Unlocking Web3's Full Potential: The Critical Role of Privacy-Enhancing Technologies - Part 2

In Part 1, we explored Privacy-Enhancing Technologies (PETs) and the transformative potential of Zero-Knowledge Proofs. Building on this foundation, Part 2 will dive into other PETs that play an equally vital role in privacy-preserving systems. We'll examine Trusted Execution Environments (TEEs), Homomorphic Encryption (HE), and Secure Multi-Party Computation (SMPC)—three technologies that address distinct privacy challenges while enabling secure data sharing and computation. Together, they form a comprehensive toolkit that is reshaping how organizations safeguard sensitive information while fostering innovation.

Trusted Execution Environments (TEEs)‍

A Trusted Execution Environment (TEE) is a secure, isolated area within a processor (CPU) that allows code execution and data processing to occur in a highly protected environment, separate from the rest of the system. TEEs provide hardware-based isolation, making them resistant to external attacks, including those originating from the host operating system.

Widely used TEEs include:

• Intel SGX: Intel Software Guard Extensions (SGX) provides Secure Enclaves for hardware-based data isolation. SGX requires rewriting the application for it to run on SGX but has near-native performance.
• Intel SGX + Gramine: Gramine is a library OS that allows applications to run on Intel SGX without rewriting. Gramine has >10% overhead vs native performance due to context switches.
• Intel TDX: Intel Trust Domain Extension (TDX) enables the deployment of hardware-isolated virtual machines (VMs) called trust domains (TDs). With an overhead of just 5-10% compared to native performance, TDX ensures minimal impact on efficiency, making it highly adaptable for a wide range of use cases.
• NVIDIA Confidential Computing: NVIDIA’s Confidential Computing technology, available on both H100 and H200 GPUs, provides hardware-based security and isolation. These GPUs are ideal for private machine learning use cases.
• AWS Nitro enclaves: AWS’s Nitro enclaves conform to the TPM 2.0 standard from the Trusted Computing Group (TCG) and are arguably the most widely used server-based TEEs.
• ARM TrustZone: TEE implementation for mobile devices used in Apple and Android systems.

‍Key features of TEEs

• Data Confidentiality: Ensures sensitive data remains inaccessible to unauthorized parties during processing.
• Data Integrity: Disallows external parties to alter information while it is in use in the TEE, ensuring that it retains its intended state.
• Code Integrity and Attestation: TEEs support attestation, allowing them to remotely prove to third parties that specific code is running, with verification of its build and integrity.
• Isolation: Applications running within the TEE are isolated from each other, preventing unauthorized cross-access between applications

Application of TEEs and Key Projects

• Secure Handling of Private Information: TEEs are crucial for securely managing sensitive data across mobile devices and server infrastructures.some text‍
  • On Mobile Devices: TEEs protect biometric data, personally identifiable information (PII), credit card details, and medical records. Solutions like Apple’s Secure Enclave and Android's Trusty isolate sensitive information, creating a secure buffer from non-secure applications on the device.‍
  • On-Server Infrastructure: TEEs can secure private keys and confidential user data. For instance, Turnkey has built a non-custodial wallet infrastructure using TEEs that can automate on-chain actions or provide end users or AI agents with embedded wallets. All private key material is only decrypted within an enclave, and transaction signing happens after valid authentication according to customer-defined policies.‍
• Multi-Party Computation (MPC): TEEs facilitate secure collaborative computations among parties that do not trust each other. By running computations within a TEE, participants can validate executed code and share results without exposing their private data. For example, TEEs can enable collaborative healthcare research without exposing sensitive information.‍
• Intent Privacy in Blockchains: TEEs can conceal users' financial intent in blockchain transactions, protecting against front-running and sandwich attacks, and improving trade execution. Flashbots is running a fully functioning block builder inside a TEE (SGX) that allows block builders to create economically efficient blocks without knowledge of the contents of the user’s transactions. The SGX-based block builder has landed blocks on the Ethereum mainnet.‍
• Proof of correct execution: TEEs are being used for block building in Layer 2s. For instance, Uniswap's L2 Unichain leverages Flashbots' Rollup-Boost to decouple block building from the sequencer. Using TEEs, Unichain creates Flashblocks that enforce priority transaction ordering. This setup ensures applications and smart contracts can verify compliance with ordering policies (priority ordering) and will also enable Unichain to capture the MEV that it generates via MEV Tax.‍
• TEE-TLS for secure Off-Chain Calls: TEEs enable secure, end-to-end verifiable off-chain calls for smart contracts. For instance, Clique’s TEE-TLS protocol or Turnkey’s verifiable TLS fetcher allows smart contracts to make secure, end-to-end verifiable off-chain calls accessing API data and browser session data. Sensitive credentials, such as keys and OAuth tokens, are fully encrypted within enclaves. Developers can use Clique's SDKs to create custom executors, interact with smart contracts, and verify attested signatures on-chain.‍
• Confidential Smart Contracts: TEEs facilitate confidential smart contracts by allowing sensitive data to be processed in a secure environment before sharing it on-chain. Secret Network is a TEE-powered privacy-preserving blockchain that utilizes smart contracts in this manner. Private metadata used in Secret Contracts is encrypted before it is sent to validators for computation. Data is only decrypted inside the TEE of a specific validator, and all validators run a TEE.
• ‍Confidential Model Training: TEEs protect data confidentiality during the training and inference of large language models (LLMs). NVIDIA’s GPU TEEs support secure LLM processing in public cloud environments, preserving confidential user data and proprietary models.

Challenges of TEEs

• Vulnerability to Side-Channel Attacks: TEEs are susceptible to side-channel attacks, where cryptographic systems are compromised by analyzing information unintentionally leaked by the system. This may include measuring time delays in computations, monitoring power consumption, or intentionally introducing faults (such as through Differential Fault Analysis).
• Dependency on TEE Manufacturers: The security of a TEE is inherently tied to its manufacturer, such as Intel SGX, AMD, or Nvidia. While manufacturers have strong incentives to protect their reputation and maintain product integrity, this reliance creates a single point of trust. To enhance trustworthiness, outputs from TEEs produced by different manufacturers can be cross-validated, enabling independent verification and reducing the risk associated with relying on a single manufacturer.

TEEs offer a robust hardware-based solution for safeguarding data privacy and integrity across diverse applications, including secure wallets, blockchain intent privacy, and confidential AI model training. Despite challenges like side-channel attacks and reliance on honest manufacturer assumptions, TEEs have become essential for latency-sensitive applications where cryptographic methods are too slow or impractical. Projects like KeyStone, which leverage the RISC-V architecture, aim to address some of these challenges but currently face performance limitations, making them impractical for widespread use at this stage.

Homomorphic Encryption (HE)

Homomorphic Encryption (HE) enables computations on encrypted data without the need to decrypt it. This allows sensitive data to remain private while still being processed by untrusted third parties. The output, once decrypted, matches the result of computations performed directly on plaintext data. HE enables secure offloading of computations to untrusted third parties, keeping sensitive private data encrypted throughout. HE can be applied across various use cases, including:

• Machine learning on encrypted data
• Encrypted queries on cloud databases
• Gathering insights from multiple sensitive datasets (e.g., healthcare records)

In Web3 ecosystems, HE technology can be leveraged for several privacy-preserving applications, such as:

• Privacy-preserving blockchains with FHE and MPC
• Minimizes bad MEV and enables collaborative searching
• Privacy-preserving identity and proof of uniqueness
• Private order books and dark pools

Type of Homomorphic Encryption

Fully Homomorphic Encryption (FHE) schemes

FHE is the most significant type of Homomorphic Encryption, with broad applications in Web3 today. While initially impractical due to "noise build-up" with each operation on encrypted data, the development of "bootstrapping" methods to reduce accumulated noise has made FHE viable. Modern FHE schemes can be categorized into three main types: BGV/BFV, CKKS, and TFHE. The table below outlines their distinct features and use cases.

The BFV scheme is suited for applications requiring extensive multiplications, while CKKS, offering approximate precision, is less ideal for blockchain applications. TFHE is emerging as the preferred choice for blockchain applications, due to its efficient bootstrapping and suitability for applications involving frequent comparisons.

Key Projects

• Zama introduced programmable bootstrapping and has implemented TFHE-rs, a Rust implementation of TFHE. Zama also implemented fhEVM, an EVM with FHE precompiles that enables computing on encrypted states using TFHE-rs - thus enabling confidential smart contracts. Zama is also working on Concrete ML, which allows users to run ML models on encrypted data.
• Sunscreen is building an FHE compiler and applications, including private verifiable auctions and dark pools.
• Fhenix Network is an FHE-based privacy-preserving rollup. Fhenix implemented fheOS, a library of FHE precompiles built on top of Zama's TFHE-rs. Fhenix uses Threshold Network, an SMPC, for decryption and re-encryption requests.
• Inco is a modular Layer-1 blockchain that combines FHE, ZK, TEE, and MPC. They are also building on top of Zama.
• Xtrace enables privacy-preserving data sharing for AI agents, allowing them to query encrypted enterprise data sets. Xtrace's Retrieval Augmented Generation (RAG) technique, called XRAG, uses an optimized version of Intel's partial homomorphic encryption scheme called Pallier to keep data private while generating insights.
• Teams are also working on hardware acceleration for FHE algorithms. For example, Ingonyama has built a programmable hardware accelerator called Zero-Knowledgee Processing Unit (ZPU) that is designed to accelerate finite fields arithmetic and thus accelerates both ZKP and FHE. Duality has built a hardware accelerator called TREBUCHET for FHE.

‍Challenges of FHE

• Bootstrapping Efficiency: The bootstrapping process, used to manage accumulated noise in FHE calculations, remains a significant bottleneck due to its slow performance. As a critical factor affecting the overall efficiency of FHE systems, it continues to be a major focus of ongoing research and optimization efforts.
• High Memory and Storage Requirements: FHE generates larger ciphertexts than traditional encryption, often expanding data by 100 to 1,000 times. This substantial increase drives up storage and memory demands, posing challenges for practical implementation.
• Limited Support for Data Types: Many FHE schemes struggle to handle non-integer data types, such as floating-point numbers, limiting their effectiveness for machine learning.
• Complexity and Security Risks: The complexity of FHE systems makes it difficult to develop, audit, and maintain. This complexity can introduce cryptographic or implementation vulnerabilities.
• Performance Limitations: FHE algorithms remain computationally intensive and slow, making them less practical for complex applications.

Homomorphic Encryption is revolutionizing data privacy by enabling secure computations on encrypted data. While challenges like computational inefficiency and storage demands remain, advances in cryptography and hardware acceleration are making FHE more practical.

Secure MPC

Secure Multi-Party Computation (SMPC) enables multiple parties to jointly compute a function while preserving the privacy and confidentiality of their inputs. SMPC protocols are specifically designed to ensure no party can view or infer others’ private inputs. The security of SMPC relies on the “honest majority” assumption, ensuring accuracy and reliability even when some participants behave dishonestly or adversarially. SMPC implementations leverage a range of cryptographic techniques, including Shamir Secret Sharing (SSS), Threshold Signature Schemes (MPC-TSS), Homomorphic Encryption (e.g., Paillier, ElGamal), Zero-Knowledge Proofs (ZKPs), and Trusted Execution Environments (TEEs). Together, these technologies make SMPC a powerful tool for privacy-preserving computation in decentralized and data-sensitive applications.

‍Applications of SMPC

• On-Chain Privacy: ZK and MPC combine to provide pre- and post-trade privacy. MPC is used to build on-chain dark pools, enabling private order book matching and ensuring zero MEV.
• Non-Custodial Wrapped Assets: MPC network nodes can jointly hold assets like Bitcoin from depositors while allowing wrapped assets to be minted on other chains such as Ethereum.
• Securing Digital Assets: Digital assets can be secured with SMPC using two main techniques. ‍
  • Shamir Secret Sharing (SSS): SSS divides a secret, e.g. a private key, into multiple "shares" using polynomial interpolation. A minimum threshold of shares is required to reconstruct the original secret, while each share reveals no information on its own. This makes SSS an excellent solution for securing assets like encrypted data backups, password recovery systems, or cold storage for digital assets. While effective for data backups, SSS can risk compromisation during key generation before the secret is split and distributed. The key must be regenerated for every transaction, which introduces a potential attack vector.‍
  • MPC Threshold Signature Scheme (MPC-TSS): MPC-TSS is a cryptographic approach that allows multiple parties to collaboratively sign transactions or perform cryptographic operations without ever assembling the full private key. Each participant holds a share of the key, and these shares collectively generate a valid signature while keeping the private key decentralized and secure. By eliminating the risk of key exposure, MPC-TSS has become the industry standard for securing institutional crypto assets, offering robust protection against potential breaches.‍

Key Projects

• Fireblocks and Blockdaemon leverage MPC-TSS to securely custody billions of dollars in digital assets for institutions. To enhance security, they store MPC key shares in Hardware Security Modules (HSMs), providing enterprise-grade protection and ensuring robust safeguards for institutional crypto assets
• web3Auth offers MPC-TSS wallets for individual users, with SDKs for seamless web and mobile integration.
• Privy implements SSS to secure its wallet solutions.
• Renegade.fi is building an on-chain dark pool using ZK and MPC, which provides pre and post-trade privacy with zero MEV. The private input to MPC is the trader's personal order book. The trader’s personal order book serves as the private input to MPC, enabling orders to be anonymously matched. If no match occurs, no information about the orders is leaked. The output of the MPC process is a list of tokens swapped as a result of executing the matching engine on the pairs of order books. ZK is used to ensure that the orders matched are valid, maintaining both privacy and integrity throughout the trading process.
• Threshold Network has created tBTC, a wrapped version of BTC in Ethereum. Instead of sending BTC to a trusted custodian, tBTC utilizes a randomly selected group of operators running nodes on the Threshold Network to secure the user-deposited Bitcoin through threshold cryptography. In a separate use case, the Threshold network is also used by Fhenix to decrypt or encrypt HE data.

Challenges of MPCs

• Honest Majority Assumption: MPC protocols rely on the assumption of an “honest majority”. However, collusion between a majority of nodes can not be detected, posing a potential risk. Increasing the number of nodes in the network and raising the threshold required for a majority may significantly improve security by reducing the likelihood of collusion.
• Scalability Challenges: Increasing the number of nodes in the network and raising the signature threshold enhances security but also significantly raises the protocol’s communication overhead. This scaling limitation makes SMPC less efficient for large-scale networks and limits its practicality for widespread deployment.

Mirana's View on the PET Ecosystem‍

Privacy-Enhancing Technologies (PETs) offer a critical bridge between safeguarding user data and fostering innovation across industries like AI, Web3, and healthcare. By investing in PET applications, such as Reclaim Protocol's user-controlled data sharing, Turnkey's automated, user-governed on-chain actions through non-custodial wallet management, Clique's secure off-chain data access using TEE-TLS, Galxe's self-sovereign identity systems leveraging ZKPs, and Ingonyama's hardware acceleration for ZKPs and FHE, we are enabling solutions that make privacy practical and scalable.

We see immense potential for PETs to drive the future of the emerging AI and web3 landscape. Innovations like Circle STARK and Binius are advancing ZK proving systems, while TEE-based block building is bolstering transaction privacy. As PETs continue to mature, they will play a transformative role in shaping the next generation of privacy-preserving decentralized applications.

At Mirana, we remain committed to building a future where privacy is not just an afterthought but a foundational principle—empowering technology to drive progress while respecting individual sovereignty and ensuring sustainable growth and adoption.

‍