Current marketplaces rely on search mechanisms with distributed systems but centralized governance, making them vulnerable to attacks, failures, censorship and biases. While search mechanisms with more decentralized governance (e.g., DeSearch) have been recently proposed, these are still exposed to information head-start attacks (IHS) despite the use of Trusted Execution Environments (TEEs). These attacks allow malicious users to gain a head-start over other users for the discovery of new assets in the market, which give them an unfair advantage in asset acquisition. We propose COoL-TEE, a TEE-based provider selection mechanism for distributed search, running in single- or multi-datacenter environments, that is resilient to information head-start attacks. COoL-TEE relies on a Client-TEE collaboration, which enables clients to distinguish between slow providers and malicious ones. Performance evaluations in single- and multi-datacenter environments show that, using COoL-TEE, malicious users respectively gain only up to 2% and 7% of assets more than without IHS, while they can claim 20% or more on top of their fair share in the same conditions with DeSearch.

翻译：当前市场依赖于采用分布式系统但集中治理的搜索机制，这使其易受攻击、故障、审查与偏见的影响。尽管近期已提出更具去中心化治理特性的搜索机制（例如DeSearch），但即使使用了可信执行环境（TEE），这些机制仍面临信息先发攻击的威胁。此类攻击使恶意用户能在市场新资产的发现过程中比其他用户获得先发优势，从而在资产获取中取得不公平的有利地位。本文提出COoL-TEE——一种基于TEE的分布式搜索提供方选择机制，可在单数据中心或多数据中心环境中运行，并能有效抵御信息先发攻击。COoL-TEE依托客户端-TEE协同机制，使客户端能够区分响应迟缓的提供方与恶意提供方。在单数据中心与多数据中心环境中的性能评估表明：采用COoL-TEE时，恶意用户相较于无信息先发攻击的情况仅能多获取最多2%与7%的资产；而在相同条件下使用DeSearch时，其可获取超出其公平份额20%乃至更多的资产。