docs(specs): tee-prover description mentions re-derivation step#1591
Open
memosr wants to merge 1 commit into
Open
docs(specs): tee-prover description mentions re-derivation step#1591memosr wants to merge 1 commit into
memosr wants to merge 1 commit into
Conversation
The tee-prover.mdx frontmatter description says the TEE prover is "an offchain service that re-executes L2 block ranges", but the spec body at line 7 specifies "re-deriving and re-executing an L2 block range". Re-derivation from L1 is the trust-critical first step in the proof: it ensures the L2 state being re-executed was actually derived from posted L1 data, not from arbitrary attacker-supplied input. Without re-derivation in the security claim, a malicious operator could feed the TEE any L2 state and the attestation would still be valid. Omitting re-derivation from the description weakens what the description actually promises about the system. Updated to match the body text.
Collaborator
🟡 Heimdall Review Status
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The TEE prover spec's frontmatter description says the prover "re-executes L2 block ranges", but the spec body explicitly includes re-derivation as part of the proof. Re-derivation is the trust-critical first step — omitting it from the description weakens what the page promises about the system's security model.
The drift
docs/base-chain/specs/protocol/proofs/tee-prover.mdx:3— frontmatter:Spec body, line 7:
Re-derivation and re-execution are two distinct steps:
Without step 1, step 2 is just "the operator hands the TEE some L2 state and asks it to re-execute" — which proves nothing about whether that state was honestly derived from L1. The security guarantee comes from the combination.
Why this matters
The frontmatter description shows up wherever the page is previewed (sidebar tooltips, search results, social embeds). Describing the TEE prover as a service that "re-executes L2 block ranges" reads naturally as "the TEE runs the block again and signs the result" — which is technically true but misses the security-relevant half of the system.
A reader who only reads the description forms a weaker mental model of the trust assumption than the page itself documents. Aligning the description with the body fixes that.
The fix
Single-line change. Matches the spec body verbatim.
Verification
docs/base-chain/specs/protocol/proofs/tee-prover.mdx