Trusted Execution Environments (TEEs) are isolated enclaves in processors or data centers where programs can run without interference from the rest of the system. TEEs not only protect sensitive data but also authenticate and verify computations performed within them.
PIN AI currently supports only Intel SGX (Software Guard Extension) as the TEE hardware and will soon support Intel TDX and NVIDIA GPU TEE. Click here for more information about SGX.
Trusted Execution Environments (TEEs) provide secure, isolated compute environments for executing sensitive tasks within the PIN AI network. TEE nodes can be configured by network participants to support various workloads and use cases.
Hosting data connectors: TEEs host and provide confidential compute for Data Connectors, which securely fetch and process user data while preserving privacy.
Private LLM inference: TEEs run private LLM inference or other privacy-preserving computations necessary for the PIN Network.
Verification is fundamental to ensuring a trust-minimized environment for TEEs in the PIN Network. This process involves verifying the hardware integrity of a TEE device (e.g., an Intel SGX device), confirming that the CPU is genuine, and that the certificate chain is valid and issued by a trusted manufacturer.
Before a TEE executes any programs, the process of remote attestation ensures that the TEE is running an untampered version of the expected code, providing security assurances at a hardware level. Data Connectors record verification details as metadata onchain, enabling transparency and auditability. This process is used when registering TEE devices on the network.
This process ensures that tasks executed by a Trusted Execution Environment (TEE) node are properly validated and penalized if they fail. TEE task validation follows these steps:
Proof submission: The TEE node submits proof of its work to PIN Network Validators.
Validation: Validators check if the submitted proof is valid and the task was completed correctly.
Accountability: If the task fails validation, the TEE node is penalized by slashing its staked funds.
Task Failed (Conditional Execution): If the task validation fails, the penalty execution phase is triggered.
slash() (TEE Governance → Stake Manager): TEE Governance invokes the slash() function to penalize the node.
calculatePenalty(): Stake Manager calculates the penalty amount to be deducted.
deductStake(): Stake Manager deducts the penalty amount from the node’s staked funds.
emit NodeSlashed: An event is emitted indicating that the node has been slashed.
Return Success: The penalty execution phase concludes successfully.
TEE task validation ensures the integrity of computations performed within Trusted Execution Environments. Through proof submission, validation by PIN Network Validators, and a penalty system for failed tasks, this process maintains accountability and the reliability of TEE-secured services in PIN AI Network.