How Lumoz TEE Works

Lumoz aims to be the core processing platform for AI computation, playing a critical role in supporting scalable blockchain infrastructure. By integrating Trusted Execution Environment (TEE) technology, Lumoz ensures the security and transparency of its computational processes.

This innovative combination merges the decentralization strengths of blockchain with the robust security of TEE, enabling Lumoz to deliver not only a decentralized cloud computing network but also the ability to efficiently execute various computational tasks in a trust-minimized environment.

Benefits of Introducing TEE

• Hardware-Level Security: The secure hardware enclave ensures privacy, confidentiality, and data integrity.

• No Computational Overhead: Applications running in TEE operate at nearly the same speed as those in a standard CPU environment.

• Low Verification Costs: Verifying TEE proofs consumes minimal gas, requiring only ECDSA verification.

TEE Implementation Outcomes

• Tamper-Proof Data: Ensures that user request/response data cannot be altered by intermediaries. This requires secure communication channels and robust encryption mechanisms.

• Secure Execution Environment: Both hardware and software must be protected from attacks, leveraging TEE to create an isolated environment for secure computation.

• Open-Source and Reproducible Versions: The entire software stack, from the operating system to application code, must be reproducible. This allows auditors to verify the system's integrity.

• Verifiable Execution Results: AI computation results must be verifiable to ensure that outputs are trustworthy and untampered.

TEE (Intel SGX) Framework

TEE Server Security Verification

When the service starts, it generates a signing key within the TEE.

1. You can obtain CPU and GPU attestations to verify that the service is running within a confidential VM in TEE mode.

2. The attestation includes the public key of the signing key, proving that the key was generated within the TEE.

3. All inference results are signed using the signing key.

4. You can use the public key to verify that all inference results were generated within the TEE.

TEE and ZK Multi-Proof

No single cryptographic system can be guaranteed to be 100% secure. While current Zero-Knowledge (ZK) solutions are theoretically secure, they cannot ensure flawless operation across the entire system, especially from an engineering perspective, given the complexity of ZK implementations.

This is where multi-proof systems come into play. To mitigate potential errors in ZK implementations, hardware-based solutions like Trusted Execution Environments (TEE) can act as a dual-factor verifier, providing an additional layer of security for ZK-based projects such as AI Agents.