Privacy Smart Contract – Layer 2 Extension for Public Blockchain

Since Ethereum joined the market in 2014, public chain competition in the blockchain market has been consistent…


Since Ethereum joined the market in 2014, public chain competition in the blockchain market has been consistent. Numerous public chain projects have tried to increase the transaction speed (TPS) through “Layer 1 extensions”, but data privacy is equally important for a public chain to have commercial and private applicability. In existing public chains, the smart contract’s data and code are publicly viewable. As a result, Layer 2 extension of the blockchain has also begun receiving attention. The so-called Layer 2 separates the main chain from the off chain, and solves the blockchain’s impossible trinity (extensibility, decentralization, security) by splitting the two, making the calculation process private and saving main chain resources. Although Layer 2 extension projects using secure multi-party computation (MPC) emerged in 2017, many developers believed that existing MPC would not be able to meet the application standards for data processing speed. To solve this problem, a Trusted Execution Environment (TEE), was created to keep the smart contracts private. A TEE can provide higher security than Rich OS and has lower operating costs than SE, so it meets the security needs of most applications. It is one of the best choices for implementing private smart contracts.

The three most competitive quality projects that use TEE to implement private smart contracts are Oasis Labs (Ekiden), TAXA, and TEEX.

2018-09-28 下午3.56.47

1.Oasis Labs (Ekiden) 

Powerful security attributes

Ekiden’s security model and implementation scheme have powerful coherence (automatic sequencing of real-time transaction requirements), and atomicity (stateful or stateless inspections and information transfer) through the blockchain dynamics on the atomic transfer protocol. Ekiden inspects the point state and adjusts the communication in the bounding zone for valid blockchain updates by using the blockchain dynamics in the atomic transfer protocol.


Ekiden has made several performance optimizations that minimize the use of blockchains, which is also a bottleneck.

Ekiden’s optimization does not compromise its security and it can achieve the same functions as unoptimized protocols.

The Ekiden team evaluated its individual and cumulative effects, finding that their speed, throughput, and on-chain storage are two to four magnitudes better than that of Ethereum.


a) Machine learning contract:

By providing data and calculations with black box confidentiality, Ekiden allows contract developers to adopt different privacy mechanisms in the central model. This enables Ekiden to guarantee privacy similar to a local, differential privacy model while maintaining high accuracy and usability.

b) Intelligence-building temperature model:

The smart contract is used to train a real-time, data-sharing model in which the data is selected from models produced at Berkeley.

These models sample their temperature sensors every 20 seconds and use the data to update their prediction models.

Ekiden allows the contract to run this model while maintaining sensor data and model privacy. This means their systems can handle highly interactive, internet-based workloads.

Case Study: Cryptokitties

This example shows that Ekiden can run Ethereum contracts even when the source code is hidden. In addition, Ekiden offers unique benefits for games like Cryptokitties that require privacy and randomness. These assets are difficult to implement over the Ethereum network because contract code and data on Ethereum is public. For example, Cryptokitties players once tried to increase their chances of getting a rare cat by modifying the game’s gene hybrid algorithm, thereby damaging the game’s ecosystem. In contrast, Ekiden contracts can obtain random data through hardware, allowing secret aspects of the game algorithm to be stored in an encrypted state.

Compute nodes

Compute nodes use a built-in key manager and multiple TEEs to manage contract keys and run smart contract programs. They also use the key manager in the TEE. The compute nodes process the customer’s requirements by running a contract in the TEE and generating proof of computing validity. Anyone on the TEE platform can increase the vitality and extendibility of the system by acting as a compute node. The key manager TEE creates or retrieves existing keys upon request, and the key administrator synchronizes the state through the blockchain.

Consensus nodes

The consensus node maintains a distributed, append-only ledger through a consensus protocol. Contract status and verification remain on the chain. The consensus node uses TEE verification to confirm the validity of state updates.


In short, the Ekiden team is credible. All team members have published academic articles in the field of cryptography and have been recognized in the industry. Professor Dawn Song is a well-known cryptography scholar, and Professor Ari Jules, as the chief scientist of RSA and co-founder of the Cornell IC3 Group, is highly respected in the security field.

Ekiden effectively combines blockchain and trusted enclaves to provide a powerful platform for smart contracts that require privacy protection. In addition, existing applications on the Ekiden platform provide four times greater speed than the Ethereum virtual machine while maintaining the same level of security.



Taxa includes three layers: client, blockchain, and trusted execution. They will be implemented first on the Ethereum network and extended to other chains in the future.

1. Client layer: Users can execute Taxa using DApps or launch a super smart contract that enables it.

2. Blockchain layer: Taxa will run smart contracts on the public chain to handle tasks related to the Taxa network. Tasks may include reputation,  payments, and status contracts.

3. Trusted execution layer: The high performance and confidentiality of the Taxa network depends mainly on the TEE node.

Distributed computing method

1. Application layer: This layer includes consensus algorithms, P2P communication, enclave channels, public chain communication, and secure storage.

2. Enclave layer: This layer includes a remote authentication module, a data loader, and a code interpreter.

3. Task assignment: This section has three areas: task preparation, processing, and reward. Customers are classified according to their current distance from the package and the algorithm defines the leader who sends the “accepted” package to the smart contract as the node with the shortest distance.


1. Privacy and performance: The “super smart contract” of Taxa can be executed in a resource-scalable manner on the remote enclaves.

2. Functional flexibility: Through the “super smart contract,” the Taxa network will support general programming languages and be more flexible and mature.

In theory, a more flexible smart contract language will bring huge benefits, increasing DApp scalability and flexibility.

3. Reliability: The fault-tolerant consensus model and trusted hardware can work together to ensure consistency, confidentiality, and availability.


The PBFT consensus algorithm operates as follows: A subgroup under the Taxa network will begin to include the smallest feasible number of TEE computing nodes on the Taxa network and then expand until the consensus is reached.


TF has experience in the fields of encryption and security. Esther has a background in data, but more information is needed to achieve an accurate assessment. The fact that Feng Li, early investor of Coinbase and Ripple, is one of their investors increases their credibility.

3. TEEX(ShadowEth)


ShadowEth aims to provide a private platform for execution of smart contracts that will eventually be merged into a public chain like Ethereum. In order to ensure the privacy of smart contract code and data, it is necessary to build a secure channel between users and establish a TEE to transmit the protocol. This contract is encrypted and can be decrypted only in this enclave. The chain only contains information about requests and verifications. In order to guarantee its privacy status, ShadowEth stores only the hash of the account book instead of all data on the Ethereum network. This data can only be viewed and managed in the enclave.


1. Bounty Contract

The Bounty Contract (deployed on Ethereum) is responsible for the deployment of the public portion, request and verification of the private smart contract, creating transactions, and saving the contract and to-do lists. Each entry in the contract list means that a private contract containing the original data of the contract has been opened. Once the Bounty Contract receives a deployment request, it creates a new entry and adds it to the contract list to record and verify the private smart contract’s status without revealing its business logic. The to-do list is a task library that allows workers to bid on tasks.

2. Shadow Contract

The Shadow Contract is a redesign of the Ethereum smart contract, using a contract gate to execute smart contracts inside the TEE and conceal its business logic. It has two main functions: decrypting parameters and generating responses.


TEE-DS is a network of worker clients that provides distributed storage for private smart contracts in addition to preventing failures. Private contracts are protected by a hardware enclave. Anyone who runs enclaves can obtain CPU signature statements as proof and join TEE-DS as workers. After a worker executes a request, he/she needs to inform the other workers of the latest developments, which means that synchronization problems will appear between workers executing the same smart contract. To solve this problem, the consensus mechanism on the Ethereum network is used to determine the final results.


TEEX is strict enough to account for all aspects of smart contracts, and only TEE is required to complete contract execution among untrusted parties. A prototype has already been completed and analysis related to this prototype is also available, indicating that the technology is feasible. There does not seem to be any issues with the project’s design or implementation. The only question is the development of the ecosystem. How will developers use ShadowEth? How will they integrate code? Without this information, it is difficult to assess whether the project will be accepted by the community and there is no go-to market or business model available. However, in terms of technology, this project looks solid for the execution of privacy smart contracts.

Blockchain technology has reached a hurdle in development at the security level, and substantial progress will not be achieved through concepts alone. The Layer 2 extension of the blockchain has received considerable attention. In addition to the three projects introduced in this article, there are other high-quality projects focusing on Layer 2 such as Origo, Covalent, Ankrand ARPA.  Due to length constraints, these projects are not discussed here.

Ekiden, TAXA, and TEEX are currently in their early stages of development and there is limited information to identify their strengths and weaknesses. It is certain, however, that the project teams and the investment institutions behind them are top-notch, solidifying the need for private smart contracts in the industry. The commercial-level blockchains expected by opinion leaders may be realized earlier than expected. A large number of scholars have joined the blockchain wave, and many cryptography theories are now being used in blockchain. It is almost certain that, after the two important development stages of transaction privacy and scalability, private smart contracts will become the biggest opportunity in the blockchain industry.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: