It is said that "technology changes life". With the popularity of smart devices and mobile payment, now you only need to bring your mobile phone when you go out, and you can handle most payment scenarios.
Regardless of the size of the store, there must be two codes, one blue and one green;
Most buses and subways also support NFC payment;
Even in some places, you don’t need to scan the QR code, you can pay directly by swiping your face!
The mobile phone is a tool that also carries more and more confidential information. From PIN codes, to fingerprints, to facial information and voice information, almost all of our biometrics are exposed in the mobile phone.

Then some friends couldn't help asking: Is our information safe in it? Will someone steal my fingerprint or face to swipe money or engage in illegal activities?
Friends who have watched "Prison Break" must still remember this scene. Mike tattooed someone else's face on his hand and sneaked into the other party's secret computer room to steal files.

Of course, the current face recognition technology will not allow you to get away with it like this, but even though the current technology is relatively mature, there are still many cases of information leakage and misappropriation happening frequently.

Today we will come to popular science, where is our confidential information kept? Are they safe?
The protagonist of this article is - TEE (Trusted Execution Environment), trusted execution environment.
In order to facilitate everyone's understanding, we will not use too many technical terms, but start with the story of a small island country~

A small island country in the west of the Pacific Ocean, because it is far away from other territories, the overall economic level is relatively backward, but the country is rich in natural resources, and the people live and work in peace and contentment. Naturally, they don't need many security personnel.
secondary title

three passes

Due to the lack of border control experience in the island country, the inspection of personnel entering and leaving is not strict. In recent years, domestic financial cases have occurred frequently. After a thorough investigation, the king found that most of them were criminal acts committed by foreign personnel after they came here. Residents' sense of well-being has dropped significantly. Therefore, the king decided to suspend the entry of people from other countries into the country, and formulated a set of "Border Control Security Plan" with the public security department: All inbound people need to pass through three checkpoints, and all of them can enter the country.

• National identity card holder

• Proof of family members on the island

• Can answer three questions consecutively in the local dialect

secondary title

Border control security upgrade plan

Therefore, the public security department discussed again with the king and formulated a "Border Control Security Upgrade Plan". The upgrade plan was led by a "Security Commander" and a number of "Security Administrators" formed the "Island Financial Security Task Force".

Out of absolute trust, the king appointed his own son as commander. At the same time, administrator certification is not easy. It has to go through numerous and rigorous reviews, and only after passing the review can a customized "Administrator Medal" be obtained. In order to ensure that the border control team is always absolutely credible and correct, the commander will require the team to be isolated from the external environment in order to prevent security personnel from being bribed or bad guys sneaking in.
In addition to team upgrades, there have also been major changes in the management plan. Instead of using the previous "three gates" model for personnel inspections, we will conduct all-round security inspections on transaction scenarios:

• Important or large-amount transactions are supervised by security officers on-site to verify the authenticity of the currency;

• Added a set of "Island Resident Information System" to the special group. Before starting the system, you need to enter the administrator password every time, and call up the system self-inspection program to check whether the operation is normal. The security officer can call the internal system to verify the identity of the residents at any time;

• The security officer will ensure the integrity of the transaction steps. Once the transaction is completed, the money and goods of both parties must be in place.

For example, if Lao Zhang wants to buy a real estate, he can call the security officer to witness the transaction on the spot when paying for the transaction to ensure that the money and goods are correct;
Lao Li wants to do business with a loan. When he submits his personal credit report to withdraw money, he can also call the security officer to check the report and see if the money has been tampered with.
secondary title

back to reality

The story of the island nation’s financial security governance comes to an end. Let’s take a look at the correspondence between the elements in the story and the real world:

• Island country = REE (Rich Execution Environment), that is, the normal world

• Financial Security Special Team = TEE, the secure world

• Residents of Island States = Ordinary APP

• Overseas personnel = apps with speculative purposes or doing evil

• Island Resident Information System = Trusted APP

• Three gates = firewall

• Security Commander = Root of Trust

• Security administrator = chain of trust

Now, let's look back at several characteristics of TEE, which should be easier to understand.
As an area on the CPU, TEE is used to provide a more secure space for data and code execution, and to ensure their confidentiality and integrity.

confidentialityintegrity

integrity: The application running on the TEE is called a trusted application (Trusted Application, referred to as TA), and it needs to do integrity verification _ (self-inspection program of the resident information system) _ before execution to ensure that the application has not been tampered with.

secondary title

TEE and Blockchain

The three major characteristics of the blockchain are: 1) Decentralization; 2) Strong consensus; 3) Immutable.
This also brings obvious disadvantages: 1) There is no privacy at all (Satoshi Has No Clothes); 2) Once the malicious nodes are on the chain, there is nothing they can do (ETH hard fork event).
Through TEE, it can better help blockchain improve security, performance and privacy.

Higher security, most public chain projects cannot guarantee the safety of each node’s operating environment, so a large number of nodes are required to reach a consensus to improve security, and the number of nodes is obviously inversely proportional to performance, which brings serious damage to the public chain performance bottleneck. Through the trusted environment provided by TEE, it is guaranteed that the code running in the machine has not been tampered with, can run in the manner specified by the smart contract, and the contract execution is easy to prove, thus providing security for the entire network;

Stronger performance, because we can trust that the code in the TEE will not be tampered with and executed as expected, so the blockchain can move part of the calculations to the TEE environment for execution, and other nodes only need to verify the proof of contract execution, so Reduce the cost of global consensus and increase the performance of the blockchain;

secondary title

Eigen Network 

Based on privacy computing technologies such as TEE and unlimited expansion of Layer 2 computing power, Eigen can solve two problems currently facing: 1) data privacy leakage on the chain caused by the openness of natural data in the blockchain; 2) problems caused by insufficient scalability of ETH The problem of high fees. In addition, Eigen will also reform the current production relationship of data assets on the chain, consider individual privacy protection from application scenarios to technology stacks, and become a developer-friendly and feasible privacy protection infrastructure for the development of Web2 to Web3. Convert contributions.

Based on privacy computing technologies such as TEE and unlimited expansion of Layer 2 computing power, Eigen can solve two problems currently facing: 1) data privacy leakage on the chain caused by the openness of natural data in the blockchain; 2) problems caused by insufficient scalability of ETH The problem of high fees. In addition, Eigen will also reform the current production relationship of data assets on the chain, consider individual privacy protection from application scenarios to technology stacks, and become a developer-friendly and feasible privacy protection infrastructure for the development of Web2 to Web3. Convert contributions.