Author: Jason Chaskin Source: paragraph Translation: Shanooba, Gold Finance
If you haven’t kept up with Ethereum research, the Trusted Execution Environment (TEE) may seem unfamiliar to you. However, at the infrastructure level, TEE development has been underway for over two years. Flashbots first proposed the concept of TEE in their December 2022 article, “The Future of MEV is SUAVE,” with the aim of democratizing access to MEV and enhancing censorship resistance. After years of research, they launched BuilderNet and put this vision into practice.
While researching TEEs for MEVs, Flashbots saw their broader potential in Ethereum, resulting in Rollup-Boost, a TEE-powered sidecar that enables rollups to innovate on their VMs while maintaining compatibility with existing frameworks. Other L2 teams are also integrating TEEs. Taiko uses them as primary proofs in its bridge, while Scroll is adding TEE-based proofs to its multi-proof system. The idea of using TEEs in a bridge-proof system also didn’t come out of nowhere. In the same month that Flashbots published the article, Justin Drake explored the “2FA” mechanism of TEEs as rollups in an article in ethresear.ch. This article will cover what TEEs are, how they work, and their growing role in the Ethereum infrastructure.
TEE provides secure hardware-based computation by isolating code and data while allowing for external verification of integrity. They evolved from early trust models that relied on operating systems and virtual machines for isolation. TEEs come in different forms: iPhone’s Secure Enclave handles encryption tasks, Intel SGX enables secure enclaves for applications processing sensitive data, and Intel TDX extends this model to protect entire virtual machines. While they provide stronger security than centralized trusted operators, especially in cloud environments, they are closed-source and require trust in the manufacturer. This typically creates a 1-to-1 trust model where hardware tampering can compromise security, although the required level of trust depends on the implementation. TEEs are also vulnerable to side-channel attacks, physical tampering, and supply chain risks, so each use case must be carefully evaluated.
TEE is not a perfect solution, but in the right circumstances, its benefits outweigh the risks, especially when existing systems default to failure. Driving the pace of secure hardware development is not limited to encryption alone. OpenAI advocates for improving TEE, and Apple is developing hardware-based private clouds. Just as Ethereum is committed to reducing trust assumptions, Flashbots is also doing the same for TEE. They have published research on why this approach is worth exploring and how to build a trustless supply chain. If you are a hardware security expert, please contact Flashbots to contribute.
The existence of MEV is a result of network design, in which those who provide the service of adding new blocks (initially miners) can manipulate the order of transactions for profit. If left unchecked, this would lead to centralization and dominant validators gaining excessive influence. To prevent this, Flashbots is working towards democratizing MEV extraction. One key driver of MEV is that validators running in low-latency environments can observe pending transactions and reorder them and/or add new transactions for profit. One approach to limit MEV extraction is to make transaction details private. This requires a privacy tool, but zk-SNARK and other encryption technologies, while promising, are too slow and not flexible enough for real-time block construction or not yet ready for production. Due to the lack of software solutions, Flashbots turned to TEE.
Flashbots first used Intel’s SGX to build blocks in March 2023, and later expanded to building and searching in Intel’s TDX. TEE brings privacy advantages by allowing order flow to be selectively confidential. For example, a transaction can show that a user wants to exchange USDC for ETH without revealing their identity or transaction size. This can prevent front-running while still allowing for arbitrage. TEE enables verifiable block building on private transactions, ensuring efficient block construction without compromising user privacy.
PBS prevented centralization of validators, but now only two builders generate 92% of Ethereum blocks, reducing censorship resistance and activity. To address this problem, Flashbots launched BuilderNet in November 2024, with Beaverbuild, Flashbots, and Nethermind as the first participants. BuilderNet allows multiple operators to share order flow and jointly build blocks, freeing MEV from exclusive trades and making block construction more open and decentralized.
Beaverbuild’s participation is particularly noteworthy because they are currently the largest contractor, and have been seeking exclusive order flow transactions for many years. Their decision to join BuilderNet marks a shift from private MEV protocols to a more transparent and competitive market. While it may seem surprising that dominant contractors are giving up their advantage, the economic benefits of exclusive order flow are not as lucrative as they appear. Suppliers typically negotiate high refund percentages, retaining 90-95% of the MEV value, while the contractor’s profit margins are very thin. In addition, Beaverbuild’s team initially started as seekers, operating primarily as contractors to maximize their order flow. With BuilderNet’s transparent refund system, they no longer need vertical integration to capture value, allowing them to leverage the advantages of being a seeker once again. In addition to the economic incentives, they also see this as the right step for the long-term health of Ethereum. They are more willing to contribute to the positive and ecosystem rather than compete for exclusive order flow transactions.
However, as of now, Beaverbuild is still running its centralized setup in parallel with BuilderNet, and all its order flows currently go to the former. This is not a deviation from the plan, but a phased transition.
I asked Shea Ketsdever from Flashbots about this question, and she said they are working closely with Beaverbuild to benchmark and run tests on performance to ensure a smooth transition. It is expected that the order flow will be transferred to BuilderNet in the first quarter of 2025. This is something worth paying attention to.
TEE achieves this by transparently reallocating MEV and allowing untrusted builders to collaborate without giving any party an advantage. Each operator runs an open-source builder within the TEE, encrypting and fairly processing all order flows. Unlike today’s decentralized systems, BuilderNet ensures that no builder has privileged access, making it trustless and verifiable.
This will capture MEV from private protocols to open systems, where wallets, applications, and searchers can all get fair refunds. Even searchers who typically keep order flow confidential will be incentivized to use BuilderNet for transparent payments. Currently, a single operator submits the final block, similar to MEV-Boost relays, but future upgrades will allow multiple operators to collaborate in building blocks, making MEV extraction more decentralized and fair.
For more information about BuilderNet, Robert discussed it on the Uncommon Core and Infinite Jungle podcasts.
Flashbots still uses TEE in Rollup-Boost, a sidecar system for L2 sequencers that enables faster confirmations, verifiable ordering, and higher programmability. TEE prevents sequencer manipulation of transactions while allowing for private memory pools and trustless execution. As Rollup-Boost is a sidecar, rollups can retain their existing frameworks, such as OP Stack or ZK Stack, while adding new capabilities. This addresses a key issue in the rollup-centric roadmap, where most L2s merely fork Geth and follow L1 upgrades without driving true innovation. Rollup-Boost supports experimentation without requiring separate client maintenance for rollups.
The upcoming L2 Unichain from Uniswap will be the first to use Rollup-Boost, and it will incorporate Flashblocks and verifiable priority ordering. Flashblocks can achieve a 250ms confirmation time, native recovery protection, and higher gas throughput, while verifiable priority ordering allows applications to internalize their MEV. Sidecar uses extensions to process transactions, then returns the finally confirmed blocks to the sequencer for publishing on Ethereum L1. Future extensions include encrypted mempool, TEE validity proof, and TEE collaborative processing.
For more information about Rollup-Boost, Robert also discussed it in another episode of Uncommon Core and Infinite Jungle.
TEE is being integrated into the L2 bridging proof system to supplement ZK proofs, which, although providing powerful security, are complex and prone to errors. Depending on a single prover increases the risk of catastrophic failure if there is a problem. To mitigate this, the team is exploring the addition of TEE-based proofs as an additional verification layer to reduce the likelihood of invalid states being ultimately determined.
TEE and ZK proofs operate independently to ensure redundancy. If one system encounters errors or security vulnerabilities, the other system can provide a backup solution to prevent invalid state transitions from being finalized. In this case, the security committee can intervene before the issue escalates.
Scroll has collaborated with Automata to develop an open-source SGX-based TEE verifier, which has been used to validate testnet blocks. Scroll’s next steps include integrating a dual-proof system, implementing a dispute resolution mechanism, and forming a TEE verifier committee. As part of this process, Scroll is exploring further decentralized TEE proof methods, similar to Ethereum’s distributed validator technology, to ensure that no hardware manufacturer becomes a trusted center point.
Taiko uses a layered proof system. Initially, TEE provides fast verification by running a lightweight execution client, which verifies state transitions and uses ECDSA to sign the results for on-chain verification. During the cooling-off period, ZK proofs can challenge TEE proofs. To ensure correctness, the prover must stake a bond, which will be confiscated if their proof is invalid. Although there is a centralized security backup plan in the early stages, Taiko plans to gradually phase it out and fully transition to ZK-based verification.
While zkEVM is still being improved, TEE proof provides an additional layer of security to achieve this multi-proof system. They provide a fast, cost-effective way to verify state transitions without relying solely on ZK proof, ensuring the security and liveliness of the system even if the ZK prover fails.
TEE is rapidly becoming an important part of the Ethereum infrastructure, addressing security, privacy, and decentralization challenges in MEV, rollup, and bridge. As these systems mature, they can redefine Ethereum’s trust model while bridging the gap until fully scalable cryptographic solutions are available.
