Blockchain Registered TEE Clusters

Ternoa architecture organises enclaves in clusters to support the secret-sharing threshold scheme. Each cluster is made of 5 different enclaves (at this time). Enclaves of a cluster can either belong to a single private owner (for permission use) or be publicly distributed in different geographical locations or cloud providers.

Requests or Proposals to register or remove a cluster require approval from the technical committee of the Ternoa network, which is accessible from the Polkadot.js app for anybody who has an enclave a.k.a node operators.

Each TEE can contain multiple enclaves, while each enclave has an independent operator account. The operator can request to register the enclave to cluster or remove it from the network regarding the staking rules.

Enclaves which are members of a cluster should not share any data, while separate public clusters can peer-to-peer synchronize their corresponding “slots” to help the network reliability.

There are two types of general clusters:

• Public clusters

• Enterprise clusters

Public clusters serve to Ternoa secret network unconditionally while enterprise clusters have constraints. The key difference is the Enclave Operator. Whenever the operators are controlled or assigned by a company or are limited by legal terms, their enclaves and clusters are considered enterprises. Famous examples are the medical, financial, or military documents that can not be stored on servers outside of a country. This case is a geographical limitation on the enclave server location.