The rapid development of Internet of Things (IoT) technology has led to growing concerns about data security and user privacy in the interactions within distributed systems. Decentralized Applications (DApps) in distributed systems consist of on-chain and off-chain functions, where on-chain functions are smart contracts running in the blockchain network, while off-chain functions operate outside the blockchain. Since smart contracts cannot access off-chain information, they cannot verify whether the off-chain functions, i.e. the software components, they interact with have been tampered or not. As a result, establishing mutual trust between the on-chain smart contracts and the off-chain functions remains a significant challenge. To address the challenge, this paper introduces TeeMAF, a generic framework for mutual attestation between on-chain and off-chain functions, leveraging Trusted Execution Environments (TEE), specifically Intel Software Guard Extensions (SGX), SCONE (a TEE container on top of Intel SGX), and remote attestation technologies. This ensures that the deployed off-chain functions of a DApp execute in a provably secure computing environment and achieve mutual attestation with the interacting on-chain functions. Through a security analysis of TeeMAF, the reliability of deployed DApps can be verified, ensuring their correct execution. Furthermore, based on this framework, this paper proposes a decentralized resource orchestration platform (a specific DApp) for deploying applications over untrusted environments. The system is implemented on Ethereum and benchmarked using Hyperledger Caliper. Performance evaluation focusing on throughput and latency demonstrates that, compared to platforms without a mutual attestation scheme, the performance overhead remains within an acceptable range.

翻译：物联网技术的快速发展使得分布式系统交互中的数据安全与用户隐私问题日益受到关注。分布式系统中的去中心化应用由链上功能与链下功能构成：链上功能指运行于区块链网络中的智能合约，而链下功能则在区块链外部执行。由于智能合约无法访问链下信息，其无法验证所交互的链下功能（即软件组件）是否遭受篡改。因此，在链上智能合约与链下功能间建立双向信任仍面临重大挑战。为解决该问题，本文提出TeeMAF——一种基于可信执行环境的通用链上-链下功能互认证框架，该框架综合利用可信执行环境（特别是Intel软件防护扩展）、SCONE（基于Intel SGX的可信执行容器）及远程认证技术。该框架确保去中心化应用部署的链下功能在可验证的安全计算环境中执行，并与交互的链上功能实现双向认证。通过对TeeMAF的安全性分析，可验证已部署去中心化应用的可靠性，保障其正确执行。进一步地，基于此框架，本文提出一种面向非可信环境应用部署的去中心化资源编排平台（具体去中心化应用实例）。该系统在以太坊上实现，并采用Hyperledger Caliper进行基准测试。针对吞吐量与延迟的性能评估表明，相较于未采用互认证方案的平台，本系统的性能开销仍处于可接受范围内。