LogoLogo
  • Quex oracles
  • How it works?
    • Why another oracle?
    • Quex oracle security
    • Onchain verification
  • General information
    • Where to start
    • Quex approach and terminology
    • Quex data delivery modes
    • Smart contract addresses
  • Developers
    • Building with Quex
    • Getting started tutorial
    • Flow creation
    • Client callback format
    • Request oracle pool
      • Descriptive guide
      • Supported post-processing operations
      • Data encoding format
  • Data providers
    • Running your own oracle pool
    • TD oracle requirements
    • Registering your Trust Domain
    • Pool creation
    • Follow us!
Powered by GitBook
On this page
  1. How it works?

Quex oracle security

Quex oracles leverage Trusted Execution Environments (TEE) to retrieve off-chain data with cryptographic guarantees. TEEs (we currently rely on Intel's chips with TDX support), create secure enclaves where data is processed and signed within a hardware-protected environment. These secure enclaves ensure that the private keys used for data signing never leave the chip, preventing any tampering with the data retrieval process.

When a Quex oracle is initialized, it generates a private key within the TEE. The key is used to sign any data retrieved from external sources, ensuring its authenticity. By using TLS protocols within the same enclave, the system guarantees that the retrieved data remains unmodified, as the entire process—from fetching to signing—occurs within the isolated, secure environment of the TEE. This makes Quex's oracle as secure as the underlying chip it operates on, providing a hardware-level defense against manipulation.

PreviousWhy another oracle?NextOnchain verification

Last updated 7 months ago