Integritee just announced that they are going to join the second batch of parachain auctions. It’s an incredibly solid project in terms of technology, one of the most advanced scalable privacy chains, that allows the creation of GDPR-compliant dApps, private smart contracts, launch oracles and minting private tokens. Yet due to a late start of marketing, nobody in the ecosystem understands how it works. Some people compare it to Phala, but actually, Phala has a completely different value proposition and target audience. We’d like to fill the void and cover all of the Integritee features to show how important it can become for the whole ecosystem. We’ll cover its architecture, use cases, tokenomics, its crowdloan strategy and its difference to other privacy chains. It’s the most detailed guide currently available, so let’s dive in.

Integritee co-founder and CTO, Alain Brenzikofer, was the pioneer of integrating trusted execution environments (TEEs) with Substrate-built blockchains. While working at Supercomputing Systems AG, he started developing the SubstraTEE framework in 2019. They aimed to create a secure framework for private and enterprise users that could be scaled efficiently, and would be cheap to use. To avoid association with the general Substrate technology, they renamed the project to Integritee in 2021.

The architecture of Integritee

In terms of architecture, Integritee is a Substrate-based blockchain with a multi-layered structure. To understand how it works, we have to define the building blocks of the ecosystem.

It consists of such blocks:

1. Relay Chain. The basic layer, which handles the security of the whole ecosystem and interconnects all parachains. It accepts and finalizes blocks from all connected parachains, including Integritee.

2. The Integritee parachain. Some people think that parachains are layer 2 for Polkadot and Kusama, but in our architectural scheme, it will be layer 1. Our layer 1 parachain contains information about all Integritee nodes and sidechains, it keeps the registry and coordinates all calls to the network. We’ll explain how these scenarios work a little bit later.

3. The TEE hardware. Trusted Execution Environments (TEE’s) are used by every node that works with user private data to ensure its confidentiality.

4. Layer 2. Its purpose is to process all the data from Integritee users in private mode. There are two types of layer 2 nodes, off-chain workers and sidechain validators.

5. Off-chain workers (OCW). These nodes run on the TEE hardware and can be used to run single instances of decentralized applications, such as oracles or bridges. They can only be accessed indirectly, via the Integritee parachain, thus increasing the load on the network.

6. Sidechains and their validators (SCV). They also require the TEE hardware to be able to participate in the network, and they are pretty much similar to worker nodes, but they can be accessed directly, reducing the workload of the blockchain. Each sidechain can be customized for its own scenarios and use cases. The framework features several code templates that can be used to build various dApps. 1 sidechain = 1 project/dapp.

7. Shards. It’s not what you might think if you are familiar with the concept of Ethereum sharding. Integritee shards are different application instances running in workers’ TEEs. One worker can host multiple shards and different shards can interoperate directly.

Some of this might look confusing, but wait, we’ll explain all of this step-by-step.

Why are TEE’s so secure?

To make it easier, we can envision a TEE as a co-processor that manages its own cryptographic keys and we can be sure that it only executes programs whose hash, or fingerprint, corresponds to the original code. The manufacturer of the processor guarantees, by the design of their hardware, that nobody has access to the internal keys of the TEE or can read its memory, even if they have physical access to its hardware or OS. The manufacturer can authenticate each TEE and provide remote attestation to a user to confirm that an untampered program is actually running on a genuine TEE. Lately, TEE has become a popular technology in blockchain networks, running nodes on the TEE hardware doesn’t require reaching consensus, as we can trust all TEE nodes.

Currently, Integritee uses Intel SGX as the main TEE hardware for its network. The Integritee parachain verifies and stores all TEE attestations of all nodes of the network, of sidechain nodes and off-chain workers, to provide users with assurance that every node and sidechain can be trusted, as nobody can tamper with their data. Each node has to submit remote attestation daily.

Remote attestation is the process of asking the TEE manufacturer to authenticate a TEE. The manufacturer signs a report to confirm that both the TEE itself and the hash of the binary it is executing, are genuine. Such a report also includes the TEE’s public signing key. By verifying this signature, the user can rest assured that they are communicating with the correct TEE. Integritee simplifies this process for users by storing remote attestations on-chain. This avoids the need for users to obtain a license for the manufacturer’s attestation services.

A TEE can be used to securely store, process and share any data, Private token transfers, private smart contracts, private DEXes, messengers and private state channels — everything is possible with the Integritee framework.

Difference between worker nodes and sidechains

One word: scalability. The whole Integritee parachain can host more than 1,000 workers and validators. Off-chain worker nodes require indirect invocations. That means that every operation, every invocation to a worker goes directly through the blockchain. Every blockchain has limited capacity, thus exchanging data via off-chain workers isn’t the optimal way for enterprise use. The solution is sidechains.

Let’s think of a sidechain as a separate network of nodes that gets coordinated by the main Integritee blockchain. To use a sidechain, it’s necessary to get the addresses of its nodes from the registry on layer 1, and after getting them, a requester can interact with the sidechain directly. Why is it better than off-worker nodes? Because the less interaction is required with layer 1, the more layer 2 nodes can be launched in the network. The only bottleneck of the network, as always, is the throughput of the blockchain. If all participants use the blockchain only once as the registry of nodes, as the entrance point, it will greatly benefit the scaling goal and it will be possible to reach 1,000,000 tx/s.

Aside from scalability, off-chain workers and sidechain validators are pretty similar. Both types are nodes with TEE hardware that runs various Substrate pallets. There are some templates for various types of projects already available for every Integritee 3rd party developer, but they also can be developed from scratch. The most important thing that we need to understand is that Integritee can host any blockchain in private mode. Its predecessor SubstraTEE was supposed to be a set of tools for other ecosystem projects. In late 2020 the team realized that many potential adopters of the technology won’t be able to obtain their own parachain slot. So that’s why they saw the potential of pooling all these projects on a dedicated parachain.

Block production on Integritee

Now as we understand the difference between off-chain workers, sidechains and the Integritee parachain, it’s time to dig deeper into the architecture. The way how the Integritee parachain interacts with the Relay chain is the same as all the other parachains.

The parachain aggregates all information from layer 2 nodes and the blocks get validated and finalized on the Relay chain. Collators produce parachain blocks and send them together with a proof-of-validity (PoV) to relay-chain validators. Collators do not need to be trusted because the security of parachains comes from the relay-chain validators.

Layer 2 is a different story. As we remember, off-chain workers interact with users via indirect invocations on the parachain. They don’t produce blocks. Let’s see the path of a regular user of a decentralized Integritee app to understand how it works:

1. Every client app knows the address of the worker node (MRENCLAVE) for its dapp. It’s hard-coded or configured in the client app. That allows the client app to find the node with the appropriate software installed among hundreds of others.

2. Client/app queries the teerex registry on the Integritee parachain where worker url, MRENCLAVE and signing key are stored.

Then, the client asks the worker for the shielding key via the worker remote procedure call interface 3. The client encrypts its call with the shielding key and sends it to the parachain

5. The worker scans every single parachain block for relevant extrinsic messages (TrustedCalls).

6. The requested worker executes the call in its TEE and sends back the call confirmation to the layer 1 node.

7. The client can check the private states of its queries directly via the interface of the worker.

8. To make another operation, another call must be executed again.

That’s why it’s not so scalable. Every new operation must go through the parachain. Sidechains offer direct invocation. That means that the scenario looks different:

1. A client makes the request to the parachain, looking for the necessary MRENCLAVE address that is configured in the app.

2. The parachain returns the addresses of all sidechain validators that run the copy of that sidechain.

3. After getting their addresses, the client can call them directly using their remote call procedures.

Every sidechain has at least two validator nodes, overall it doesn’t need too many of them. As all SCVs are running block production and validation in TEEs, they trust each other, greatly reducing the complexity of the consensus protocol. So the only problem they have is organizing the transaction order. After receiving a trusted call from any client, a sidechain validator executes it and produces a block. This new information gets broadcast to the other validators, so they could keep the same state on every node. SCVs only commit the sidechain block hashes to the parachain, not entire blocks, thus the parachain can handle more than 1,000 SCVs simultaneously. So it’s possible to build a large enterprise network hosted on the Integritee parachain.

Use cases

Integritee can do everything that other parachains can offer, only better. Remember: you can launch any Substrate-based blockchain on it as a sidechain. It’s a platform for blockchains. Among its features:

1. Smart contracts. Can be written in Rust or Ink!

2. Privacy. It’s possible to turn any blockchain into a private one by launching it on Integritee. It’s possible to share any sensitive information with any 3rd party and control it.

3. GDPR compliance. Due to its privacy features, Integritee is tailored for enterprise use, as it allows to store safely any data in a decentralized way.

4. Scalability. The architecture with sidechains allows the network to scale to 1,000,000 tps.

Integritee can be used to host any dapp or blockchain. Any financial dapp, running on Integritee, will get private features. So, if someone will try to launch a DEX with privacy features, it will only require changing a few lines of code to port it to Integritee.

The list of potential use cases is pretty long, some examples include:

1. Financial dapps.

2. Medicine, wearables. An Integritee sidechain can be used to share medical data with a medical dapp.

3. Oracles.

4. AI networks that process input data in private mode.

5. Data storage.

6. Bridges to other blockchains.

7. Private messengers.

8. Decentralized identities.

9. Data analytics.

Several projects are already building on Integritee — PolkaDEX, and it’s pretty obvious that it’s a DEX, Litentry, a decentralized identity solution, and Ternoa, which can be described as decentralized Dropbox. We’re sure more will come when Integritee gets its slot.

TEER token

As Integritee entered the crowdloan race, it might be good to cover its tokenomics. The native token on Integritee is TEER.

Metrics:

Token: TEER

Type: Utility, Governance

Supply: 10 million

Allocation for the crowdloan: 10% of the total token supply

Small note: Integritee has reserved 10% of the total token supply for this crowdloan rewards, so rewards will depend on the total amount of KSM contributed to it. To calculate the exact amount of token rewards, it will be necessary to divide 1 million TEER by the amount of the contributed KSM, and we’ll get the final reward ratio per KSM.

In addition, all participants of this batch who bond their KSM for Integritee will get a guaranteed reward. From the beginning until reaching the milestone of 10,000 bonded KSM it will be 10,000 TEER tokens, divided among all participants regardless of the outcome. After reaching the milestone of 10,000 bonded KSM for Integritee, all participants will share 20,000 TEER tokens distributed among them based on their contribution.

TEER is the native token, and its main use is the governance token and the fee token. Every OCW or SCV node connected to the network will pay the network fee for validation. Fees are collected in an on-chain treasury, a small fraction of fees is burned, so the overall model is deflationary. Treasury funds are used for ongoing maintenance and operation of the infrastructure and software, as well as ecosystem development and community activity rewards. The allocation of treasury funds is delegated to an on-chain council. Service providers can request funds to deliver their services and the council will evaluate proposals and allocate funds at its discretion. The on-chain council is elected by TEER token holders by voting.

The network is designed for enterprise clients, but generally, they don’t like paying fees in tokens because of exchange rate volatility which results in unpredictable costs for them. Therefore, the Integritee parachain usage fees will be denominated in USD. Oracle services will ensure live tracking of the USD/TEER exchange rate in order to maintain stable usage fees. Integritee AG, the company, is determined to guide firms and enterprises to public blockchains and will therefore serve as an optional intermediary (possibly one of many), allowing clients to pay predetermined fees in fiat currency in return for services provided by the decentralized Integritee parachain. Such intermediaries will buy TEER tokens on the open market and pay TEER fees on behalf of their enterprise customers to encourage widespread adoption. As the intermediary service will take on the exchange rate risk of the TEER token, it is expected that paying in TEER directly will be cheaper than contracting an intermediary.

Conclusion

Integritee is a very important project for the whole ecosystem. It will allow enterprises and individuals to use blockchain technology for their own use cases while still remaining compliant with GDPR and other data protection regulations. After connecting to Kusama, it will bring the benefits of TEE technology to the whole network. It will be an easy way for any Substrate project to try launching without winning its own parachain slot. We hope Integritee will get its parachain slot, which will benefit the whole community.

• Website - https://www.integritee.network/

• Twitter - https://twitter.com/integri_t_e_e

• Github - https://github.com/integritee-network

• SubSocial - https://app.subsocial.network/4638

• Medium - https://medium.com/integritee

• News Channel: https://t.me/Integritee_News