A protocol for allowing any TDX device to prove its output onchain
Its first use case will be for proving that blocks on the Unichain L2 were built using fair and transparent ordering rules
- TEE Devices
- TEE Public Keys (these are used to identify and verify TEEs and their outputs)
- TEE Attestations (also called Quotes)
- Block Signature Transaction
- Governance Values
-
Registering a TEE Device (also referred to as a block builder)
a. Should only be callable from a TEE-controlled address
b. Verify TEE Quote
c. extract and store TEE address and workload info
d. set liveness (we want a way to indicate that a TEE device has not been active for a long period of time, and for that we use liveness)
-
Verify Flashtestation transaction
a. Check signature of transactions against registry of live builder keys
b. update TEE device liveness
-
Deregistering a TEE Device
b. Mark TEE device as "retired"
This will perform a simple test to see if onchain verification of a tdx attestation works
forge script --chain 11155111 --rpc-url $ETHEREUM_SEPOLIA_RPC_URL script/FlashtestationRegistry.s.sol:FlashtestationRegistryScript
- Implement TEE Device Registry
- [] Implement Flashtestation transaction verification
- Should it be Upgradeable?
Pros:
- very simple to account for changes to the Automata DCAP Attestation contract, contract bugs, contract upgrades
- Doesn't really impact the trust model, because we already expect to have some Security Council of Unichain + Flashbots in the beginning that manages which workloadIDs to trust (via the setting of Policies)
Cons:
- trust model now relies on owner (probably a security council of Unichain + Flashbots) to remain not collude. If they do collude, they can upgrade the contract to emit a malicious
Registeredevent and trick users into incorrectly trusting that blocks are being verified by a trusted TEE
Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.
Foundry consists of:
- Forge: Ethereum testing framework (like Truffle, Hardhat and DappTools).
- Cast: Swiss army knife for interacting with EVM smart contracts, sending transactions and getting chain data.
- Anvil: Local Ethereum node, akin to Ganache, Hardhat Network.
- Chisel: Fast, utilitarian, and verbose solidity REPL.
$ forge build$ forge test$ forge fmt$ forge snapshot$ anvil$ forge script script/Counter.s.sol:CounterScript --rpc-url <your_rpc_url> --private-key <your_private_key>$ cast <subcommand>$ forge --help
$ anvil --help
$ cast --help