Oasis, the team behind the Sapphire confidential EVM, has launched what might be one of the boldest blockchain security experiments in recent years: a public challenge to break their TEE-based system.
There’s one Bitcoin (wBTC) locked in a Sapphire smart contract.
If anyone can extract the private key controlling it, the funds are theirs.
No bug report. No triage. Just proof through action.
A Real-World TEE Security Test
The setup is simple but powerful: a smart contract deployed on the Sapphire Mainnet generates a keypair entirely inside an Intel SGX enclave.
The private key never leaves the TEE, never exists in plaintext, and has no API or function that can export it.
Only the derived Ethereum address: 0xCEAf9abFdCabb04410E33B63B942b188B16dd497
, is public and holds the 1 wBTC bounty.
The contract code is verified and live on-chain at: 0xc1303edbFf5C7B9d2cb61e00Ff3a8899fAA762B8
If anyone manages to move the funds without authorization, it’s a clear indicator that the TEE itself has been compromised, not the smart contract logic.
Why This Matters
Trusted Execution Environments (TEEs) have been a cornerstone for confidential computing in blockchain, used by projects like Phala, Secret, and Crust to keep on-chain data private. But recent research has shown that TEE hardware can be vulnerable too.
In 2025, two new physical attack vectors, Battering RAM and Wiretap were disclosed, successfully breaching Intel SGX (Scalable version) and AMD SEV-SNP enclaves. Several networks using these systems were forced into emergency upgrades.
Oasis, however, claimed that its architecture remained unaffected, largely due to:
- Running on Intel SGX v1, which uses a different memory encryption design not impacted by the attacks.
- A defense-in-depth model that adds additional on-chain and governance-based security layers beyond the TEE.
This public challenge seems designed to test those claims under real-world conditions.
Technical Architecture Highlights
The Sapphire contract uses the following design principles:
- In-enclave key generation: Keypairs are generated using Sapphire’s secure randomness and stored only inside the enclave.
- No off-chain dependencies: There’s no off-chain signing service or export function.
- Hardcoded transaction paths: Even compromised owners can’t redirect withdrawals, outputs are fixed.
- On-chain authentication: Every action requires Sign-In with Ethereum (SIWE) and enclave-verified signatures.
- Production environment: This is live on Sapphire Mainnet, not a testnet or sandbox instance.
The challenge uses the same infrastructure as deployed applications — meaning it tests real production security, not a simplified simulation.
Why This Is Interesting
Most bug bounties offer rewards for vulnerabilities under specific reporting conditions. The TEE Break Challenge takes a different stance, it’s a binary outcome test.
Either:
- The Bitcoin moves, proving a TEE-level compromise, or
- It doesn’t, validating Sapphire’s enclave model under live conditions.
That approach is rare in blockchain security and the transparency of putting real funds on the line makes it especially compelling.
Duration and Participation
The challenge runs through the end of 2025, giving researchers ample time to attempt TEE-level extraction. It’s open to anyone: hardware security researchers, blockchain engineers, and academic teams interested in confidential computing.
The contract and related infrastructure are fully public. Discussion and coordination are happening in the Oasis Discord.
Closing Thoughts
Regardless of the outcome, this is one of the most practical demonstrations yet of TEE security in a live decentralized system. It’s part bounty, part experiment, and part statement, that the best way to test trust is to make it public and measurable.
If someone manages to extract the key, it’ll be a breakthrough moment in TEE research.
If not, it’s a strong validation of Sapphire’s design and Oasis’s defense-in-depth strategy.
Either way, the results will be valuable for everyone working at the intersection of hardware security and blockchain privacy.
Links:
Top comments (1)
...and stems from full confidence. This has also resulted in silencing the armchair critics who make noise without knowing the nitty-gritty of how a decentralized protocol manages its security. I think the challenge will not only "test trust" as you aptly said, but, going forward, also serve as an example for any project that uses TEEs.