Safeheron Launches Open-Source TEE Framework for Web3 Security

Safeheron, a digital asset infrastructure provider based in Singapore, has introduced an open-source Trusted Execution Environment (TEE) framework. This solution is designed to bolster security and privacy for Web3 applications, particularly in sectors such as decentralized finance (DeFi), payment services, and decentralized autonomous organizations (DAOs). The framework is built upon the native Intel SGX SDK and developed using modern C++, a versatile programming language commonly used for high-powered computing and game development.

Safeheron's decision to open-source the framework stems from growing industry concerns about closed, opaque systems and the increasing frequency of security incidents. By making the framework open-source, Safeheron aims to promote innovation and transparency within the Web3 ecosystem. The company's CEO, Wade Wang, emphasized that while competition is not a concern, the slow pace of innovation due to closed systems is a significant worry.

Trusted Execution Environments create secure, isolated spaces within CPUs, known as "enclaves," where programs can run protected from external attacks, including those originating from within the hardware. This technology is crucial for protecting code and data in various Web3 sectors, including privacy-focused blockchains, oracles, DeFi, payment services, and exchanges. Notable examples of Web3 projects utilizing TEEs include Oasis Network, Secret Network, and Phala Network, while companies like Chainlink are suspected of employing similar technologies.

Safeheron's new TEE framework enables clients to use cloud services to create enclaves, supporting any public cloud service that operates Intel SGX servers. This flexibility allows for broader adoption and integration of the framework into existing infrastructure. Safeheron has provided services to over 100 clients, primarily payment providers, OTC desks, trading firms, and wallet service providers. Notable clients include MetaMask, Doo Group, and Amber Group. The company's cumulative transfer volume has recently surpassed $100 billion, highlighting its significant presence in the digital asset infrastructure space.

In August 2022, Safeheron raised $7 million in pre-Series A funding. This capital was allocated to research, development, and expanding the company’s business team, further solidifying its position as a leader in Web3 security. The introduction of this framework aligns with Ethereum co-founder Vitalik Buterin's proposal to add a TEE to the Ethereum ecosystem to enhance user privacy. Buterin suggested that TEEs could provide stronger assurances that private data is not being collected during interactions with RPC nodes and could also protect private wallet keys in ETH wallets.

Another area where TEEs can be beneficial is in Succinct Non-Interactive Arguments of Knowledge (SNARKs). An August 2024 study by Imperial College London identified vulnerabilities in the circuit layer of SNARKs, posing significant threats to these systems. TEEs could help guard against attacks originating from within the system, further enhancing the security of decentralized applications. Safeheron's open-source Intel SGX TEE framework represents a significant advancement in Web3 security, offering a robust and scalable solution for protecting sensitive data and transactions. By fostering collaboration and innovation within the developer community, Safeheron is contributing to a more secure and transparent Web3 ecosystem.