From bb080a0e39e777c2fcdebed254b8f7177de043d4 Mon Sep 17 00:00:00 2001 From: memosr Date: Sun, 7 Jun 2026 14:04:14 +0300 Subject: [PATCH] docs(specs): tee-prover description mentions re-derivation step The tee-prover.mdx frontmatter description says the TEE prover is "an offchain service that re-executes L2 block ranges", but the spec body at line 7 specifies "re-deriving and re-executing an L2 block range". Re-derivation from L1 is the trust-critical first step in the proof: it ensures the L2 state being re-executed was actually derived from posted L1 data, not from arbitrary attacker-supplied input. Without re-derivation in the security claim, a malicious operator could feed the TEE any L2 state and the attestation would still be valid. Omitting re-derivation from the description weakens what the description actually promises about the system. Updated to match the body text. --- docs/base-chain/specs/protocol/proofs/tee-prover.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/base-chain/specs/protocol/proofs/tee-prover.mdx b/docs/base-chain/specs/protocol/proofs/tee-prover.mdx index 4fa6ea89e..7e6f91572 100644 --- a/docs/base-chain/specs/protocol/proofs/tee-prover.mdx +++ b/docs/base-chain/specs/protocol/proofs/tee-prover.mdx @@ -1,6 +1,6 @@ --- title: "TEE Prover" -description: "Specification of the TEE prover, an offchain service that re-executes L2 block ranges inside AWS Nitro Enclaves to produce signed proof material for AggregateVerifier games." +description: "Specification of the TEE prover, an offchain service that re-derives and re-executes L2 block ranges inside AWS Nitro Enclaves to produce signed proof material for AggregateVerifier games." --- The TEE prover is an offchain service that produces signed proof material for `AggregateVerifier`