Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method executed by a first thread in multiple threads on a TEE side includes: obtaining first data; obtaining a TEE side thread lock; obtaining a write offset address and a read offset address respectively by reading a first address and a second address; determining whether a quantity of bytes of the first data to be transmitted is less than or equal to a quantity of writable bytes; if the quantity of bytes of the first data is less than or equal to the quantity of writable bytes, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; and releasing the TEE side thread lock.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method can be executed by a thread on a TEE side of the TEE system. The method includes obtaining first data; calling a predetermined function using the first data as an input parameter to switch to a non-TEE side; obtaining a write offset address by reading a first address; obtaining a read offset address by reading a second address; determining whether a quantity of bytes of the first data is less than or equal to a quantity of writable bytes; if so, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; and returning to the TEE side.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method executed by a first thread in multiple threads on a TEE side includes: obtaining first data; obtaining a TEE side thread lock; obtaining a write offset address and a read offset address respectively by reading a first address and a second address; determining whether a quantity of bytes of the first data to be transmitted is less than or equal to a quantity of writable bytes; if the quantity of bytes of the first data is less than or equal to the quantity of writable bytes, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; and releasing the TEE side thread lock.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method is executed by a first thread in multiple threads on a TEE side. The method includes obtaining first data; obtaining a TEE side thread lock; calling a predetermined function by using the first data as an input parameter to switch to a non-TEE side; obtaining a write offset address and a read offset address respectively by reading a first address and a second address; determining whether a quantity of bytes of the first data is less than or equal to a quantity of writable bytes; if so, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; returning to the TEE side; and releasing the TEE side thread lock.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method executed by a first thread in multiple threads on a TEE side includes: obtaining first data; obtaining a TEE side thread lock; obtaining a write offset address and a read offset address respectively by reading a first address and a second address; determining whether a quantity of bytes of the first data to be transmitted is less than or equal to a quantity of writable bytes; if the quantity of bytes of the first data is less than or equal to the quantity of writable bytes, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; and releasing the TEE side thread lock.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method executed by a first thread in multiple threads on a TEE side includes: obtaining first data; obtaining a TEE side thread lock; obtaining a write offset address and a read offset address respectively by reading a first address and a second address; determining whether a quantity of bytes of the first data to be transmitted is less than or equal to a quantity of writable bytes; if the quantity of bytes of the first data is less than or equal to the quantity of writable bytes, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; and releasing the TEE side thread lock.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for processing blockchain data under a trusted execution environment (TEE). One of the methods includes receiving, by a blockchain node, a request to execute one or more software instructions in a TEE executing on the blockchain node; determining, by a virtual machine in the TEE, data associated with one or more blockchain accounts to execute the one or more software instructions based on the request; traversing, by the virtual machine, a global state of a blockchain stored in the TEE to locate the data; and executing, by the virtual machine, the one or more software instructions based on the data.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for processing blockchain data under a trusted execution environment (TEE). One of the methods includes receiving, by a blockchain node, a request to execute one or more software instructions in a TEE executing on the blockchain node; determining, by a virtual machine in the TEE, data associated with one or more blockchain accounts to execute the one or more software instructions based on the request; traversing, by the virtual machine, an internal cache hash table stored in the TEE to determine whether the data are included in the internal cache hash table; and in response to determining that the data is included in the internal cache hash table, executing, by the virtual machine, the one or more software instructions by retrieving the data from the internal cache hash table.

Abstract: Disclosed herein are methods, systems, and apparatus for securely executing smart contract operations in a trusted execution environment (TEE). One of the methods includes receiving, by a blockchain node participating in a blockchain network, a request to execute one or more software instructions in a service TEE hosted by the blockchain node, wherein the request is encrypted by a public key associated with the service TEE; decrypting the request with a first private key associated with the service TEE, wherein the first private key is paired with the public key; in response to decrypting the request, executing the one or more software instructions to produce an execution result; encrypting the execution result with a client encryption key associated with the service TEE to produce an encrypted result; and signing the encrypted result using a second private key associated with the TEE to produce a signed encrypted result.

Abstract: Disclosed herein are methods, systems, and apparatus for securely executing smart contract operations in a trusted execution environment (TEE). One of the methods includes receiving, by a blockchain node participating in a blockchain network, a request to execute one or more software instructions in a service TEE hosted by the blockchain node, wherein the request is encrypted by a public key associated with the service TEE; decrypting the request with a first private key associated with the service TEE, wherein the first private key is paired with the public key; in response to decrypting the request, executing the one or more software instructions to produce an execution result; encrypting the execution result with a client encryption key associated with the service TEE to produce an encrypted result; and signing the encrypted result using a second private key associated with the TEE to produce a signed encrypted result.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for processing blockchain data under a trusted execution environment (TEE). One of the methods includes receiving, by a blockchain node, a request to execute one or more software instructions in a TEE executing on the blockchain node; determining, by a virtual machine in the TEE, data associated with one or more blockchain accounts to execute the one or more software instructions based on the request; traversing, by the virtual machine, a global state of a blockchain stored in the TEE to locate the data; and executing, by the virtual machine, the one or more software instructions based on the data.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for processing blockchain data under a trusted execution environment (TEE). One of the methods includes receiving, by a blockchain node, a request to execute one or more software instructions in a TEE executing on the blockchain node; determining, by a virtual machine in the TEE, data associated with one or more blockchain accounts to execute the one or more software instructions based on the request; traversing, by the virtual machine, an internal cache hash table stored in the TEE to determine whether the data are included in the internal cache hash table; and in response to determining that the data is included in the internal cache hash table, executing, by the virtual machine, the one or more software instructions by retrieving the data from the internal cache hash table.

Abstract: A state transition operation performed on a target database is determined. Based on the state transition operation and a state value of the target database that exists before the state transition operation is performed, a state value of the target database that exists after the state transition operation is performed is determined, where the state value is used to represent a state of the target database.

Abstract: Disclosed herein are methods, systems, and apparatus, for securely executing smart contract operations in a trusted execution environment (TEE). One of the methods includes establishing, by a key management (KM) TEE of a KM node, a trust relationship with a plurality of KM TEEs in a plurality of KM nodes based on performing mutual attestations with the plurality of KM TEEs; initiating a consensus process with the plurality of KM TEEs for reaching consensus on providing one or more encryption keys to a service TEE of the KM node; in response to reaching the consensus with the plurality of KM TEEs, initiating a local attestation process with a service TEE in the KM node; determining that the local attestation process is successful; and in response to determining that the local attestation process is successful, providing one or more encryption keys to the TEE executing on the computing device.

Abstract: Disclosed herein are methods, systems, and apparatus, for securely executing smart contract operations in a trusted execution environment (TEE). One of the methods includes establishing, by a key management (KM) TEE of a KM node, a trust relationship with a plurality of KM TEEs in a plurality of KM nodes based on performing mutual attestations with the plurality of KM TEEs; initiating a consensus process with the plurality of KM TEEs for reaching consensus on providing one or more encryption keys to a service TEE of the KM node; in response to reaching the consensus with the plurality of KM TEEs, initiating a local attestation process with a service TEE in the KM node; determining that the local attestation process is successful; and in response to determining that the local attestation process is successful, providing one or more encryption keys to the TEE executing on the computing device.

Abstract: A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for data transmission in a trusted execution environment (TEE) system. The method can be executed by a thread on a TEE side of the TEE system. The method includes obtaining first data; calling a predetermined function using the first data as an input parameter to switch to a non-TEE side; obtaining a write offset address by reading a first address; obtaining a read offset address by reading a second address; determining whether a quantity of bytes of the first data is less than or equal to a quantity of writable bytes; if so, writing the first data into third addresses starting from the write offset address; updating the write offset address in the first address; and returning to the TEE side.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for processing blockchain data under a trusted execution environment (TEE). One of the methods includes receiving, by a blockchain node, a request to execute one or more software instructions in a TEE executing on the blockchain node; determining, by a virtual machine in the TEE, data associated with one or more blockchain accounts to execute the one or more software instructions based on the request; traversing, by the virtual machine, an internal cache hash table stored in the TEE to determine whether the data are included in the internal cache hash table; and in response to determining that the data is included in the internal cache hash table, executing, by the virtual machine, the one or more software instructions by retrieving the data from the internal cache hash table.

Abstract: Examples of a data transmission method and apparatus in TEE systems are described. One example of the method includes: obtaining first data; obtaining a write offset address by reading a first address; obtaining a read offset address by reading a second address; determining whether the number of bytes in the first data is less than or equal to the number of writable bytes, where the number of writable bytes is determined based on the write offset address and the read offset address, and each address corresponds to one byte; when the number of bytes in the first data is less than or equal to the number of writable bytes, writing the first data into third addresses starting from the write offset address; and updating the write offset address in the first address.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for configuring a field programmable gate array (FPGA) based trusted execution environment (TEE) for use in a blockchain network. One of the methods includes storing a device identifier (ID), a first random number, and a first encryption key in a field programmable gate array (FPGA) device; sending an encrypted bitstream to the FPGA device, wherein the encrypted bitstream can be decrypted by the first key into a decrypted bitstream comprising a second random number; receiving an encrypted message from the FPGA device; decrypting the encrypted message from the FPGA device using a third key to produce a decrypted message; in response to decrypting the encrypted message: determining a third random number in the decrypted message; encrypting keys using the third random number; and sending the keys to the FPGA device.

Abstract: A parallel computing system is provided, including input ports, a first switching network, a computing array, a second switching network and output ports. The first switching network is receiving input data from the input ports, sequencing the input data according to different computing modes of the computing array and outputting sequenced input data; the computing array is performing parallel computation on the sequenced input data and outputting intermediate data; and the second switching network is sequencing the intermediate data according to different output modes and outputting sequenced intermediate data through the output ports. The present disclosure applies the switching networks to the parallel computing system and performs any required sequencing on the input or output data according to the different computing modes and output modes to complete various arithmetic operations through the computing array after the input data are input into the computing array.