A Trusted Execution Environment (TEE) is an isolated environment that uses both special-purpose hardware and software to protect data. In general, TEEs provide a “trusted environment” inside which computations and analysis can be run while remaining invisible to any other process on the processor, the operating system, or any other privileged access.
Moreover, the manufacturer can authenticate each TEE and provide remote attestation to a user to confirm that her untampered program is actually running on a genuine TEE, even if the machine is physically located in an off-site data center.
Assuming we trust TEE manufacturers’ integrity and design competence, TEEs allow us to execute any state update without sharing our data with the blockchain validator or other users. Private token transfers, private smart contracts, and private state channels thus become possible, with little computational effort.