Trusted Execution Environments in PRVNZ

Overview

PRVNZ leverages Trusted Execution Environments (TEEs) as part of a hybrid MPC+TEE architecture to provide hardware-rooted security for digital rights management. TEEs create isolated execution environments where sensitive operations occur without exposure to the host system.

Why Hybrid MPC+TEE?

The Problem with TEE-Only Solutions

Traditional TEE-only architectures create a single point of failure:

  • Complete private keys stored in one enclave
  • Vulnerable to physical attacks (e.g., TEE.Fail)
  • No redundancy if hardware compromised
  • Supply chain risks

PRVNZ's Solution

Combine Multi-Party Computation (MPC) with TEEs for defense-in-depth:

  • Private keys split across multiple TEE nodes (3-of-5 threshold)
  • Geographic distribution across datacenters
  • Hardware diversity (Intel SGX, AMD SEV-SNP, Intel TDX)
  • No single point of failure
Traditional TEE-Only:
[Complete Key] → [Single SGX Enclave] → [Single Point of Failure]

PRVNZ Hybrid MPC+TEE:
[Key Share 1] → [SGX Node 1] (us-west)
[Key Share 2] → [SEV Node 2] (eu-central)
[Key Share 3] → [TDX Node 3] (ap-south)
[Key Share 4] → [SGX Node 4] (us-east)
[Key Share 5] → [iExec Node 5] (eu-west)

Threshold: 3-of-5 required
Physical attack on one node = Key still secure

Supported TEE Technologies

Intel SGX (Software Guard Extensions)

Features:

  • Process-level memory encryption (EPC)
  • Remote attestation capability
  • 128-256MB encrypted memory (EPC size)
  • CPU-level isolation

Use Cases:

  • License verification
  • Key share storage
  • Cryptographic operations

AMD SEV-SNP (Secure Encrypted Virtualization)

Features:

  • VM-level memory encryption
  • Full VM RAM encrypted
  • Nested page table protection
  • Live migration support

Use Cases:

  • Validator infrastructure
  • Large-scale data processing
  • Institutional deployments

Intel TDX (Trust Domain Extensions)

Features:

  • VM-level isolation
  • 512GB+ encrypted trust domains
  • Strong isolation boundaries
  • Intel AMX for AI workloads

GCP Confidential Computing

Features:

  • AMD SEV, Intel TDX support
  • NVIDIA H100 GPU TEE
  • Managed infrastructure
  • Attestation services

iExec Decentralized TEE Network

Features:

  • Distributed SGX infrastructure
  • Marketplace for TEE compute
  • Secret Management Service (SMS)
  • Geographic distribution built-in

Remote Attestation

What is Attestation?

Remote attestation allows a third party to verify:

  • Code running in TEE is authentic
  • Hardware is genuine and uncompromised
  • Enclave measurements match expected values
  • Execution environment is secure

Attestation Flow

1. Enclave generates quote (signed by CPU)
2. Quote includes:
   - Enclave code hash
   - Data hash
   - Hardware identity
3. Verifier checks:
   - Signature chain to Intel/AMD/ARM root CA
   - Measurements match expected values
   - Freshness (timestamp)
4. If valid: Establish secure channel

Security Model

Defense-in-Depth Layers

Layer 1: Physical Security

  • SOC 2 Type II certified datacenters
  • 24/7 monitoring
  • Tamper-evident hardware
  • Geographic distribution

Layer 2: Hardware Security (TEE)

  • Memory encryption
  • Isolated execution
  • Remote attestation
  • Hardware root of trust

Layer 3: Multi-Party Computation

  • Threshold secret sharing (3-of-5)
  • No single node has complete key
  • Distributed key generation
  • Proactive key rotation

Layer 4: Network Security

  • TLS 1.3 for all communication
  • Mutual authentication
  • Rate limiting
  • DDoS protection

Layer 5: Application Security

  • Formal verification (DAML)
  • Security audits
  • Bug bounty program
  • Continuous monitoring

TEE.Fail Mitigation

The Vulnerability:

TEE.Fail (October 2025) demonstrated physical memory bus interposition attacks on DDR5 systems affecting Intel SGX, Intel TDX, and AMD SEV-SNP.

PRVNZ Defense:

  1. MPC Key Splitting: Attacker needs 3+ nodes, not just 1
  2. Geographic Distribution: Requires physical access to multiple datacenters
  3. Hardware Diversity: Different platforms have different vulnerabilities
  4. Continuous Monitoring: Detect anomalies early
  5. Proactive Rotation: Limit exposure window (90 days)

Performance Considerations

Overhead Analysis

TEE TypePerformance ImpactMemory LimitStartup Time
Intel SGX5-10%128-256MB<100ms
AMD SEV-SNP5-10%Full VM RAM<2s
Intel TDX3-8%512GB+<1s
NVIDIA H100 TEE10-15%GPU memory<500ms

Optimization Strategies

  1. Batch Operations: Process multiple licenses per TEE call
  2. Caching: Cache attestation proofs (5 min expiry)
  3. Lazy Verification: Only verify when needed
  4. Parallel Execution: Use multiple TEE nodes concurrently

Deployment Guide

Minimum Configuration

prvnz_tee_network:
  nodes: 5
  threshold: 3
  
  node_1:
    location: us-west-2
    provider: AWS Nitro Enclaves
    tee_type: Intel SGX
    
  node_2:
    location: eu-central-1
    provider: GCP Confidential Computing
    tee_type: AMD SEV-SNP
    
  node_3:
    location: ap-south-1
    provider: Azure Confidential Computing
    tee_type: Intel TDX
    
  node_4:
    location: us-east-1
    provider: iExec Network
    tee_type: Intel SGX (Gramine)
    
  node_5:
    location: eu-west-2
    provider: Self-hosted
    tee_type: Intel SGX

Hardware Requirements

  • CPU with TEE support (Intel SGX/TDX or AMD SEV-SNP)
  • 64GB+ ECC RAM
  • 2TB+ NVMe SSD
  • 1Gbps+ network connection

Monitoring & Operations

Health Checks

  • Attestation freshness (every 5 minutes)
  • Node availability (heartbeat every 30 seconds)
  • Signature success rate (>99.9%)
  • Memory usage within limits
  • Network latency (<50ms p95)

Alerting

Automatic alerts for:

  • Attestation verification failure
  • Node unresponsive (>2 minutes)
  • Threshold not met (fewer than 3 nodes)
  • Anomalous behavior patterns
  • Hardware errors

Resources