2FA zk-rollups using SGX

zk-s[nt]arks
#23

This point is very interesting, and to expand on it I think a multisig or TSS involving multiple enclave vendors could add an additional layer of security, arguably even 3FA.

Especially combined with this, I imagine it is significantly difficult or at least prohibitively expensive to attack multiple architectures and in the span of a single transaction.

There are attacks which can fake attestations of bad enclaves, so I don’t think key rotation alone would prevent those on a single architecture, but I’m not sure how easy it is to perform such attacks on multiple enclave architectures at once before one patches it.

This seems strictly better than a SNARK alone, especially with

  • enclaves from multiple vendors in a multisig
  • rotating keys every transaction
#24

I think in general for any use cases that focuses on integrity more than confidentiality, then the more alternate implementations, the better, because each implementation provides an additional check. N-of-N comprises are needed basically.

However, if only 1-of-N compromises are required (say in certain types of designs that focuses on confidentiality) where a single compromise would result in the secret leaking, then more might not be better.

#25

This thinking is probably going to be tested in production real soon. Interesting to see what happens!

#26

Yep… I do think it will be tested in production reaaaal soon. I’m also interested to see what happens :slight_smile:
BTW. We recently just released our block builder and the associated libraries…