MECAT: Memory-Safe Smart Contracts in ARM TrustZone

A smart contract is a program executed on a blockchain. However, once the smart contract is deployed on the blockchain, it becomes visible to all participants and remains immutable. Thus, any sensitive information or vulnerabilities in smart contracts can be exposed to potential attackers. To protect the confidentiality of smart contracts, existing studies execute smart contracts in a trusted execution environment (TEE). However, they still suffer from vulnerabilities in smart contracts and potential memory-vulnerability problems. If an attack such as privilege escalation occurs by exploiting this vulnerability, the TEE can have a detrimental effect on the entire system as it has the most privileges in the system. To mitigate the memory vulnerability of the smart contracts in TEE, we propose MECAT, a prototype for memory-safe confidential smart contracts. In essence, MECAT runs smart contracts written in Rust, a memory-safe language, in ARM TrustZone. And MECAT is developed as a software library, allowing developers to easily apply MECAT to their smart contracts. According to our evaluation, MECAT only incurs a 1.36x performance overhead and 0.30% power overhead in single-node environments and can process the 16 clients concurrently in the network made with 8 peer nodes.