Proof-of-Transmission (TEE-Based)

To ensure trust in bandwidth delivery, U2DPN leverages Trusted Execution Environments (TEEs) such as Intel SGX, AMD SEV, or AWS Nitro. Both Lightnodes and Providers run metering modules inside TEEs that count traffic volume, loss, jitter, and timestamps without exposing payload data.

Process:

• Enclave Metering – traffic counters are securely processed inside the enclave via zero-copy hooks.

• Signed Interval Records (SIRs) – every Δt (e.g., 10s), enclaves generate a digest: digest = BLAKE3(counters || route_id || salt_epoch) and sign it with an ephemeral enclave key.

• Remote Attestation – the enclave’s key is bound to its code hash (MRENCLAVE) through vendor attestation, proving authenticity.

• Cross-Hop Validation – Masternodes verify SIRs from both Lightnode and Provider, checking byte counts, jitter, and audit nonces for consistency.

• On-Chain Settlement – verified SIRs are aggregated into a Merkle tree, with roots committed on-chain for transparent payouts and reputation updates.

Security Properties:

• Authenticity: Proofs tied to verified enclave code.

• Integrity: Enclave signatures + attestation quotes.

• Privacy: Payload never leaves QUIC AEAD; only hashed counters are exported.

• Anti-Fraud: Random audit nonces and cross-hop checks prevent fabricated traffic.