π§ββοΈThe Enclave Contract
The 'Enclave contract' is where the magic happens - it exists on the Oasis Network's Sapphire paratime and stores all of the state for CoinStir. The Enclave contract exists inside of a 'Trusted Execution Environment', also known as a 'TEE'. Only the Enclave contract is able to query data stored inside of the TEE, which means the Enclave must explicitly grant users permission to access specific information. In this way, users are assured their transactional history remains private, while still being allowed to access that data themselves.
Upon a deposit into the Host contract, the depositor and value of the transaction are passed to the Enclave by the IM Bridge where they are stored, while nothing outside of the funds are stored on the Host contract. The deposit itself is a public action, but what happens with the funds from there is not traceable back to the user.
Conversely - upon transfer or withdrawal, users interact directly with the Enclave contract on Sapphire. In order to ensure privacy of this event and to facilitate a frictionless user experience, the front-end is actually creating a meta-transaction on behalf of the user. This simply means that the context of the users transaction such as the sender, recipient and value etc. are formatted into a specific type of message by the Enclave, and executed by a separate account altogether called the CoinStir Executor. This happens automatically upon the user initiating the transaction, and it prevents the users wallet address from being exposed by directly interacting with the Enclave. Additionally, this prevents the user from needing to purchase the Sapphire gas token, $ROSE.
If the Enclave is looked up on a block explorer, viewers will only see the CoinStir Executor interacting with the Enclave, and never their own account.
Last updated