Integritee provides a shardable, second-layer sidechain on Polkadot that can leverage trusted execution environments. Here are the technical benefits for developers at a glance:
Our shardable second-layer sidechains deliver unrivalled transaction speeds and volumes.
Integritee can interface with any light-client capable blockchain or web2 API.
All transactions are publicly auditable, fostering user trust, while open-source code provides transparency on how the underlying dataset is processed.
Our parachain will be open to third-party developers who wish to access the Polkadot ecosystem. This fosters innovation and diversity and increases the liquidity of our token.
Unlike competing TEE-based decentralized solutions, you are not reliant on third-parties to access compute, and are not required to stake any collateral.
You are free to either run TEEs on your own hardware or rent it at standard market rates, resulting in greater flexibility and more predictable costs.
Integritee enables developers to directly invoke hardware enclaves for trusted execution using a highly scalable, second-layer blockchain solution.
Off-chain workers (not to be confused with parity substrate off-chain workers) execute a custom state-transition function or oracle service in a TEE. State transitions are triggered through on-chain extrinsics with encrypted payloads (indirect invocation)
With indirect invocation, a requester calls a confidential dispatchable function (state transition) by signing a trusted call and encrypting it with the worker enclave’s shielding key. She then wraps the cyphertext into an extrinsic which she sends to the chain.
The worker forwards all new blocks to the light client within the worker enclave where the cyphertext gets decrypted and the trusted call is executed in encrypted state.
When using indirect invocation, all trusted calls need to pass through the chain. Thus, it is not a very scalable solution. While it would be preferable to interface with enclaves directly, this gives rise to the problem of transaction ordering consensus. This is why a 2nd-layer solution is needed.
The Integritee SDK empowers you to develop TEE-validated sidechains with sub-second blocktimes. Because sidechain validators are running in TEEs, all validators trust each other, greatly reducing the complexity of the consensus protocol.
With direct invocation, a requester chooses one of the sidechain validators to send her trusted call to. The next time that validator produces a block, that call will be executed. The block gets committed onto the Integritee parachain and the state diff is broadcast to the other validators, who simply apply the diff to their copy of the state. The sidechain validators produce blocks in an unpredictable order (to avoid DDoS attacks) with a target block time T and broadcast them to the other validators. Should a validator fail to broadcast a block (or the block doesn’t reach the next validator) that validator is skipped after waiting until t = T*2^k where k is the number of missed blocks.
Sidechain blocks are produced asynchronously to layer one at a higher block rate. Despite the integrity guarantees provided by the TEEs, these blocks are not final because forks on the sidechain can happen. Every sidechain block hash is anchored to the layer-one blockchain and gets finalized on layer one along with the block that includes its anchoring extrinsic.
The Integritee SDK is compatible with substrate runtime pallets. With a few lines of glue-code you can reuse your pallets and instantiate them inside an Integritee off-chain worker or sidechain. It is even possible to trustlessly interact between on- and off-chain runtimes. Please see our deployment options below:
Even if we trust the TEE manufacturer’s ability and integrity, a decentralized application (dApp) should be operated by an unpermissioned set of infrastructure providers. Anyone who owns suitable TEE hardware should be able to support the dApp. Integritee allows you to establish unpermissioned operation of your off-chain workers or sidechain validators, while still ensuring integrity and confidentiality through remote attestation.
You may choose to operate all TEE hardware yourself or rent it with an SLA in a jurisdiction of your choice. It is up to you to define who may validate on your sidechain or run your off-chain workers. In any case, the Integritee parachain provides a remote attestation registry for public auditability of your services.
The only thing we need to tell you in advance is that you need to agree to our terms and conditions to sign up!