受信任的执行环境（TEE）通过将执行与主要操作系统隔离来增强区块链系统的安全性

值得信赖的执行环境（TEE）是计算机硬件中的安全区域

A Trusted Execution Environment (TEE) is a secure area, actively protected against threats, within a computer’s hardware that isolates execution from the main OS, applications, and potentially malicious entities. It directs sensitive computations into an isolated, cryptographic electronic structure, protecting them from tampering or unauthorized access.

在计算机硬件中，可信赖的执行环境（TEE）是一个安全的区域，可积极保护威胁，该硬件将执行与主要操作系统，应用程序以及潜在的恶意实体隔离。它将敏感的计算引导到孤立的密码电子结构中，以保护它们免受篡改或未经授权的访问。

The two key features of TEEs are confidentiality and attestation. A TEE prevents external entities from viewing data inside it by leveraging encrypted memory, hardware-based isolation, and remote attestation. It operates as a segregated environment within a processor, where neither hypervisors nor malicious insiders can access its contents.

T恤的两个关键特征是机密性和证明。 TEE通过利用加密内存，基于硬件的隔离和远程证明来防止外部实体查看其内部数据。它是处理器中的隔离环境的运行，在该环境中，管理程序和恶意内部人员都无法访问其内容。

The hardware generates a hash (cryptographic measurement) of the environment state and code when a program is loaded into the TEE and signs it using a private key embedded in the hardware. A remote verifier receives the signed measurement and uses the manufacturer’s public key to compare it to known valid values. Upon successful verification, the remote party can trust that the TEE hasn’t been tampered with and is executing authentic code.

当将程序加载到TEE中并使用硬件中嵌入的专用密钥签名时，硬件会生成环境状态和代码的哈希（加密测量）。远程验证者接收签名的测量值，并使用制造商的公钥将其与已知有效值进行比较。成功验证后，远程方可以相信Tee尚未被篡改，并且正在执行真实的代码。

Some TEEs use so-called Roots of Trust, which allow the connected service within which they’re attempting to enroll to verify the legitimacy of a device.

一些TEE使用所谓的信任根，允许他们试图注册的连接服务验证设备的合法性。

How TEEs work

T恤的工作方式

To support a TEE, a device must define a security perimeter (Trusted Area) separated from the main OS and applications by hardware, in which only trusted code is executed. All code executed within a TEE is properly authorized, with each stage of execution verified by previously authorized code, starting from the ROM (Read-Only Memory) boot process.

为了支持TEE，设备必须定义与主要操作系统和应用程序分开的安全外围（可信区域），该硬件仅执行可信赖的代码。在TEE中执行的所有代码均已适当授权，并从先前授权的代码验证执行阶段，从ROM（仅读取内存）启动过程开始。

Code and data inside a TEE cannot be modified or accessed externally because ROM code is set during the design stage and cannot be changed thereafter. TEEs can use multi-signature (multisig) models to enhance security in asset custody and transactions, as these models ensure redundancy and prevent single points of failure. Traditionally, the simplest multisig arrangement that addresses both loss and theft of private keys is 2-of-3, which is also the most common quorum for safekeeping Bitcoin in cold storage. Another popular arrangement is 3-of-5, but it introduces more complexity than needed in most cases.

由于在设计阶段设置了ROM代码，因此无法修改TEE中的代码和数据，因此无法更改。 TEE可以使用多签名（Multisig）模型来增强资产监管和交易的安全性，因为这些模型确保了冗余并防止单个失败点。传统上，解决私钥的损失和盗窃的最简单的Multisig安排是3中的2，这也是冷藏中保存比特币的最常见法定人数。另一个流行的安排是5的3中，但在大多数情况下，它引入的复杂性比所需的复杂性还要多。

Real-world applications and risk mitigation

现实世界中的应用和降低风险

TEEs securely store private keys for cross-chain execution and allow decentralized apps to manage assets across multiple chains. In healthcare, blockchains can leverage TEEs to process sensitive patient data safely and compliantly. Handling electronic health records on-chain is an example.

TEES安全地存储私钥以进行跨链执行，并允许分散的应用程序管理多个链条的资产。在医疗保健中，区块链可以利用TEES安全，合适地处理敏感的患者数据。链上处理电子健康记录就是一个例子。

TEEs can also replace cross-chain bridges, which are inextricably linked to risks of hacking and smart contract vulnerabilities.

TEE还可以替换跨链桥，这些桥梁与黑客和智能合同脆弱性的风险密不可分。

Risks of cross-chain bridges also include high fees and transaction delays, especially during high demand, and reliance on third-party validators, which can be points of failure. Bridges are exposed to a higher risk of attacks because their functionality relies on data collaboration both on- and off-chain. Attacks on cross-chain bridges have incurred losses of almost $4.3 billion between June 2021 and September 2024.

跨链桥梁的风险还包括高费用和交易延迟，尤其是在高需求期间，以及依赖第三方验证者，这可能是失败点。桥梁的攻击风险更高，因为它们的功能依赖于链和链的数据协作。在2021年6月至2024年9月之间，对跨链桥的袭击造成了近43亿美元的损失。

Decentralization, trustlessness, and full-chain abstraction

权力下放，无信任和全链抽象

Flare, a full-stack L1 solution for data-intensive use cases, provides a secure and efficient approach to cross-chain transaction execution via TEE integration. Its Protocol Managed Wallets (PMWs) allow protocols to execute transactions directly across blockchains while preserving trustlessness, decentralization, and freedom from censorship. Flare ensures security because the PMWs are not based on a single TEE. If they were, there would be two significant risks: a lack of redundancy and unknown exploits the manufacturer has embedded within the TEE.

Flare是一种用于数据密集型用例的全堆栈L1解决方案，为通过TEE集成提供了一种安全有效的方法来进行跨链交易执行。其协议管理的钱包（PMW）允许协议可以直接跨区块链执行交易，同时保持无信任，权力下放和免于审查。耀斑确保安全性，因为PMW不是基于单个T恤。如果是的话，将会有两个重大风险：缺乏冗余和未知的利用，制造商嵌入了T恤中。

The lack of redundancy would become problematic if the TEE were to become non-operational due to a power outage. Alternatively, an exploit of the TEE might compromise a private key, leading to a loss of funds. Flare’s PMW system mitigates both risks because multiple TEEs are involved in its multisig scheme, under which a transaction on an address the PMW controls is only possible with the agreement of a quorum of distinct, globally distributed execution environments.

如果由于停电而成为非手术，则缺乏冗余将成为问题。另外，TEE的利用可能会损害私钥，从而导致资金损失。 Flare的PMW系统会降低这两种风险，因为其Multisig方案中有多个TEE涉及，在该方案下，在地址上的交易PMW控件只有在Quorum达成不同的不同，全球分布式执行环境的方面才有可能。

The addition of PMWs does away with the need to interact with other blockchains when building applications. Users interact with one protocol on Flare, and that protocol executes across linked chains, manifesting a leap into full-chain abstraction.

PMW的添加消除了在构建应用程序时与其他区块链互动的需求。用户与Flare上的一个协议进行交互，该协议跨链接链执行，表现为全链抽象。

TEEs also augment DeFi security by isolating liquidation calculations, lending, staking, transaction matching, and other sensitive computations. Privacy-preserving DEXs can leverage them to protect user details. One of Flare’s many additional use cases is FAssets V2, which makes it possible to leverage XRP, BTC, and DOGE in DeFi on the platform, secured by Flare’s consensus.

TEE还通过隔离清算计算，贷款，积分，交易匹配和其他敏感计算来增强DEFI安全性。隐私保护DEX可以利用它们来保护用户详细信息。 Flare的许多其他用例之一是Fassets V2，这使得可以在平台上的Defi中利用XRP，BTC和Doge，并由Flare的共识确保。

TEEs’ ability to process and validate multichain data securely without exposing transaction details or private keys allows lending and staking protocols to trust that account states, liquidity data and cross-chain price feeds are accurate. In addition, they enable lending protocols to accept collateral from one blockchain and provide yield rewards or loans on another.

TEE的能力可以安全地处理和验证多键数据，而无需公开交易详细信息或私钥，允许贷款和放入协议可以信任帐户状态，流动性数据和跨链价格提要是准确的。此外，它们使贷款方案能够接受一个区块链的抵押品，并在另一个区块链上提供收益奖励或贷款。

The attestation-based trust model verifies the identity of the application running inside

基于证明的信任模型验证了在内部运行的应用程序的身份