The cryptocurrency community is warning about the safety of the networks that use the technology called Reliable Execution Environment (TEE), after the alleged detection of an exploit or vulnerability that puts at risk the nodes that depend on this solution.
On October 1, Yannik Schrade, CEO of Arcium, a company that develops cryptographic solutions, wrote In his X account about that attack and opinion about the use of Tee:
The Tee have just been completely compromised. In summary: a new exploit makes them totally exploitable. Many ‘privacy’ projects in cryptocurrencies use them. TEES do not provide privacy or security.
Yannik Schrade, CEO of Arcium.
The TEE They are execution environments that They function as a “safe box” Inside the computer processor. They allow sensitive applications to run isolated from the operating system, to protect data and processes that do not want to reveal.
Manufacturers such as Intel and AMD offer these solutions under brands such as Intel SGX, Intel TDX or AMD SEV-SNP, and have been adopted by cryptocurrency projects for reinforce the privacy of nodes or validators.
Schrade shared a photo where he points out what are some of the networks that EEE (in the red box):
Among the networks mentioned by Schrade are some such as Phala Network, Secret Network, Super Protocol, Oasis.
Also, according to the Ethereum ecosystem developer known as Fede’s international, «Tee are a disaster. Get them from them ».
However, while Schrade denounces the vulnerability of Tee, he also promotes the cryptography -based alternative that his company sells, promoting a possible conflict of interest.
«What is the alternative? Cryptography. Cryptography has always been the only solution. More specifically, the encrypted computation, ”he says.
Then he explains that his team has been working in a protocol that seeks to offer encryption computation without physically stored secret keys.
At the time of writing, neither Intel nor AMD have spoken in networks about the vulnerability that affects Tee.
A cheap and impact on networks
The exploit described by Schrade allows, with physical access to hardware, completely break Intel SGX, Intel TDX and AMD SEV-SNP.
“Even an attacker at the amateur level can extract the attestation keys and the secrets of the enclave,” he said.
In decentralized networks, where nodes and validators manage their own hardware, Physical access is not always controlled. Schrade argues that this makes it impossible to guarantee privacy or integrity: “They offer a false promise of security,” he says.
Although cloud service providers They usually exclude the physical attacks of their threat modelmany deployments in production ignore that limitation and trust that the hardware will provide security against any type of intrusion.
This leaves an open door for attackers with physical access to machines, especially in decentralized environments where The nodes are operated by third parties And there is no direct control over its infrastructure.
The severity of this exploit intensifies Due to the decentralization of nodessince its global distribution at various physical points multiplies the possible points of attack, making the defense of the network against local intrusions more challenging.
According to Schrade, to carry out this type of exploits, an interposition is enough on the DRAM bus to extract any data from the enclave.
The DRAM bus is the internal channel that connects the main memory of the system (RAM) with the processor. Everything that is processed in an enclave inevitably passes through that channel. Place a device or tool between both components allows to capture or modify the information in transit.
“The attack literally costs about 10 dollars and does not require great technical knowledge,” said Schrade.
Cryptography against reliable hardware
Eli Ben-Sasson, CEO of Starkware (the company behind Starknet, a second layer of Ethereum) also He warned that tee should not be used in decentralized networks infrastructure.
Each Tee contains a secret key inside. If you extract that key, all security is lost. And since the key is physically there, there is an amount of money for which it can be extracted, and that cost will continue to go down over time.
ELI BEN-SONSON, STARKWARE CEO
He explained that each Tee keeps inside a secret key and that, being physically present, It can be extracted by paying a cost.
In simple terms, Ben-Sount is saying that the secret keys within a tee are not untouchable: if someone has physical access to the hardware, they can develop or buy techniques to extract them.
That is why he argues that, in a decentralized environment, you cannot trust a TEE to protect critical data: “If you want a blockchain to be decentralized and safe, you simply cannot use a TEE in it,” he added.
For its part, developer Rand Hindi explained:
The attack allows anyone with physical access to a Tee node in a blockchain to access all the data encrypted there. The report includes four proof of concept tests in main chains. Anyone who executes a validator or a complete node can execute this attack with only $ 1,000.
Rand Hindi, cryptocurrency ecosystem developer.
Hindi emphasizes that there is no technical solution for this except prevent non -reliable people from operating nodesor force them to use cloud suppliers. “This means that you cannot have validators and suppliers RPC executing your own hardware, since a single malicious node would compromise everything.”
Finally, the developer attributes the problem to Intel:
The worst thing is that it was not the fault of the TEE protocols, but of Intel, which ruined its cryptographic implementation and ended with deterministic memory encryption. And Intel will not fix it because he is out of reach of his threat model. So we stop taking shortcuts and start using real cryptography as FHE. It works, it is fast and it is safe.
Rand Hindi, cryptocurrency ecosystem developer.
The case exposes the dilemma between trusting closed hardware and applying open cryptography.
Schrade’s statements, Ben-Sasson and Hindi agree that, for really decentralized infrastructure, security must be based on proven mathematics and Not in removable physical secrets.