From paragraph by Jason Chaskin

If you haven’t been closely following Ethereum research, it might seem like Trusted Execution Environments (TEEs) appeared out of nowhere. But on the infrastructure side, they’ve been in development for over two years. Flashbots first proposed TEEs in December 2022 to democratize MEV access and improve censorship resistance in The Future of MEV is SUAVE. After years of research, they launched BuilderNet to put that vision into practice. While researching TEEs for MEV, Flashbots saw their broader potential in Ethereum, leading to Rollup-Boost, a TEE-powered sidecar that enables rollups to innovate on their VMs while maintaining compatibility with existing frameworks. Other L2 teams are also integrating TEEs. Taiko uses them as a primary proof in its bridge, while Scroll is adding a TEE-based proof to its multi-prover system. The idea of using TEEs in bridge proof systems didn’t come out of nowhere either. The same month Flashbots published their post, Justin Drake explored TEEs as a “2FA” mechanism for rollups in an ethresear.ch post. This piece will cover what TEEs are, how they work, and their growing role in Ethereum infrastructure.

TEEs provide secure, hardware-based computing by isolating code and data while allowing external verification of integrity. They evolved from earlier trust models that relied on operating systems and virtual machines for isolation. TEEs come in different forms: iPhone’s Secure Enclave handles cryptographic tasks, Intel SGX enables secure enclaves for applications handling sensitive data, and Intel TDX extends this model to protect entire virtual machines. While they provide stronger security guarantees than trusting a centralized operator, especially in cloud environments, they are closed-source and require trust in the manufacturer. This typically creates a 1-of-1 trust model, where a hardware compromise can break security, though the degree of trust required depends on the implementation. TEEs are also vulnerable to side-channel attacks, physical tampering, and supply chain risks, making careful evaluation essential for each use case.

Mint my infographic on Highlight:)

TEEs are not a perfect solution, but in the right cases, their benefits outweigh the risks, especially when failures default to the existing system. The push for secure hardware extends beyond crypto, with OpenAI advocating for improved TEEs and Apple developing a hardware-based private cloud. Just as Ethereum works to reduce trust assumptions, Flashbots is doing the same for TEEs. They have published research on why this approach is worth exploring and how to build trustless supply chains. If you are a hardware security expert, reach out to Flashbots to contribute.

MEV exists as a consequence of network design, where those who provide the service of adding new blocks, initially miners, were in a position to influence transaction order for profit. Left unchecked, this would lead to centralization, with validators that are dominant at extracting MEV gaining outsized influence. To prevent this, Flashbots set out to democratize MEV extraction.A key driver of MEV is that validators operating in low-latency environments can observe pending transactions and reorder them and/or add new transactions for profit. One way to limit MEV extraction is by making transaction details private. This requires a privacy tool, but zk-SNARKs and other cryptographic techniques, while promising, are too slow, inflexible for real-time block building, or not production-ready. With software solutions falling short, Flashbots turned to TEEs.

Flashbots first used Intel’s SGX to build blocks in March 2023 and later expanded to both build and search in Intel’s TDX. TEEs bring privacy benefits by allowing orderflow to be selectively private. For example, a transaction can reveal that a user wants to swap USDC for ETH without disclosing their identity or trade size. This prevents sandwiching while still allowing backrunning arbitrage. TEEs enable verifiable block construction on private transactions, ensuring efficient block building without compromising user privacy.

PBS prevented validator centralization, but today, just two builders produce 92% of Ethereum blocks, reducing censorship resistance and liveness. To fix this, Flashbots launched BuilderNet in November 2024, with Beaverbuild, Flashbots, and Nethermind as the first participants. BuilderNet allows multiple operators to share orderflow and build blocks collectively, shifting MEV away from exclusive deals and making block building more open and decentralized.

Beaverbuild’s participation is particularly notable since they are currently the largest builder and have spent years sourcing exclusive orderflow deals. Their decision to join BuilderNet signals a shift away from private MEV agreements toward a more transparent and competitive market. While it may seem surprising that a dominant builder would give up its edge, the economics of exclusive orderflow are less lucrative than they appear. Providers often negotiate high refund percentages, keeping 90-95% of the MEV value, leaving builders with thin margins. Additionally, Beaverbuild’s team originally started as searchers, and running a builder was primarily a way to maximize their own orderflow. With BuilderNet’s transparent refund system, they no longer need to vertically integrate to extract value, allowing them to return to their strengths as searchers. Beyond financial incentives, they also see this as the right move for Ethereum’s long-term health, preferring to contribute to a positive-sum ecosystem rather than competing over exclusive orderflow deals.

However, as of today, Beaverbuild is still operating its centralized setup in parallel with BuilderNet, with all of its orderflow currently going to the former. This isn’t a departure from the plan but a staged transition.

Blocks built by Builder on January 20th, 2025

I asked Shea Ketsdever from Flashbots about this, and she said they are working closely with Beaverbuild to benchmark performance and run tests to ensure a smooth transition, with expectations for orderflow to shift over to BuilderNet in Q1 2025. Something to keep an eye on.

TEEs make this possible by ensuring MEV is redistributed transparently and allowing untrusted builders to collaborate without any one party gaining an advantage. Each operator runs an open-source builder inside a TEE, encrypting and fairly processing all orderflow. Unlike today’s fragmented system, BuilderNet ensures no builder has privileged access, making it trustless and verifiable.

This shifts MEV capture from private agreements to an open system where wallets, apps, and searchers receive fair refunds. Even searchers who typically keep orderflow private are incentivized to use BuilderNet for transparent payouts. Currently, a single operator submits the final block, similar to MEV-Boost relays, but future upgrades will allow multiple operators to collaborate on block construction, making MEV extraction more decentralized and equitable.

For more on BuilderNet, Robert has discussed it on the Uncommon Core and Infinite Jungle podcasts.

Flashbots is also using TEEs in Rollup-Boost, a sidecar system for L2 sequencers that enables faster confirmations, verifiable ordering, and more programmability. TEEs prevent sequencers from manipulating transactions while allowing private mempools and trustless execution. Since Rollup-Boost is a sidecar, rollups can retain their existing frameworks like the OP Stack or ZK Stack while adding new features. This solves a key issue in the rollup-centric roadmap, where most L2s have simply forked Geth and followed L1 upgrades instead of driving real innovation. Rollup-Boost enables experimentation without requiring rollups to maintain a separate client.

Uniswap’s upcoming L2, Unichain, will be the first to use Rollup-Boost, launching with Flashblocks and Verifiable Priority Ordering. Flashblocks enables 250ms confirmation times, native revert protection, and increased gas throughput, while Verifiable Priority Ordering allows applications to internalize their MEV. The sidecar processes transactions using extensions before returning finalized blocks to the sequencer for posting on Ethereum L1. Future extensions include Encrypted Mempool, TEE Validity Proofs, and TEE Coprocessing.

For more on Rollup-Boost, Robert has also discussed it on Uncommon Core and a different episode of Infinite Jungle.

TEEs are being integrated into L2 bridge proof systems to complement ZK proofs, which, while offering strong security, are complex and prone to bugs. Relying on a single prover increases the risk of catastrophic failure if an issue arises. To mitigate this, teams are exploring adding TEE-based proofs as an additional verification layer, reducing the likelihood of invalid states being finalized.

TEE and ZK proofs operate independently, ensuring redundancy. If one system encounters a bug or security flaw, the other can provide a fallback, preventing invalid state transitions from being finalized. In such cases, the security council can intervene before the issue escalates.

Scroll, in collaboration with Automata, has developed an open-source SGX-based TEE prover, already used to validate testnet blocks. Scroll’s next steps include integrating the dual-proof system, implementing dispute resolution mechanisms, and forming a TEE prover committee. As part of this process, Scroll is exploring ways to further decentralize TEE attestation, similar to Ethereum’s Distributed Validator Technology, ensuring no single hardware manufacturer becomes a central point of trust.

Taiko uses a tiered proof system. Initially, TEEs provide fast validation by running a lightweight execution client that verifies state transitions and signs results with ECDSA for onchain validation. During a cooldown period, ZK proofs can challenge TEE proofs. To ensure correctness, provers must stake a bond, which is forfeited if their proof is invalid. While a centralized fallback exists for security in the early stages, Taiko plans to phase it out and transition fully to ZK-based verification.

TEE proofs enable this multi-proof system by providing an additional security layer while zkEVMs are still maturing. They offer a fast, cost-effective way to validate state transitions without fully relying on ZK proofs, ensuring that even if a ZK prover fails, the system maintains security and liveness.

TEEs are rapidly becoming a key part of Ethereum’s infrastructure, addressing security, privacy, and decentralization challenges across MEV, rollups, and bridges. As these systems mature, they could redefine Ethereum’s trust model while bridging the gap until cryptographic solutions fully scale.