 I'm Sanjay, I work for Intel and this is Andrea's works for Consensors. So today we are going to share some of the work that we have been doing in the space of like, you know, how we can apply trusted compute for the good of Ethereum as an option. So the talk today is like, you know, two parts. One is generally talking about how we are viewing this trusted compute to play in the space and then Andrea's will drive completed with a concrete example of something that we are doing and then tomorrow there's a breakout session that will go into a whole bunch of more applications in this space. So with that I'll get started. So there are like lots of definitions of when it comes to trusted compute. So I thought that would start off with, you know, having a level set of what it means, right? Typically when I talk about trusted compute I say that, hey, it's a place on your PC or on your server where software can execute without any external interference. So to drive the point home, so think of the box in the big box in the middle is your PC or your server. It has two parts to it, the trusted and untrusted part and the blue is the trusted part or the trusted compute and inside there you can run your code and or you can have your secrets like keys and any sense to data. All of that can be processed in this blue part and to be secure even though in the white part around it you may have a malware or something else is owning that system. So it gives you that isolation on an off-the-shelf platforms. And the other side of it is like, you know, the final point there is that whatever it does it gives you an attestation to what happened so that like anybody can verify that the result really did happen inside the trusted compute and these instructions did actually get executed. So I work for Intel and Intel's one of the popular trusted computes out there is Intel SGX and more than happy to talk about it in general. But today we will talk in generally in terms of trusted compute and then there are these other variants of trusted compute based on ZK proofs and MPC. Those are also there that can be used to apply to the concepts that we're going to be talking here. So the first thing we were saying is like, you know, hey, how can trusted compute play in this space? And there are lots of questions and you guys probably seen this picture. And what we're asking is like, you know, hey, how can, you know, if we add trusted compute to this world, right now the problem is like you can get two of the three, not all three. So can we basically do something with trusted compute so that we can, you know, make it possible to achieve all three so that we have scalability, we have decentralization and we have the security. So let's talk about each of these things briefly and then see how that goes. So first of all, like the security is plainly is like transactions per second or seconds per transaction. We believe that, you know, given the, you know, the way these trusted computes work in terms of you have the integrity of the execution and things like that, you can combine it with constructs like, you know, plasma chains and side chains and you can achieve a lot of scalability in that space. And there has been work in the space have done and some of that will be talked about in the breakout tomorrow. The other side of the thing is that the security is there are two ways to look at the security. One is security of your consensus and things like that. And one is the security of around it, you know, transaction ordering and things like that. So again, going to the property that you have, you can trust like, hey, if I asked this trusted compute to do one plus one, it did do one plus one. So based on that, we are doing some work. And that's work that Andreas will talk about in a little bit. And finally, the decentralization, right? There's a lot of this conversation is like, if you rely on trusted compute, you let go of decentralization. And this is something that we would like to have a conversation around. Because if you take trusted compute, the way I viewed decentralization, the way I have, you know, read it in various articles, like on charging and things like that, it's about, you know, two properties like censorship resistance and permissioning. And we look at trusted compute. It doesn't have either of these properties. Anybody can, you can, my PC has this trusted compute, all of your PCs have it and you are free to run it. So there is no that you need to have a special hardware from somewhere to do these kinds of things. And then you can and you can run it. So initially, yes, there were some controls in terms of like, you know, who all gets to run software in this space and things like that. And what at least for Intel, we have worked to, you know, actually remove all of those controls in terms of like, we are no longer going to be in the middle of like, who gets to execute and who gets to attest and things like that. So we have, you know, worked to be in last one year since you know, ease out all of that stuff. But but there is this thing like, like anything in the space, as we go further, as we go new use it in newer spaces, there's always that, you know, hey, things can get hacked, which is which we view is no different than a particular hashing algorithm getting hacked, as long as we there's a commitment to basically fix it. And then there is this notion that who or is the provider of this trusted compute has done the due diligence on is willing to do continued due diligence to make sure that it is, you know, delivering on its promises. So in general, we believe that, you know, it tested compute if it used in a particular, you know, ways can be a very helpful tool in addressing and easing this trialima problem that that we haven't blocked in can just help it to, you know, get deployed very easily in some cases. So what I will do is like quickly, you know, before I jump into like, you know, some of the ideas we have, and then a concrete idea just to level set a common design pattern around us. So you have a trusted compute, it can be in a PC or in a server, you have some function that you can basically, you know, deploy to it. And that that typically we call an enclave. And that function can be anything. It could be matching a fingerprint data against template or finding a particular pattern and something. It can be anything. The idea is that you can, you know, you can be sure that particular sets of instructions were executed, and that your data that whatever you gave it was handled confidentiality. And then there can be any requester who can provide two things. One is the data on which they would like to operate, have that algorithm operate upon. And plus you can also provide your own identity that the enclave or the function will check before even executing your request. And then end result of this, all of this process is like you have data, you have algorithm all executing inside this container and secure container. And you come, output is this attested result that anybody can basically validate. It can be the requester or it can be somebody else who you're targeting that. And finally, if you're running this trusted compute in the context of a PC, you do have this human secured what we call protected transaction display. And that's basically is that before the transaction is completed, you can prompt a user for some kind of a pin or something like that so that you have user has all the control at the end of the day what happened. So you can build that in. And tomorrow, during breakout, Ledger who have built a wallet on top of SGX will talk about some of this. So in general, what we believe is like if you step up from all of this, this thing enables this notion that I can prove that something I did or I did not. And I can be kind of sure that the data that I gave it to you, it didn't leak. That's what this trusted compute is giving at the end of the day. So now let's jump into one last slide from me is how could it now connect with Ethereum, specifically Ethereum 2.0. This picture probably, you know, most of the people have seen it. It's off the medium articles. And the main thing really here is that this whole, you know, today morning, like in the morning, Vitalik talked about this beacon chain and things like that. So there's four tiers of, you know, abstraction or the layering of this whole Ethereum 2.0. In this, there are two things here. One is this beacon chain, which I in my view is like it's the control plane that's making sure that things are happening the right way. And then at the bottom is your execution plane. So in the control plane, this is where you have the validators and verification and, you know, all the crypto economics going on in terms of like, you know, making sure that, you know, everybody is doing the right thing. And if somebody is not doing the right thing, penalizing them and all of that, you know, keeping the equilibrium and keeping the system working. So right now, the focus really is on, hey, you know, you did something wrong. Okay, I'll penalize you. But what we are saying is, with if you run, say, validator or you run a verifier inside the trusted compute and you have all of those log of your activity, you can really prove that, you know, hey, I did do this. That means I did vote on it. Something else in the ecosystem down the line is basically censoring my output. Or I did not do that because the key that is used to sign the result is safely inside the thing and cannot be leaked. So this is what we see is like, we can simplify some of these things and this is where you will talk a little bit about it. And then lastly, at the execution layer, you know, signature validations as an example, you know, it's a common thing and they take a lot of time. You can offload that. Complex tasks that require a lot of, you know, gas, you can offload that to a, you know, plasma chain built around this or a side chain. So in general, like what we see is like, you know, at the beacon layer, it reduces the friction or reduces the fear that I might get slashed and I don't have anything to fall back to. So it in a way helps more people to participate and increase hopefully the democratization of this whole decentralization and also helps with the scalability and security. At this point, I will turn over to Andreas. Let's get a little real with what we have here. Is this on? Oh, better. So we talked about secure private and self-control and it can be ubiquitous. So what are the type of services that could be built with this on top of Ethereum? So you have, for example, a decentralized device registry. Which is valuable when you're talking about IoT self-driving vehicles. You have secure multi-party transaction signing, which is applicable not only for Ethereum transaction, but for any transaction. You don't no longer need your private key on your device because you can have the signing done in a trusted way by multiple parties. You have secure decentralized cloud. So we're talking with OEMs to be able to provide, to collect a cloud, a fog of devices that run trusted compute services. And I'll talk at the end for a few minutes about that. You also can do MPC analytics. You can also now do secure wallets and real-time oracles with this. And you can do secure public or private data stores. At Consensus there are a project called Linea at the decentralized identity foundation. We're working together with others on identity hubs where we'll actually employ these technologies. Then you have what you probably have heard before, off-chain compute, offload, a lot of smart contract heavy logic on to trusted compute entities as well as secure attestation validation. So for example, if your bank gives you your KYC and it says you have a US or security number, you have a valid US address, you don't want to reveal that, right? But you can prove that you're over 21, that you have a valid source security number and you can pass this attestation into a trusted compute that applies the logic to it and generates another anonymized attestation that still proves the same thing. So after talking about the applications on top, let's come back one step and let's talk about what we can do on an Ethereum node. Apparently I shouldn't touch this. So what Sanjay showed you about Ethereum 2.0, let's take that level deeper and let's do a little journey of an Ethereum transaction. So it first comes into the transaction pool. Well, nowadays any node can do anything with your transaction. It can do front running, it can put it into any order that it wants or it might just simply censor it. So if you ask add a trusted ordering and encryption service to that, all of this goes away. So you're taking a significant attack vector out. If you're following along, you go to the EVM that goes into the level DB, you can now do a trusted EVM execution service before it goes to proof of work. That's for the main net. If you're now going Plasma Chain, Site Chain, Beacon Chain, you're talking about CASPER-FFG and here again you can employ a trusted compute service that actually says, hey, I voted this way. And no human being can influence that, which means your assurances that the vote was done honestly go up exponentially. So this is for node, let's go one level deeper. So I give you three concrete example already at layer one. Now let's dive one level deeper. This looks really, really ugly and it is. What I want to focus on on the right-hand side, the actual trusted compute logic for a transaction ordering service is very, very simple. And on the left-hand side, and again don't focus on all the text, the key thing are the two blue boxes about trusted transaction pool app and the trusted ordering registration update service are two updates that can be done to the transaction pool module in a complimentary fashion, which means the actual change to the protocol is actually minimal. So you can, with minimal protocol changes that do not require forking or anything like that, you can increase the security of the Ethereum network significantly. Okay, so after going down to the protocol layer let's go one back up and talk about services. How can you discover these services? You can run Intel SGX or AMD or TrustZone or a zero-knowledge proof service on your laptop and that's great but no one can find it. So that's you the provider, you have your trusted compute. What do you need? You need a utility service market platform. So really for trusted compute is best if it has a marketplace with a broker service running on a blockchain such that a buyer who uses and needs this trusted compute service can now find it and pay for it on a per transaction or on a subscription basis and now anybody in the world who runs such a trusted compute service can register it, can expose it and can offer it to anyone on this planet and they can actually resell it if they want to. However, because of the way this works you can now exact another rent. It's fine. If you guys can hear me alright then that's good. So this way the provider can also participate on the subsequent monetization of that secure service. So through the marketplace. So again we're discussing with various OEM providers to actually build such a marketplace. So that's very exciting work that's going on that we want to push forward and so when you look at the services, the applications and the and the layer and the layer one you see how the trusted compute can really add to as Sanjay said to the democratization and decentralization of blockchains not only Ethereum but any block chain that's out there. So that's why we're really excited about this aspect and therefore it's a really want to finish here with a vision to the community right. We invite you to review improve and to help implement this vision not only for Ethereum but for all blockchains such that they can be successful and deliver on their promise and as a first step please join us tomorrow at the other trusted compute and other trusted compute enthusiasts actually in the ultraviolet room at 10 a.m. where we talk about the future of Ethereum with trusted compute. Thank you. Thank you very much guys. We got eight minutes for questions so this is started. On that previous slide you had the buyer reselling data from the provider and the provider collecting rent from the buyer third-party customers. How do you do that? You're actually not reselling the data. You're reselling the service which means you still control who gets the service. You still hold the permissioning so if you want to resell it the other party needs to be added to that service contract. So that's how you ensure that you get paid for that service if it's resold. What do you say to ease the fears of people that generally notice that trusted compute relies on trusted hardware that's often times closed source and not allow for security reviews resulting in things like the level one terminal fault and a recent breach that exposed system management mode on Intel chips that validated SGS completely just how do you reconcile it? So the general thing is like being as much as open as we can in terms of like the breaches happen not because their intentional breaches happen because we are starting to use this technology at scale and many people are looking at it. And at Intel we are committed to working continuously and quickly to provide patches provide whatever is needed and as the breaches that happened there's a lot of information on Intel website in terms of why you can get the patches and how you can basically put it on the systems and how we can figure out whether the system has been passed. So there's a lot of information there. Also if you think about side channel attacks actually I talked with Marley Gray from Microsoft yesterday and we'll probably do a little experiment with Microsoft research to see whether you can actually do a side channel attack on a laptop in a Starbucks. If you can do that then you really have a problem right? Typically you will not be able to get the apparatus you need into a secure data center. That's really hard. So it's more like on your custom laptop. And we'll do that more hopefully in some time be able to produce a little video about that and see how well that works or doesn't work. So looking forward to that. So in the end the more you get these trusted compute services out into the marketplace and into the hands of people the more secure it's going to be and the more decentralized. So if people are offering those services and other people use it the risk of a few controlling the money is really low. I just had a question if you could try to correlate for the naive observer who sees a vision here for something that allows additional scaling, better efficiency of compute and so forth. But then it's not really on the roadmap when the Ethereum foundation and the group is talking about what's in Ethereum 2.0 zero knowledge proofs are as both scaling and privacy. So just can you say some words about that? I can start that right. So you're right and a lot of it is like generally a lot of not information about how trusted computers work and all that stuff. So we have done a lot of work in the context of enterprise Ethereum wherein for example we have released a 0.5 version of an API which anybody on the chain a smart contract on the chain can talk to a trusted compute and bring the results back and things like that. It's 0.5 version and the idea is to get that kind of a conversation going and that's where we are here in terms of like you know hey there are these things and that trusted compute API that we have put out there it's not specific to a particular thing. We want to comprehend hardware based and software based trusted because it's not a silver bullet kind of a thing. So we see that's what we are doing and that would be a great place to start because a lot of the stuff work in there is like right now more enterprisey in terms of the flows but immediately we're going to start work on how to make that API apply for public Ethereum where you have the gas constraints and things like that. Oh yeah so it's sort of a follow up to the the down on the back. So it's sort of a follow up to the question that was just asked about how it's we don't really see this on the roadmap with Ethereum 2.0. I think one thing that would help is if these designs were open they would help people actually trust what's going on. And another thing is have you all approached them even the whole idea of feeding randomness from RANDOW and the beacon chain into a VDF there's all this research and work going on to create a verifiable delay function ASIC. Could this help? Could that replace that? You're right on the mark because we have some really hard earned random generators within the hardware that feed off the entropy within the system and when I look at RANDOW and all that in context of beacon chain it becomes very very interesting. So that's where we talked about it there's a role to be played and that's why we are here is like let's have that conversation going what's the right way to do it. Are you all approaching Justin Drake to ask him about that? We have not yet but the idea is first was to get the API out have something to shoot against him. But that's the idea. That would just be a really good way to get an answer really quick about what reservations they have so that it could be moved forward. Thank you. This is the beginning of a dialogue, right? And one thing that I want to point out what we're saying here is we're not replacing any of the current security features. We're not saying replace proof of work with proof of elapsed time using Intel SGX or any other trusted enclave. We're adding additional security features to the ecosystem stack that makes the whole thing more secure allows better decentralization and lowers the barrier to entry because it is literally ubiquitous. Already. If you run an i7 and i9 you can turn on Intel SGX and deploy a trusted service in a few minutes. So it's about educating the ecosystem about this novel idea and it really has only come out in the last six months really six to nine months that we've been working on to formulate the ideas to talk with people like Virgil and it's a slow process because Intel came out first and helped the keys and that's what's stuck in people's heads and you're saying Intel doesn't hold the keys anymore or AMD or ARM it really doesn't matter.