEE ecosystems.

Compromised Attestation Keys:

If Attestation Key is compromised, which traditionally allow attackers to:

• Impersonate legitimate TEEs
• Bypass hardware security guarantees
• Create "fake" TEEs that external systems trust completely.

Having a distributed attestation verification ensures that even if a single key is compromised, the network relies on multiple independent verifications, quickly identifying and isolating the compromised TEE.

Side-Channel Attacks:

Protection against sophisticated side-channel attacks that have historically compromised TEE attestation systems like Intel SGX, where attestation keys were extracted through hardware vulnerabilities.

Architecture

Distributed TEE Network

• We have deployed Multiple TEEs on Intel Software Guard Extensions (SGX) using Phala Network.
• Each TEE in network has the ability to provide Attestation (Intel SGX’s built-in ECDSA-based attestation), which uses the NIST P-256 elliptic curve for generating cryptographic proofs. This allows other peers in network to verify that application is running within a legitimate enclave.
• Peer TEEs verify the attestation using Intel SGX’s Toolkit dcap-qvl. which natively uses NIST P-256.
• Verification Results are published On-chain. No single point of failure in the attestation verification process.

Dynamic Trust Scoring

• Protocol Layer Calculates Trust Score For each Node in Network. Trust emerges from collective verification rather than central authority.
• Graduated response mechanism based on trust thresholds:
  • 100-90%: Full operation
  • 89-75%: Warning state - flagged for investigation
  • 74-50%: Restricted operation - limited to non-critical functions
  • Below 50%: Complete suspension and enclave restart

Intelligent Fault Tolerance

• Network continues operating even when some TEEs are compromised i.e. their Trust Scores drops below 75%.
• Compromised TEEs are automatically identified and isolated, limiting their network influence proportional to their trust score deterioration, preventing attack propagation.
• When the enclave restarts, Self-healing mechanism kicks in and trust score are rehabilitated proportional to consistent positive verifications.
• Graceful performance degradation rather than catastrophic failure.

Protocol Layer Administration

• The Protocol forms the backbone of the Proof of Attestation system, orchestrating the interactions between TEEs and ensuring the integrity of the trust verification process.
• Built on-chain, this layer provides transparent administration, auditable, and automated enforcement of consensus rules.
• Smart contracts enforce consensus rules and trust thresholds