
Teechan: Payment Channels Using Trusted Execution Environments [pdf] - mrb
https://www.cs.cornell.edu/People/egs/papers/teechan.pdf
======
jcoffland
I call bullshit. This relies on special access to SGX which Intel controls.
This means you must trust Intel and anyone who may hack Intel and therefore it
is not a secure decentralized solution.

SGX requires contacting Intel's servers to get an attestation key. There is a
good reason Intel requires this. That reason is that SGX doesn't otherwise
provide the DRM it was designed to for. With out Intel's attestation keys
anyone could emulate SGX in software thus exposing the code and data in the
SGX enclave.

[http://www.theregister.co.uk/2016/02/01/sgx_secure_until_you...](http://www.theregister.co.uk/2016/02/01/sgx_secure_until_you_look_at_the_detail/)

~~~
carlitocoolxx
If I'm not mistaken: 1) SGX is already shipped in Intel skylake CPU's (i5's
and i7's). 2) Development access is publicly also available for anyone who
wants to use SGX. Sure, to run an enclave in production mode and to perform
remote attestation you need a license with Intel, however this is attainable..
3) If you don't trust Intel: (i) don't use teechan? It doesn't affect the
decentralization of Bitcoin. Bitcoin still has the same trust model, except
now, anyone people who DO TRUST Intel can send bitcoins to each other through
SGX as well. The rest of the network doesn't need to care; (ii) I guess you
trust AMD - unless you've built your own processor from scratch? It seems odd
to have a problem with trusting Intel. If you use Bitcoin at all you've
probably already trusted Intel (e.g. their RNG to generate your private keys,
their instructions to verify and sign you transactions etc.)

Overall, "I call bullshit" sounds like teechan isn't possible. It is.

~~~
jcoffland
I'm saying Teechan isn't secure in the way Bitcoin is. Your peers could be
cheating and you wouldn't know it.

~~~
cryptonerdza45
What do you mean? How do you know if your peers are cheating in the Bitcoin
network? When they've broadcast a transaction that spends your money? At this
point it's already too late.

In teechan the processor is responsible for holding your funds until you take
them out of the channel. If somehow an attacker could steal them (which is
very difficult to do considering the security model!), you would know that
they cheated when they spent your funds on the network. I don't see the
difference?

~~~
jcoffland
The teechan processor could steal your money because it's not secure.

------
mappum
Unfortunately, SGX is not open for public use yet. You currently need special
permission from Intel to access it.

~~~
cryptonerdza45
Yeah, a license agreement? For the individual user it might not ideal right
now, but for big Bitcoin players, that's easy to attain...

------
landsend03
Wow, there's been some interesting discussion on reddit about this too..
looking forward to seeing the implementation
[https://www.reddit.com/r/Bitcoin/comments/5jqxxc/scaling_bit...](https://www.reddit.com/r/Bitcoin/comments/5jqxxc/scaling_bitcoin_with_secure_hardware/)

------
welcome-34
Related blog post: [http://hackingdistributed.com/2016/12/22/scaling-bitcoin-
wit...](http://hackingdistributed.com/2016/12/22/scaling-bitcoin-with-secure-
hardware/)

