Private Data Object

A PDO encapsulates smart contract logic and its associated state within a Trusted Execution Environment (TEE) like Intel SGX. The internal state and computation are cryptographically shielded from the public blockchain, nodes, and even the application developer. Only the encrypted state and cryptographic proofs of correct execution are published on-chain.

Every state update is accompanied by a cryptographic attestation (e.g., an Intel SGX remote attestation). This proves the computation was performed by a genuine, unmodified TEE running the exact, agreed-upon code. The public blockchain verifies this attestation, ensuring integrity without revealing the private inputs or state.

The PDO's encrypted state is owned and controlled by a specific cryptographic key pair. Access policies are enforced by the TEE: only authorized parties (via their public keys) can submit transactions to update or query the private state. This enables models like selective disclosure for compliance or multi-party workflows.

While the data is private, PDOs are anchored to a public blockchain. This provides:

• Consensus Finality: The ordering and state commitments are settled on-chain.
• Composability: PDOs can interact with public smart contracts via encrypted messages, enabling hybrid public/private applications (e.g., a private DEX settling on a public AMM).

A practical application is a decentralized exchange with hidden liquidity. A PDO could manage a private Automated Market Maker (AMM) pool where:

• Liquidity provider positions and pending trades are confidential.
• The public chain only sees encrypted balances and attestations.
• The TEE enforces the AMM logic (e.g., constant product formula) and generates valid proofs, ensuring the public settlement is correct.

PDOs differ from other privacy solutions:

• vs. ZK-Rollups: ZK-Rollups prove public state transitions with zero-knowledge proofs. PDOs keep the state itself private and use TEE attestations.
• vs. Multi-Party Computation (MPC): MPC distributes trust across multiple parties. PDOs centralize trust in a hardware root (the TEE) for higher performance but introduce different trust assumptions.

PDOs enable confidential smart contracts where sensitive inputs and state are encrypted. This allows for applications like:

• Private voting with verifiable, anonymous tallies.
• Sealed-bid auctions where bids are hidden until reveal.
• Selective disclosure of personal data (e.g., KYC) to specific parties.

PDOs form the backbone of self-sovereign identity (SSI) systems. Users can store verifiable credentials (like diplomas or licenses) in a PDO, proving claims without revealing the underlying data. The PDO acts as a private, user-controlled data vault that can be accessed via zero-knowledge proofs.

PDOs facilitate Secure Multi-Party Computation (MPC), allowing multiple parties to jointly compute a function over their private inputs. For example:

• Privacy-preserving data analytics across competing firms.
• Federated machine learning where model training data never leaves its PDO.
• Cross-organizational fraud detection without sharing raw transaction logs.

In decentralized finance (DeFi), PDOs can be used to create private tokens or obscure transaction details. This enables:

• Confidential transfers of value, hiding amounts and participant addresses on-chain.
• Private liquidity pools where trading strategies and positions are not publicly visible.
• Compliance with regulations like GDPR by keeping personal financial data off the public ledger.

PDOs allow companies in a supply chain to share sensitive commercial data (e.g., prices, quality reports, shipment details) securely with authorized partners. Each participant can cryptographically prove the authenticity and state of goods without exposing proprietary business information to competitors or the public ledger.

PDOs enable secure, auditable sharing of electronic health records (EHRs). Patients grant granular access to healthcare providers and researchers. Data remains encrypted within the PDO, with access logs and computations (e.g., for clinical trials) being verifiable on-chain without compromising patient confidentiality.

Confidential Computing is the paradigm of performing computation on encrypted data while it remains encrypted in memory. PDOs are a primary implementation of this concept. The goal is to eliminate data exposure to the underlying system (e.g., cloud provider, operating system, other applications), ensuring data is only processed by authorized code within a secure enclave.

A Zero-Knowledge Proof is a cryptographic method where one party (the prover) can prove to another (the verifier) that a statement is true without revealing any information beyond the validity of the statement itself. While PDOs protect data during computation, ZKPs are used to prove the correctness of a computation's output without revealing the private inputs, offering a complementary, cryptographically verifiable layer of privacy.

A Secure Enclave is the specific instantiation of a Trusted Execution Environment. It is a hardware-isolated memory region with encrypted contents and a unique cryptographic identity. The Intel Software Guard Extensions (SGX) enclave is the most common environment for running PDOs, providing the attested, protected sandbox where private data is decrypted and processed.

Remote Attestation is the cryptographic protocol that allows a remote party to verify the identity and integrity of a software enclave (like a PDO) running inside a TEE. It proves:

• The code is running on genuine hardware.
• The correct, expected application is loaded.
• The enclave has not been tampered with. This is critical for establishing trust before sending encrypted data to a PDO.

Oblivious RAM is a cryptographic primitive that hides patterns of data access (read/write operations) from an observer, even one who can monitor memory traffic. While a TEE protects data at rest in memory, ORAM can be used within a PDO to protect against certain side-channel attacks that might infer information from memory access patterns, providing an additional layer of privacy.