Abstract: Providing smart contracts including secrets encrypted with oracle-provided encryption keys is disclosed. In one example, a contract creator encrypts sensitive data necessary for executing a smart contract into ciphertext using a symmetric cryptographic key K, and also encrypts the symmetric cryptographic key K into a wrapper using a public cryptographic key e of a contract executor. The contract creator then generates an envelope using a public cryptographic key o of a contract oracle, where the envelope includes the wrapper encrypted using the public cryptographic key o and a policy that includes condition(s) precedent and is digitally authenticated. The smart contract, including the envelope and the ciphertext, is deployed to the contract executor. The sensitive data thus may be provided within the smart contract itself, while being protected from unauthorized access in the event the smart contract is malicious or is compromised.

Abstract: Trusted execution environment verification of a software package. An operating system (OS) initiates a software package verification process in a trusted execution environment, the OS being part of an OS environment comprising a file system. It is determined that a first software package in a software repository is to be installed into the OS environment. The first software package is downloaded to a storage device. The OS sends, to the software package verification process, first location information that identifies a location of the first software package. The OS receives, from the software package verification process, information that indicates that the first software package on the storage device is trusted.

Abstract: Message decryption dependent on third-party confirmation of a condition precedent is disclosed. A message is encrypted with a message encryption key to form an encrypted message. A message decryption key that is configured to decrypt the encrypted message is encrypted with a key of a first entity to which the message is to be disclosed upon occurrence of a condition precedent to form an encrypted message decryption key. The encrypted message decryption key is encrypted with a key of a second entity configured to confirm the occurrence of the condition precedent to form a double encrypted message decryption key. A condition identifier that identifies the condition precedent is generated. The encrypted message, the double encrypted message decryption key, and the condition identifier are sent to the first entity.

Abstract: Concealed monitor communications from a task in a trusted execution environment (TEE) are disclosed. A first task executing in a first trusted execution environment (TEE) implemented on a processor device determines that a monitor communication is to be sent to a monitor task, the first task being configured to generate response messages in response to requests from requestor tasks, the response messages having a predetermined characteristic. The first task generates the monitor communication, the monitor communication having the predetermined characteristic and an encoded monitor communication report. The first task sends the monitor communication toward the monitor task.

Abstract: Use of a trusted execution environment (TEE) as a safe build environment. A build task is initiated in a TEE of a compute instance. The build task generates a first software component.

Abstract: Encrypted multi-stage smart contracts are disclosed. A smart contract that is to be performed by a contract executor in a plurality of successive stages is generated. For each respective stage of at least some stages, a package of data is encrypted with at least one key to generate an encrypted package that corresponds to the respective stage, and an envelope that corresponds to the respective stage is generated. The envelope includes a condition precedent confirmable by an oracle, and an encrypted package-decryption key that is encrypted with a key of the contract executor. The encrypted package-decryption key, when decrypted, is configured to facilitate the decryption of the encrypted package that corresponds to the respective stage. For at least some of the stages, the encrypted package comprises an envelope and an encrypted package that corresponds to a next successive stage.

Abstract: Providing smart contracts including secrets encrypted with oracle-provided encryption keys using thresholding cryptosystems is disclosed. In one example, a contract creator encrypts sensitive data necessary for executing a smart contract into ciphertext with multiple symmetric cryptographic keys using a threshold cryptosystem, such that a subset of at least size R of the symmetric cryptographic keys are required to decrypt the ciphertext. The symmetric cryptographic keys are encrypted into wrappers using a public cryptographic key of a contract executor. Envelopes are generated using public cryptographic keys of corresponding contract oracles, where the envelopes include the wrappers encrypted using the public cryptographic keys, and policies that specify condition(s) precedent and are authenticated using the public cryptographic keys. The smart contract, including the envelopes, the ciphertext, and R, is then deployed to the contract executor.

Abstract: Concealed monitor communications from a task in a trusted execution environment (TEE) are disclosed. A first task executing in a first trusted execution environment (TEE) implemented on a processor device determines that a monitor communication is to be sent to a monitor task, the first task being configured to generate response messages in response to requests from requestor tasks, the response messages having a predetermined characteristic. The first task generates the monitor communication, the monitor communication having the predetermined characteristic and an encoded monitor communication report. The first task sends the monitor communication toward the monitor task.

Abstract: Monitoring a process in a trusted execution environment (TEE) to identify a resource starvation attack. A first monitor executing outside of a first TEE determines that a first process is executing in the first TEE. The first monitor makes a determination that the first process is being denied resources necessary for execution of the first process. The first monitor sends an indication indicating that the first process is being denied resources necessary for execution of the first process.

Abstract: Trusted execution environment verification of a software package. An operating system (OS) initiates a software package verification process in a trusted execution environment, the OS being part of an OS environment comprising a file system. It is determined that a first software package in a software repository is to be installed into the OS environment. The first software package is downloaded to a storage device. The OS sends, to the software package verification process, first location information that identifies a location of the first software package. The OS receives, from the software package verification process, information that indicates that the first software package on the storage device is trusted.

Abstract: Use of a trusted execution environment (TEE) as a safe build environment. A build task is initiated in a TEE of a compute instance. The build task generates a first software component.

Abstract: Message decryption dependent on third-party confirmation of a condition precedent is disclosed. A message is encrypted with a message encryption key to form an encrypted message. A message decryption key that is configured to decrypt the encrypted message is encrypted with a key of a first entity to which the message is to be disclosed upon occurrence of a condition precedent to form an encrypted message decryption key. The encrypted message decryption key is encrypted with a key of a second entity configured to confirm the occurrence of the condition precedent to form a double encrypted message decryption key. A condition identifier that identifies the condition precedent is generated. The encrypted message, the double encrypted message decryption key, and the condition identifier are sent to the first entity.

Abstract: Encrypted multi-stage smart contracts are disclosed. A smart contract that is to be performed by a contract executor in a plurality of successive stages is generated. For each respective stage of at least some stages, a package of data is encrypted with at least one key to generate an encrypted package that corresponds to the respective stage, and an envelope that corresponds to the respective stage is generated. The envelope includes a condition precedent confirmable by an oracle, and an encrypted package-decryption key that is encrypted with a key of the contract executor. The encrypted package-decryption key, when decrypted, is configured to facilitate the decryption of the encrypted package that corresponds to the respective stage. For at least some of the stages, the encrypted package comprises an envelope and an encrypted package that corresponds to a next successive stage.

Abstract: Providing smart contracts including secrets encrypted with oracle-provided encryption keys using thresholding cryptosystems is disclosed. In one example, a contract creator encrypts sensitive data necessary for executing a smart contract into ciphertext with multiple symmetric cryptographic keys using a threshold cryptosystem, such that a subset of at least size R of the symmetric cryptographic keys are required to decrypt the ciphertext. The symmetric cryptographic keys are encrypted into wrappers using a public cryptographic key of a contract executor. Envelopes are generated using public cryptographic keys of corresponding contract oracles, where the envelopes include the wrappers encrypted using the public cryptographic keys, and policies that specify condition(s) precedent and are authenticated using the public cryptographic keys. The smart contract, including the envelopes, the ciphertext, and R, is then deployed to the contract executor.

Abstract: Providing smart contracts including secrets encrypted with oracle-provided encryption keys is disclosed. In one example, a contract creator encrypts sensitive data necessary for executing a smart contract into ciphertext using a symmetric cryptographic key K, and also encrypts the symmetric cryptographic key K into a wrapper using a public cryptographic key e of a contract executor. The contract creator then generates an envelope using a public cryptographic key o of a contract oracle, where the envelope includes the wrapper encrypted using the public cryptographic key o and a policy that includes condition(s) precedent and is digitally authenticated. The smart contract, including the envelope and the ciphertext, is deployed to the contract executor. The sensitive data thus may be provided within the smart contract itself, while being protected from unauthorized access in the event the smart contract is malicious or is compromised.

Abstract: Concealed monitor communications from a task in a trusted execution environment (TEE) are disclosed. A first task executing in a first trusted execution environment (TEE) implemented on a processor device determines that a monitor communication is to be sent to a monitor task, the first task being configured to generate response messages in response to requests from requestor tasks, the response messages having a predetermined characteristic. The first task generates the monitor communication, the monitor communication having the predetermined characteristic and an encoded monitor communication report. The first task sends the monitor communication toward the monitor task.

Abstract: Monitoring a process in a trusted execution environment (TEE) to identify a resource starvation attack. A first monitor executing outside of a first TEE determines that a first process is executing in the first TEE. The first monitor makes a determination that the first process is being denied resources necessary for execution of the first process. The first monitor sends an indication indicating that the first process is being denied resources necessary for execution of the first process.