iDarkPool

Problem Statement

iDarkPool is a decentralized exchange (DEX) that delivers private, MEV-resistant trade execution by combining on-chain settlement with off-chain confidential computing. Traders submit encrypted orders; those orders are matched inside a secure enclave (Intel SGX) operated via iExec, and only the finalized settlement is posted on-chain. This prevents front-running, sandwiching, and strategy leakage while preserving the auditability of on-chain outcomes. How It Works (Lifecycle)Submit (User → Chain + Enclave)The user crafts and encrypts an order locally (asset pair, side, size, limits, expiry, etc.).A small on-chain “order commitment” may be posted (or a fee escrow), while the full encrypted payload is sent to the iExec worker.Process Privately (Enclave)The SGX enclave attests its identity and code hash, then decrypts incoming orders.It validates balances/allowances, applies matching logic (price-time priority, crossing rules, limits), and builds a settlement bundle.Optional: internal netting/batching to minimize gas and slippage.Finalize On-Chain (Settlement Contract)The enclave submits a signed settlement to the smart contract.The contract verifies enclave attestation/signature, checks user approvals/escrows, and atomically transfers tokens according to the batch.The chain records only the settlement results, not the original per-order details.

Solution

iDarkPool is built by combining on-chain smart contracts with off-chain confidential computing using the iExec platform and Intel SGX technology. The goal was to design a trading workflow where order data remains private throughout the process but final settlements remain verifiable on-chain.At a high level, the system consists of three main layers:Frontend (User Interface):Built with web3 technologies (React, Ethers.js) for wallet connection, order creation, and encryption.Users generate and encrypt their orders locally using AES encryption with enclave-provided public keys.The frontend also verifies the enclave’s attestation report before sending any order data, ensuring the user interacts only with a trusted execution environment.Off-Chain Confidential Engine (iExec Worker + SGX):The core logic of iDarkPool runs inside an Intel SGX enclave hosted through iExec.Once the order is received, the enclave decrypts it, validates user balances via on-chain calls, and matches orders privately using a simple price-time priority matching engine written in Python and compiled for the SGX environment.Orders and internal state never leave the enclave unencrypted.After matching, the enclave signs a “settlement bundle” containing matched orders and trade details.On-Chain Smart Contract (Settlement Layer):Deployed on Ethereum/Base test networks using Solidity.The contract verifies the enclave’s attestation and digital signature before executing settlements.Once verified, it performs atomic token transfers between matched traders, ensuring fairness and consistency.It also manages deposits, escrows, and fee accounting.Partner Technologies:iExec: Provided confidential computing infrastructure, remote attestation APIs, and worker orchestration. This allowed us to use real SGX enclaves without managing hardware ourselves.Intel SGX: Enabled trusted execution and guaranteed that order data stayed private even from infrastructure operators.Base (L2 network): Used for faster and cheaper settlement transactions compared to mainnet Ethereum.Notable Challenges / Hacky Solutions:The iExec environment imposed limits on runtime and memory, so we had to optimize the enclave code to load only essential libraries.To simulate continuous order flow, we built a lightweight queue mechanism using iExec task storage rather than persistent databases.Since enclave logs can’t expose sensitive data, we created an encrypted debug channel for development and testing.The integration between iExec’s confidential task result handling and Solidity’s settlement verification required custom off-chain signing scripts to bridge outputs safely.