What are TEEs and how are they used in crypto?
Turnkey
0x5A27
January 6th, 2025

TEEs (Trusted Execution Environments) have long played a role in securing data in traditional computing environments, such as in mobile banking, encrypted cloud storage, and in DRM (Digital Rights Management). But where do TEEs fit into the crypto industry?

Privacy and security are still a major concern in crypto, and TEEs offer a solution to some of the UX and security issues prevalent today.

But what exactly is a TEE, and what are its trade offs? What roles can TEEs play in the industry? Let’s take a look.

What is a TEE?

A TEE is typically a region of a computer processor (and memory) which can execute a piece of code in isolation. This means that any program which runs inside of it is:

  • Confidential: The code inside cannot be accessed from the main operating system/outside of the environment.

  • Tamper-resistant: The code inside an enclave cannot be directly modified or tampered with from outside the environment.

  • Verifiable: TEEs use cryptographic attestation to prove the authenticity and integrity of the code within.

You can think of a TEE like a secret vault on your computer. Access is restricted and no one can modify its contents from the outside, but third parties can verify that the code running inside of the vault is legitimate.

TEEs are built with these properties in mind, however, not all TEEs are created equal. Let’s take a look at the different implementations and pros and cons of some of the most common types: Intel SGX, ARM TrustZone, and AWS Nitro Enclaves.

Different Types of TEEs

TEEs are typically implemented at the hardware-level, or have some kind of hardware to create a secure region of a processor. However, they can also be implemented via software (e.g. virtualization) or use a hybrid approach, such as using a chip with support for code isolation in combination with a secure operating system.

Below are some of the popular implementations of TEEs:

Intel SGX

Intel Software Guard Extensions (SGX) are a way to create secure enclaves on certain types of Intel processors.

The architecture of SGX means the enclave exists within a specific portion of the processor, rather than in a separate core or piece of hardware. This means that the entire application running on an Intel processor is not encrypted; just the specific portion that needs to be private runs inside of the enclave.

Pros

  • Support across different programming environments

  • Ships with most modern Intel CPUs

  • Extensive documentation and resources online

Cons

  • Not easily portable

  • Deprecated for some processors (although still supported for enterprise)

  • Highly susceptible to supply chain and side-channel attacks

  • Not supported on platforms where Intel ME can be disabled

ARM TrustZone

ARM TrustZone separates a computer system into a "secure world" and "normal world". These two worlds run simultaneously, and no code from the “normal” world can directly access any code or data in the “secure” world.

ARM TrustZone was designed primarily for IoT (Internet of Things) and embedded devices.

Pros

  • Enforced at a hardware-level (although worlds can run on the same core)

  • PSA compliant for IoT devices

  • Includes security architecture for other parts of the device (e.g. memory, peripherals)

Cons

  • Can be complex to configure and isn’t necessarily a “does it all” solution

  • IoT/embedded-first approach may be less suitable for high-performance cloud settings

AWS Nitro Enclaves

AWS Nitro Enclaves use their own secure hardware implementation and are completely virtualized; they run separately from the "main" OS, are not connected to any external networks directly, and have no persistent storage.

On the software-side, the enclave can run a small, specialized OS to reduce attack vectors. They may also be immutable and/or have a secure boot process, such as in the case of our own QuorumOS at Turnkey.

Pros

  • Can scale easily as opposed to provisioning and managing physical chips

  • Lack of persistence is a feature, not a bug

  • Built-in attestation features works well with other AWS services

Cons

  • Still proprietary, although attestations provide guarantees of integrity

  • Reliant on the security of EC2 to prevent side-channel attacks

Use Cases of TEEs in Crypto

As TEEs can run code which remains isolated, they have a lot of applicability in crypto, as keeping private keys or other sensitive data secure remains a top priority.

Use cases such as MEV infrastructure (e.g. Flashbots) and hardware wallets have had varying degrees of success, with the most useful outcomes centering around protocol and wallet infrastructure.

Here are some of the ways TEEs and secure enclaves are being implemented in crypto today.

Private Networks and Smart Contracts

Private networks such as Secret use Intel SGX to execute smart contracts within enclaves. This allows smart contracts to execute on private data, and also compute on it.

Secret has run into some problems previously related to Intel SGX, most notably the xAPIC/ÆPIC leak in 2022.  Secret has worked to patch any known vulnerabilities related to the enclaves since (you can learn more about it on sgx.fail).

While Intel SGX has its downsides due to these potential vulnerabilities, it’s still a strong infrastructure choice for orchestrating private DeFi and computing because SGX is widely adopted and security exploits are often taken seriously and addressed quickly.

Although hardware exploits do appear, most of the FUD around Intel SGX is unwarranted. Flashbots have an excellent post debunking the most common concerns, such as deprecation, manufacturer tampering, feasibility of exploits, and more.

Flashbots

Miners or validators of blockchain networks like Ethereum are able to see, reorder, and include/exclude pending transactions in the mempool. Users can utilize this information to benefit themselves through MEV (Maximal Extractable Value) bots.

These benefit validators, because MEV extracting strategies typically rely on paying higher gas fees (which validators are incentivized to include).

Flashbots is an organization "formed to mitigate the negative externalities posed by Maximal Extractable Value (MEV)".

In addition to offering frontrunning solutions, Flashbots has made several inroads into researching MEV infrastructure and how TEEs (more specifically, Intel SGX enclaves) can be used with Ethereum. For example, Flashbots have built an implementation for running an Ethereum client on Gramine, an operating system with support for Intel SGX.

This could open up opportunities for keeping sensitive operations private on Ethereum.

Private Key Management and Wallet Infrastructure

Secure enclaves can be used in both hardware and software wallet infrastructure.

Ledger has made use of TEEs as early as 2016 in android phones. Ledger has previously used ARM TrustZone to build wallet interfaces which allow users to load their Bitcoin wallet into the secure region of an ARM processor on their mobile device.

All key generation and transaction signing takes place in the “secure” world of ARM TrustZone, while running a minimal, immutable custom OS called BOLOS (Blockchain Open Ledger Operating System) on the software side.

TEEs at Turnkey

TEEs for key generation and signing aren’t just limited to end-user physical devices.

Turnkey is an enterprise-grade operating system for wallets: powerful, modular, and built to adapt to any use case. Founded by the team that built Coinbase Custody from 0 to $100B+ in assets, we offer low-level cryptographic signing primitives, giving you full control over your implementation and product experience without the limitations of one-user, one-wallet models or rigid MPC pathways.

As part of our novel security architecture, we also utilize AWS Nitro Enclaves, a type of TEE, to run all security-critical operations. This includes features like wallet and private key generation, transaction signing, and our Policy Engine.

AWS Nitro Enclaves operate in hardware-enforced isolation –– they have no persistent storage, no interactive access, and no external networking. To reduce attack vectors, we’ve also built our own operating system (QuorumOS) from the ground up.

In this setup, no raw private keys are ever exposed to Turnkey, and any wallets you set up will be fully non-custodial. Encrypted private keys are used to run workloads inside of the enclave, and as mentioned, Turnkey cannot access your private key within the enclave, and it cannot tamper with the code.

Teams like Moonshot, Azura, Polymarket, Alchemy, and Mysten Labs are already making use of our wallet infrastructure built with secure enclaves.

If you're looking to integrate embedded wallets into your applications, want a more flexible security setup for your organization, or need lower-latency than competing MPC solutions - check out what we're building!

Subscribe to Turnkey
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
2VMN1rEF1XKEjmx…Qa1L1gSnff8qUTQ
Author Address
0x5A27863EF6f9490…4500c6179D882e2
Content Digest
YLjRYURuuSL93PF…KH4NVEEYk4lfegE
More from Turnkey
View All

Skeleton

Skeleton

Skeleton

0 Collectors