Rei Researcher

A live, high-stakes test proving Sapphire’s defense-in-depth architecture in the real world

🚀 A Challenge Like No Other: “If You Hack It, You Keep It.”
In the world of Web3, most security programs follow a predictable pattern — report a bug, wait for triage, then maybe earn a reward.

#OasisNetwork decided to do things differently.
They launched a radical, open security challenge that flips the traditional bug bounty model upside down:

1 Bitcoin (wBTC) is locked inside a Sapphire smart contract. Whoever can hack it, keeps it.
No forms to fill out. No approval process. No private disclosures.

Just one rule: you only win if you break the Trusted Execution Environment (TEE) and extract the private key inside.
This is not a simulation or controlled experiment. It’s a live test on Sapphire Mainnet, with real money on the line, running under the same protections used by Oasis’s production network.
The challenge will remain open until December 31, 2025 — giving the global security community a full year to try their luck, test their tools, and push the boundaries of confidential computing.

🧠 Why This Matters: From Words to Proof
TEE-based systems are designed to execute sensitive code and manage private data in isolated hardware environments. They promise confidentiality even when the host system is compromised.

But as recent research has shown, that promise isn’t always unbreakable.
In 2025, two high-profile vulnerabilities — Battering RAM and Wiretap — exposed weaknesses in the deterministic memory encryption of Intel SGX and AMD SEV-SNP.

Those attacks allowed researchers to extract attestation keys and decrypt private data on multiple blockchain networks built around TEEs.
Projects like Phala, Secret, Crust, and IntegriTEE had to deploy emergency patches and temporarily suspend services.

But Oasis remained completely unaffected, thanks to years of proactive engineering and a strong defense-in-depth philosophy.
That’s why Oasis launched this challenge — not to boast, but to demonstrate confidence through evidence.
“We don’t just claim security. We prove it, in public, under real-world conditions.”

🔒 Built for Adversity: Why Sapphire Is Different
Sapphire, the confidential EVM built on Oasis, runs on Intel SGX v1, which uses a different memory encryption model from the affected SGX/SEV-SNP generations.

This makes Sapphire inherently resilient to the deterministic encryption attacks that compromised other networks.
But the real strength lies in Oasis’s layered security architecture — multiple barriers that work together to contain risk even if one layer is compromised.

These include:
On-chain governance and validator staking: Only approved validators with at least 5 million staked $ROSE can operate Sapphire’s key infrastructure.Ephemeral encryption keys that rotate every epoch, preventing any compromise from affecting past transactions.Dynamic CPU blacklisting that can instantly exclude vulnerable hardware from participating in the network.Strict node membership requirements and hardware attestation for all key manager nodes.

This holistic “defense-in-depth” model means that Sapphire isn’t just secure because of the TEE — it’s secure because every layer, from protocol to hardware, reinforces the next.
🧩 Inside the Challenge: The Unbreakable Smart Contract
The challenge centers on a Sapphire smart contract deployed at:

0xc1303edbFf5C7B9d2cb61e00Ff3a8899fAA762B8
Within the enclave, the contract generates a cryptographic keypair using Sapphire’s secure random number generation.

The private key is created and stored entirely within the TEE — it never touches disk or memory outside the enclave.
The public key is used to derive an Ethereum address that holds 1 wrapped Bitcoin (wBTC): 0xCEAf9abFdCabb04410E33B63B942b188B16dd497
From there, the contract functions as a custodial wallet, capable of signing transactions only when the authorized owner initiates a verified withdrawal.
To eliminate common attack vectors, Oasis implemented the following constraints:
No off-chain key generation — everything happens inside the enclave.
Hardcoded withdrawal addresses — even if an attacker compromised the owner’s account, they could only send funds back to Oasis’s multi-sig vault.
SIWE (Sign-In with Ethereum) for identity verification and transaction authorization.

There is no backdoor, no debug function, and no administrative override.
In short:
The only way to move the funds is to extract the private key from inside the TEE — something that would prove a full hardware compromise.
🔧 Real Security, Not a Simulation
Many blockchain security tests are run in isolated conditions, using modified hardware or experimental builds.

The Oasis Security Challenge takes the opposite approach: it operates under exactly the same parameters as the live Sapphire network.
That means all of Sapphire’s standard protections are active:
🔄 Ephemeral key rotation every epoch
🧱 Restricted compute committee membership limited to trusted validators
🔐 Enhanced key manager safeguards
⚙️ Dynamic CPU blacklist enforcement to remove compromised processors
This ensures the test reflects real operational security — not a lab demo or proof-of-concept.
🌍 A Community-Wide Experiment
Since its launch, the challenge has already gained over 250,000 views and drawn attention from Ethereum security researchers, hardware hacking groups, and academic institutions studying confidential computing.
The contract code is fully verified and publicly visible on the Oasis Explorer, ensuring total transparency.
Participants are encouraged to discuss techniques, share insights, and collaborate within the community — especially in the official Oasis Discord.
The message is simple:
“If you think Sapphire’s TEE security can be broken, here’s your chance to prove it.”
And if no one succeeds by the end of 2025, it will be a powerful validation of the robustness of Sapphire’s architecture — real proof that confidential computing can work safely on a global blockchain.
🕒 Challenge Parameters
Duration: Now through December 31, 2025

Reward: 1 wBTC (one full Bitcoin)

Network: Sapphire Mainnet (Oasis Network)
🧭 Beyond the Bounty: A Philosophy of Proactive Security
This experiment reflects a broader truth about Oasis’s design philosophy.

Security isn’t something that happens after a problem — it’s something you design for from the start.
Oasis engineers anticipated hardware-level threats years before they became mainstream.
That foresight led to architectural decisions — like key separation, ephemeral encryption, and governance-enforced trust — that now protect Sapphire users today.
The security challenge embodies this philosophy: open, transparent, and fearless.
Instead of hiding behind marketing claims, Oasis invites the world to test its assumptions.
In an industry built on trust, Oasis proves that trust is earned through verification — not just belief.
🔒 Conclusion: Actions Speak Louder Than Words
The Oasis Security Challenge is more than a bounty — it’s a real-world experiment in trustless security.
It’s an open invitation to every researcher, hacker, and engineer to test the boundaries of TEE-based confidentiality.
If someone manages to steal the Bitcoin, it will mark a significant moment in security research.

If not, it will serve as undeniable proof that Oasis’s defense-in-depth architecture stands strong — even under the harshest scrutiny.
Either way, the blockchain community wins — with clearer insights, stronger technology, and a deeper understanding of what true security looks like.
So the challenge stands:
Can you break Sapphire’s TEE?

If you can, the Bitcoin is yours.

If you can’t, you’ll have witnessed one of the most resilient confidential computing platforms in action.
🧭 Learn more: Sapphire – Confidential EVM by Oasis Network

As the digital world continues to evolve, Web3 emerges as a transformative vision for a decentralized, transparent, and user-empowering internet. This new paradigm promises to shift control from centralized corporations to individual users. However, to fully realize this vision, the Web3 ecosystem must overcome a fundamental challenge: ensuring robust safety and security for decentralized applications (dApps). Oasis Network, a leading privacy-focused blockchain project, has brought forth a powerful and promising answer to this challenge with an integrated solution called ROFL.
This article delves into the content presented in the video, exploring the inherent limitations of current security technologies and detailing how Oasis Network is meticulously engineering a more secure and reliable foundation for the future of Web3.

The Challenge of Trusted Execution Environments (TEEs) 🛡️

A Trusted Execution Environment (TEE) is a critical hardware-based technology that creates a secure, isolated area inside a computer's main processor. This enclave is designed to execute code and handle sensitive data with strong integrity and confidentiality guarantees. TEEs provide core features such as:
Isolated Execution: Code and data are cryptographically protected from the host operating system, hypervisor, and other applications on the system.CPU-Internal Encryption Keys: Data is encrypted and signed with unique keys that are generated within the CPU and are inaccessible to any external software.Remote Attestation: This mechanism allows a remote party to verify that a specific application is running within a genuine and up-to-date TEE, providing a cryptographic proof of its secure status.
However, as Yikos from Oasis Network emphasized, deploying TEEs alone is insufficient for building truly secure decentralized systems. They solve one part of the puzzle but leave critical gaps. We still face difficult questions like, "How can we cryptographically verify what constitutes the correct code?" or "Which specific TEE, among many, can be trusted for a given task?". Without a framework for verification, a malicious actor could potentially run harmful code inside a TEE that is itself secure. Furthermore, TEEs have an inherent weakness tied to their physical hardware: if the CPU is physically damaged or destroyed, all its unique internal keys are lost forever, leading to the permanent loss of any data encrypted with them. This is a critical point of failure for any dApp requiring high availability and data persistence.

Oasis's Vision: A Comprehensive Framework for TEEs 💡

To overcome these significant limitations, Oasis Network proposes a comprehensive, multi-layered framework that adds crucial layers of security, resilience, and governance around the core TEE technology.
1. Decentralized Key Management System (KMS)
To solve the critical problem of data loss and to manage secrets effectively, a Key Management System (KMS) is essential. Oasis envisions a decentralized KMS that runs on a network of replicated and geographically distributed TEEs. Distributing the KMS in this manner builds resilience against regional outages, targeted attacks, or single-provider failures, ensuring that cryptographic keys can be securely recovered and managed. 🔑
2. On-Chain Policies and Governance
Defining what constitutes "correct code" should not be an arbitrary decision. It must be governed by clear, transparent, and enforceable policies. By storing these policies on-chain, they become immutable and publicly auditable. This allows the community to participate in governance, defining crucial rules such as which TEE security versions are acceptable, where the application's source code must originate from, and on which specific providers or servers the application is permitted to run.
3. Reproducible Builds
To guarantee that the application running inside a TEE is the exact version that was audited by security experts, the ecosystem needs reproducible builds. This means that anyone can take the publicly available source code and, through a deterministic build process, produce a binary that is bit-for-bit identical to the official one. This provides an independent and trustless way to verify the integrity of the software. 🔍
4. Container Support and Execution Transparency
To enhance developer experience and accelerate adoption, the framework must support popular development tools like containers (e.g., Docker) while still ensuring a minimal Trusted Computing Base (TCB). Furthermore, maintaining an immutable, on-chain log of all application execution histories is vital. This transparent record serves as an audit trail, ensuring compliance with all established policies and governance decisions.
5. Decentralized TEE Providers
In alignment with the core philosophy of Web3, the framework must be supported by a decentralized ecosystem of TEE providers. This prevents vendor lock-in and the centralization risks associated with relying on a single entity. It also fosters a competitive marketplace, driving innovation, better service, and more accessible pricing for developers. 🌐

Introducing ROFL: The All-in-One Solution 🌟
Based on this holistic vision, Oasis Network developed ROFL (Remote Off-chain Function)—a framework that provides all these necessary components as a default, integrated package. The name itself hints at its purpose: securely executing functions off-chain with on-chain verification. ROFL comes with built-in:
A Decentralized Key Management System.Application Policy Management.Execution Transparency.Reproducible Builds.A Decentralized Marketplace for TEE providers.
Benefits of ROFL:
For Developers: ROFL dramatically simplifies the entire lifecycle of a TEE application, abstracting away much of the underlying complexity. It streamlines creation, management, building, verification, and the handling of secrets.For Providers: ROFL offers a ready-made marketplace for providers of TDX (Intel Trust Domain Extensions) resources, giving them access to a growing ecosystem and the tools needed to deploy TEE applications easily.
To further support users, Oasis also provides ROFL.app, an intuitive web frontend for managing ROFL applications, helping with monitoring, deployment, and other advanced tasks.

Practical Applications and Future Potential 💼

What can be built with ROFL? The potential is vast and transformative:
Trustless DeFi Agents: Build automated trading bots or yield-farming agents that can execute complex strategies with private logic, all without users having to surrender custody of their funds to a centralized service.Confidential Oracles: Create next-generation oracles that can securely fetch and process sensitive data from private APIs or proprietary databases, bringing valuable real-world data on-chain with verifiable integrity.Private AI Inference: With GPU support from TDX instances, ROFL enables AI models to perform inference on sensitive datasets (e.g., medical records, financial data) while guaranteeing data privacy. This unlocks new possibilities in research and industry where privacy has been a major barrier.

Conclusion

The Web3 world is at a crucial juncture where its future growth hinges on solving the challenges of security and trust. Through ROFL, Oasis Network does more than just patch the weaknesses of TEEs; it delivers a powerful, cohesive, and accessible toolkit for building a new class of dApps. By seamlessly integrating cutting-edge hardware security with decentralized governance, secure key management, and on-chain transparency, ROFL is laying the essential foundation for applications that are not only feature-rich but fundamentally secure. This represents a significant leap forward, positioning Oasis as a key infrastructure provider and promising a future where users can confidently and securely engage with the decentralized digital world. 🌍✨
#OasisNetwork $ROSE

In the world of blockchain, there is a golden rule, an almost absolute truth: "Not your keys, not your coins." This rule emphasizes a binary principle that has existed since the dawn of crypto: either you possess the private key and have full control of your assets, or you share it and risk losing everything. 😬
This "all or nothing" principle is both a protective fortress and a barrier holding back the evolution of Web3. It makes renting, lending, or sharing access to digital assets extremely risky. How can you lend someone an expensive NFT so they can experience the benefits of an exclusive club without worrying they'll just run off with it? How can Decentralized Autonomous Organizations (DAOs) delegate voting power securely?
For years, this has been a difficult puzzle. But now, a groundbreaking solution is emerging, promising to completely shatter this old model. Its name is Liquefaction.
This technology isn't just theory. Recently, at the EthDam event, a demo called "Take My Ape" allowed users to "rent" a Bored Ape Yacht Club (BAYC) NFT—one of the world's most valuable collections—along with its full associated benefits, while smart contracts ensured it could never be stolen.
In this article, we will go down the rabbit hole 🐇, exploring what Liquefaction is, the magical mechanism behind it, and why it's not just a fun application but an infrastructural leap for the entire blockchain ecosystem.

What is Liquefaction? More Than Just a Smart Wallet 🧠

To understand the uniqueness of Liquefaction, we need to know that it isn't merely a new wallet app. It's a wallet system built on the Sapphire platform, using specialized hardware technology called Trusted Execution Environments (TEEs).
The origin of Liquefaction is quite interesting, stemming from a blog post that explored the idea of using private keys to sell DAO votes. Researchers at IC3 and Cornell University took this concept and expanded it into a complete system. 🎓
At its core, Liquefaction does something magical: It adds programmable logic directly on top of a regular blockchain address.
Imagine being able to install rules for your wallet address, making it behave as intelligently as a smart contract. Through a process called "encumbering keys," Liquefaction allows multiple users to safely share a single blockchain address. This opens up countless possibilities:
Sharing Assets: Co-owning and using a digital asset together.Renting: Providing temporary access to an asset in exchange for a fee.Pooling: Multiple users pool assets into a common wallet to participate in DeFi activities with greater efficiency.
The first proof-of-concept (PoC) for Liquefaction involved sharing access to a Bored Ape NFT, but that's just the tip of the iceberg.

Inside the Digital Vault: How Does Liquefaction Work? ⚙️
The magic of Liquefaction lies in how it combines secure hardware with blockchain logic. The mechanism relies on two critical properties of the Sapphire platform: privacy and liveness.
Let's break down the process:
1. The Private Key is "Jailed" in a TEE 🔒
The first and most crucial step is that the private key is placed directly inside a TEE. A TEE is an isolated and secure area on a computer's processor. Anything that happens inside the TEE is kept completely confidential, even from the owner of the computer. Once a private key enters a TEE, it never leaves this secure environment. It's like putting gold in a vault that you can't open yourself; you can only request it to perform transactions according to the rules.
2. Transaction Requests and Policy Evaluation 📜
When a user (e.g., the NFT renter) wants to perform an action, they send a signing request to the Liquefaction wallet. This request isn't executed immediately. Instead, it goes through a multi-layered and completely confidential policy evaluation process inside the TEE.
These policies are essentially smart contracts. They can be programmed with complex stateful logic, such as:
Tracking rental periods and automatically revoking access when the time is up.Enforcing spending limits for a shared wallet.Allowing only certain types of operations while blocking others (e.g., allowing message signing but blocking transfer transactions).
3. Conditional Signing ✅
The TEE will sign the transaction if and only if the request satisfies all the conditions defined in the policy. The Sapphire platform verifies that these policies have not been tampered with. This creates a verification chain where each transaction must pass multiple checkpoints before being authorized.
The result is a cryptographic guarantee that no one—not the user, the developer, or the server operator—can extract the private key or manipulate the established policies.
4. Why is a Blockchain-Based TEE Necessary?
You might ask: why not just do this off-chain? There are two critically important reasons:
Liveness Guarantee: If you only used an off-chain computer, someone could simply "unplug it" and disappear with the assets. By relying on a blockchain, the system ensures it will always be operational and the rules will always be enforced. 🔌❌Attestation Capability: Anyone can cryptographically check and verify what is happening inside the TEE and ensure the system is operating continuously and transparently.

A Tangible Proof: "Take My Ape" - When You Can Rent a Bored Ape 🐒

That's the theory, but the true value of Liquefaction is demonstrated through the "Take My Ape" demo. It turns an abstract concept into a tangible experience.
Through a simple auction, users can bid ROSE tokens to win ownership of a BAYC NFT for a minimum of 15 minutes at an extremely low cost. The winner enjoys benefits that were previously reserved for those with hundreds of thousands of dollars:
Control the ape's image: Use it as a Profile Picture (PFP).Play with the ape in the BAYC Studio.Prove ownership via a digital signature to access exclusive platforms or events.Access the BAYC member-only area.
The only real limitation? The inability to transfer the NFT to another address. This is the smart policy in action, a necessary step to prevent theft.
Since its launch, the BAYC #8180 NFT has been "rented" dozens of times, becoming one of the most traded NFTs in history. This proves a real market demand for flexible access to high-value digital assets. 🏆

A "Liquefied" Future: Beyond JPEGs 🚀

Liquefaction is more than just a tool for renting NFTs. It's a paradigm shift for blockchain, with an importance similar to breakthroughs like oracles (providing off-chain data) or rollups (scaling solutions).
By securing private keys inside TEEs while offering conditional access through confidential policies, Liquefaction shatters the assumption that one address must belong to a single entity.
Think about the broader potential:
Unlocking Liquidity: Billions of dollars are locked in vesting or staking tokens. Liquefaction could allow owners to "rent out" the voting rights or other utilities of these tokens without having to sell them.Gaming Guilds: Gaming guilds can securely and automatically manage and rent out in-game items (NFTs) to players.Decentralized Finance (DeFi): Create more complex financial products where multiple users can contribute to a joint position with predefined rules for risk and reward.
For developers, simplified implementations are on the way. Whether it's temporarily owning a Bored Ape or unlocking liquidity for locked assets, Liquefaction points toward a future where ownership, privacy, and flexibility converge in ways we previously thought impossible. ✨
#OasisNetwork #ROSE