Trustee: Full Privacy Preserving Vickrey Auction on Top of Ethereum

  • Hisham S. Galal
  • Amr M. YoussefEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11599)


The wide deployment of tokens for digital assets on top of Ethereum implies the need for powerful trading platforms. Vickrey auctions have been known to determine the real market price of items as bidders are motivated to submit their own monetary valuations without leaking their information to the competitors. Recent constructions have utilized various cryptographic protocols such as ZKP and MPC, however, these approaches either are partially privacy-preserving or require complex computations with several rounds. In this paper, we overcome these limits by presenting Trustee as a Vickrey auction on Ethereum which fully preserves bids’ privacy at relatively much lower fees. Trustee consists of three components: a front-end smart contract deployed on Ethereum, an Intel SGX enclave, and a relay to redirect messages between them. Initially, the enclave generates an Ethereum account and ECDH key-pair. Subsequently, the relay publishes the account’s address and ECDH public key on the smart contract. As a prerequisite, bidders are encouraged to verify the authenticity and security of Trustee by using the SGX remote attestation service. To participate in the auction, bidders utilize the ECDH public key to encrypt their bids and submit them to the smart contract. Once the bidding interval is closed, the relay retrieves the encrypted bids and feeds them to the enclave that autonomously generates a signed transaction indicating the auction winner. Finally, the relay submits the transaction to the smart contract which verifies the transaction’s authenticity and the parameters’ consistency before accepting the claimed auction winner. As part of our contributions, we have made a prototype for Trustee available on Github for the community to review and inspect it. Additionally, we analyze the security features of Trustee and report on the transactions’ gas cost incurred on Trustee smart contract.


Sealed-bid auction Trusted Execution Environment Intel SGX Ethereum Blockchain 


  1. 1.
    Digital assets in Ethereum blockchain.
  2. 2.
    Top 100 cryptocurrencies by market capitalization (2018).
  3. 3.
    Al-Bassam, M., Sonnino, A., Król, M., Psaras, I.: Airtnt: fair exchange payment for outsourced secure enclave computations. arXiv preprint arXiv:1805.06411 (2018)
  4. 4.
    Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 13. ACM New York (2013)Google Scholar
  5. 5.
    Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Succinct non-interactive zero knowledge for a von Neumann architecture. In: USENIX Security Symposium, pp. 781–796 (2014)Google Scholar
  6. 6.
    Benet, J.: IPFS-content addressed, versioned, P2P file system. arXiv preprint arXiv:1407.3561 (2014)
  7. 7.
    Bentov, I., et al.: Tesseract: real-time cryptocurrency exchange using trusted hardware. IACR Cryptology ePrint Archive, 2017:1153 (2017)Google Scholar
  8. 8.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013). Scholar
  9. 9.
    Blass, E.-O., Kerschbaum, F.: Strain: a secure auction for blockchains. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11098, pp. 87–110. Springer, Cham (2018). Scholar
  10. 10.
    Bos, J.W., Halderman, J.A., Heninger, N., Moore, J., Naehrig, M., Wustrow, E.: Elliptic curve cryptography in practice. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 157–175. Springer, Heidelberg (2014). Scholar
  11. 11.
    Brandenburger, M., Cachin, C., Kapitza, R., Sorniotti, A.: Blockchain and trusted computing: problems, pitfalls, and a solution for Hyperledger fabric. arXiv preprint arXiv:1805.08541 (2018)
  12. 12.
    Brown, D.R.L.: Standards for efficient cryptography sec 2: recommended elliptic curve domain parameters (2010).
  13. 13.
    Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z., Lai, T.H.: SGXPECTREattacks: leaking enclave secrets via speculative execution. arXiv preprint arXiv:1802.09085 (2018)
  14. 14.
    Cheng, R., et al.: Ekiden: a platform for confidentiality-preserving, trustworthy, and performant smart contract execution. arXiv preprint arXiv:1804.05141 (2018)
  15. 15.
    Galal, H.S., Youssef, A.M.: Succinctly verifiable sealed-bid auction smart contract. In: Garcia-Alfaro, J., Herrera-Joancomartí, J., Livraga, G., Rios, R. (eds.) DPM/CBT -2018. LNCS, vol. 11025, pp. 3–19. Springer, Cham (2018). Scholar
  16. 16.
    Galal, H.S., Youssef, A.M.: Verifiable sealed-bid auction on the ethereum blockchain. In: Zohar, A., et al. (eds.) FC 2018. LNCS, vol. 10958, pp. 265–278. Springer, Heidelberg (2019). Scholar
  17. 17.
    Martínez, V.G., Encinas, L.H., Ávila, C.S.: A survey of the elliptic curve integrated encryption scheme. J. Comput. Sci. Eng. 2, 7–13 (2010)Google Scholar
  18. 18.
    Gruss, D., Lettner, J., Schuster, F., Ohrimenko, O., Haller, I., Costa, M.: Strong and efficient cache side-channel protection using hardware transactional memory. In: USENIX Security Symposium, pp. 217–233 (2017)Google Scholar
  19. 19.
    Lee, S., Shih, M.-W., Gera, P., Kim, T., Kim, H., Peinado, M.: Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In: 26th USENIX Security Symposium, USENIX Security, pp. 16–18 (2017)Google Scholar
  20. 20.
    Lind, J., Eyal, I., Pietzuch, P., Sirer, E.G.: Teechan: payment channels using trusted execution environments. arXiv preprint arXiv:1612.07766 (2016)
  21. 21.
    Matetic, S., et al.: ROTE: rollback protection for trusted execution. IACR Cryptology ePrint Archive, 2017:48 (2017)Google Scholar
  22. 22.
    Milutinovic, M., He, W., Wu, H., Kanwal, M.: Proof of luck: an efficient blockchain consensus protocol. In: Proceedings of the 1st Workshop on System Software for Trusted Execution, p. 2. ACM (2016)Google Scholar
  23. 23.
    Schwarz, M., Weiser, S., Gruss, D., Maurice, C., Mangard, S.: Malware guard extension: using SGX to conceal cache attacks. In: Polychronakis, M., Meier, M. (eds.) DIMVA 2017. LNCS, vol. 10327, pp. 3–24. Springer, Cham (2017). Scholar
  24. 24.
    Seo, J.: SGX-shield: enabling address space layout randomization for SGX programs. In: NDSS (2017)Google Scholar
  25. 25.
    Shih, M.-W., Lee, S., Kim, T., Peinado, M.: T-SGX: eradicating controlled-channel attacks against enclave programs. In: Proceedings of the Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2017)Google Scholar
  26. 26.
    Shinde, S., Chua, Z.L., Narayanan, V., Saxena, P.: Preventing page faults from telling your secrets. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 317–328. ACM (2016)Google Scholar
  27. 27.
    Tran, M., Luu, L., Kang, M.S., Bentov, I., Saxena, P.: Obscuro: a bitcoin mixer using trusted execution environments. IACR Cryptology ePrint Archive, 2017:974 (2017)Google Scholar
  28. 28.
    Bulck, J.V., et al.: Foreshadow: extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In: Proceedings of the 27th USENIX Security Symposium. USENIX Association, August 2018Google Scholar
  29. 29.
    Weisse, O., et al.: Breaking the virtual memory abstraction with transient out-of-order execution. Technical report, Foreshadow-NG (2018)Google Scholar
  30. 30.
    Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 151, 1–32 (2014)Google Scholar
  31. 31.
    Xu, Y., Cui, W., Peinado, M.: Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 640–656. IEEE (2015)Google Scholar
  32. 32.
    Zhang, F.: mbedtls-sgx: a TLS stack in SGX (2016).
  33. 33.
    Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town crier: an authenticated data feed for smart contracts. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 270–282. ACM (2016)Google Scholar

Copyright information

© International Financial Cryptography Association 2020

Authors and Affiliations

  1. 1.Concordia Institute for Information Systems EngineeringConcordia UniversityMontréalCanada

Personalised recommendations