Ethereum’s transparency has lengthy been considered one of its biggest strengths, however for a lot of real-world purposes, it has additionally change into a structural limitation. From MEV-driven buying and selling inefficiencies to information leakage in DeFi, gaming, and AI-driven workflows, the idea that every thing have to be public so as to be verifiable is more and more being challenged.
TEN Protocol is constructed round a special premise: that computation can stay provably right with out forcing customers, builders, and companies to reveal delicate inputs, methods, or logic to all the market.
On this CryptoSlate Q&A, the group behind TEN Protocol explains its idea of “compute in confidence” and why they consider privacy-first execution is a lacking primitive in Ethereum’s scaling roadmap.
Fairly than launching a separate privateness ecosystem, TEN is designed as a full EVM atmosphere anchored to Ethereum settlement and liquidity, permitting builders to selectively select what ought to stay public and what ought to execute confidentially.
The dialogue explores how this hybrid mannequin reshapes consumer expertise, mitigates MEV, allows sealed-bid markets and hidden order move, and unlocks new classes of purposes, from verifiable AI brokers to provably truthful iGaming.
It additionally addresses the safety and governance trade-offs of utilizing Trusted Execution Environments, and the way TEN’s structure is designed to make failures detectable, contained, and recoverable relatively than silently catastrophic.
Collectively, the Q&A affords an in depth take a look at how selective confidentiality might redefine belief, composability, and usefulness throughout the Ethereum ecosystem. 
For readers who’re new to TEN Protocol, how do you clarify in easy phrases what “compute in confidence” means and what drawback TEN is definitely fixing that present Ethereum L2s don’t?
At its easiest, “compute in confidence” means you should utilize a dapp with out broadcasting your intent, your technique, or your delicate information to everybody watching the chain.
On most Ethereum L2s in the present day, transparency is the default. Each transaction, its parameters, the intermediate execution steps and sometimes even the “why” behind an motion are seen. That stage of openness is highly effective for verification, however in apply it creates very actual issues. Trades get front-run or sandwiched. Wallets and dapps leak behavioural and financial information. Video games and auctions wrestle to remain each truthful and personal. And lots of real-world or enterprise workflows merely can not function if inputs and logic need to be public by design.
That is the core structural limitation TEN addresses. Ethereum was constructed on the idea that information have to be seen so as to be verifiable. TEN retains verifiability intact, however removes the concept that information itself needs to be uncovered. With the precise privateness expertise, you’ll be able to show computation is right with out revealing the underlying inputs or logic.
What meaning in apply is confidence. Confidence that node operators can’t front-run you. That video games aren’t quietly rigged. That bids aren’t being copied in actual time. That rivals aren’t spying on technique. That dapps aren’t extracting or monetising non-public consumer inputs.
You continue to get Ethereum-grade safety and verification. You simply don’t need to put every thing on show to get it.
There are different privacy-focused and TEE-oriented tasks in crypto; what’s concretely completely different about TEN’s structure and menace mannequin in comparison with issues like privateness L1s, rollups with off-chain proving, or MPC-based approaches?
TEN is constructed as privacy-first Ethereum execution, not as a parallel ecosystem. The objective could be very slender and really intentional: run EVM-style purposes with selective confidentiality, whereas maintaining settlement, composability, and liquidity anchored to Ethereum itself.
That design alternative is what actually units TEN aside in apply.
When you take a look at privateness L1s, they typically ask builders to maneuver into a brand new world. New tooling, new execution semantics, and completely different assumptions round composability are widespread. TEN takes the other method. It’s meant to really feel like Ethereum, not change it. Builders maintain the EVM, the requirements they already use, and entry to present liquidity, whereas gaining confidentiality solely the place it truly issues.
ZK-based non-public execution affords extraordinarily robust privateness ensures, however these ensures often include trade-offs for general-purpose purposes. Circuit complexity, efficiency constraints, and developer friction could make on a regular basis app growth tougher than it must be. TEN makes use of TEEs as an alternative, focusing on general-purpose confidential compute with a really completely different efficiency and developer-experience profile.
MPC-based approaches keep away from trusting {hardware} distributors, which is an actual benefit, however they introduce their very own challenges. Coordination overhead, latency, and operational complexity can shortly translate right into a poor consumer expertise for regular purposes. TEN accepts a hardware-rooted belief assumption, after which focuses on mitigating it via governance, redundancy, and rigorous safety engineering.
On the core, the differentiator is that this hybrid mannequin. Issues that needs to be public, like finality, auditability, and settlement, keep public. Issues that have to be non-public, like inputs, order move, methods, and secret state, stay confidential.
You speak about TEN making crypto really feel like “regular apps” for finish customers, non-public, easy, reliable; what does that appear like from a UX perspective, and the way will utilizing a TEN powered dapp really feel completely different from utilizing a typical Ethereum dapp in the present day?
At a consumer stage, it removes the fixed feeling that every thing you do is seen and probably exploitable.
In a TEN-powered dapp, that exhibits up in small however significant methods. There’s no mempool nervousness and no watching your trades get sandwiched in actual time. Intent is non-public by default, whether or not that’s bids, methods, or execution thresholds. Customers don’t need to depend on defensive workarounds like non-public RPCs or handbook slippage hacks simply to really feel protected utilizing an app.
What you’re left with is a a lot cleaner psychological mannequin, one which’s nearer to Web2. You assume that your inputs and the appliance’s enterprise logic aren’t routinely public, as a result of in most software program, they aren’t.
The shift itself is delicate, nevertheless it’s elementary. Privateness stops being a bolt-on characteristic or a sophisticated setting solely energy customers perceive, and as an alternative turns into a core product primitive that’s merely there by default.
Trusted Execution Environments introduce a special type of belief assumption, specifically reliance on {hardware} distributors and enclave safety; how do you deal with considerations about side-channel assaults, backdoors, or vendor-level failures in your safety and governance mannequin?
That’s precisely the correct of skepticism. TEN’s place isn’t that TEEs are magic or risk-free. It’s about being express in regards to the menace mannequin and designing the system so {that a} compromise isn’t silently catastrophic.
TEN assumes enclaves present confidentiality and integrity inside outlined bounds, after which builds round that assumption relatively than pretending it doesn’t exist. The objective is to make failures detectable, contained, and recoverable, not invisible.
From a safety perspective, this exhibits up as defense-in-depth. There are robust distant attestation necessities, managed code measurement and reproducible builds, and strict key-management practices, together with sealed keys, rotation, and tightly scoped permissions. The enclave assault floor is intentionally minimized, with as little privileged code as attainable working inside it.
Redundancy and fail-safe design are simply as essential. TEN avoids architectures the place one enclave successfully guidelines the system. The place attainable, it depends on multi-operator assumptions and constructions protocols in order that even a compromised enclave can not rewrite historical past or forge settlement on Ethereum.
Governance and operational readiness full the image. Safety isn’t solely about cryptography; it’s additionally about how shortly and transparently a system can reply. That features patching, revocations, enclave model pinning, and clear incident playbooks that may be executed with out ambiguity.
The underside line is that this: TEN isn’t asking customers to “belief nothing.” It’s about decreasing the sensible belief it is advisable to place in operators and counterparties, and concentrating the remaining belief right into a a lot narrower, auditable floor.
On the DeFi facet, how do sealed-bid auctions, hidden order books, and MEV-resistant routing truly work on TEN in apply, and the way can customers or regulators achieve confidence in programs the place the core buying and selling logic and order move are deliberately encrypted?
At a excessive stage, TEN works by altering what’s public by default.
Take sealed-bid auctions. As a substitute of broadcasting bids within the clear, customers submit them in encrypted kind. The public sale logic runs inside a TEE, so particular person bids are by no means uncovered throughout execution. Relying on how the public sale is designed, bids could solely be revealed at settlement, or not revealed in any respect, with solely the ultimate end result printed on-chain. That single change eliminates bid sniping, copy-trading, and the strategic leakage that plagues open auctions in the present day.
The identical concept applies to hidden order books. Orders aren’t seen in a manner that lets others reconstruct intent or technique in actual time. Merchants are protected against being systematically copied or exploited, whereas the system nonetheless produces execution outcomes that may be verified after the actual fact.
MEV-resistant routing follows naturally from this mannequin. As a result of consumer intent isn’t broadcast to a public mempool, the basic MEV pipeline of see, copy, and sandwich merely doesn’t exist. There’s nothing to front-run within the first place.
That naturally raises the belief query. If the core logic and order move are encrypted, how can customers or regulators be assured the system is behaving accurately?
The reply is that TEN separates privateness of inputs from verifiability of outcomes. Even when inputs are non-public, the principles should not. Anybody can verify that the matching engine adopted the printed algorithm, that clearing costs had been computed accurately, and that no hidden desire or manipulation happened.
On prime of that, there are clear audit surfaces and mechanisms for selective disclosure. Regulators or auditors may be granted entry below outlined situations, whereas the general public nonetheless sees cryptographic commitments and on-chain proofs that execution was right.
The result’s a mix that’s uncommon in in the present day’s DeFi: confidentiality of order move paired with accountability of outcomes.
Verifiable AI brokers are considered one of your flagship use circumstances; are you able to stroll via a concrete instance of an AI agent working on TEN, what stays non-public, what’s publicly verifiable on-chain, and why that’s higher than working the identical agent completely off-chain?
A easy manner to consider that is an AI-driven treasury rebalancer for a protocol.
When that agent runs on TEN, a number of what makes it worthwhile stays non-public by design. The mannequin weights or prompts, which are sometimes the core mental property, by no means need to be uncovered. Proprietary indicators and paid information feeds stay confidential. Inner danger limits, intermediate reasoning, and choice logic aren’t leaked to the market. Even the execution intent stays non-public till the second it’s dedicated.
On the similar time, there’s a transparent set of issues which might be publicly verifiable on-chain. Anybody can verify that the authorized code truly ran, through attestation. They’ll confirm that a certified coverage module enforced the related constraints, and that the ensuing actions revered the outlined invariants. The ultimate state transitions and settlement nonetheless occur on Ethereum, within the open, as typical.
That mixture is what makes this meaningfully higher than working the identical agent completely off-chain. Off-chain brokers in the end ask customers to belief logs, operators, or unverifiable claims that “the bot adopted the principles.” TEN removes that blind belief. It lets brokers maintain their aggressive edge non-public, whereas nonetheless proving to customers, DAOs, and counterparties that they acted strictly inside their mandate.
iGaming has traditionally been affected by belief points, bots, and opaque RNG; how does TEN allow provably truthful video games whereas nonetheless maintaining RNG seeds, anti bot logic, and recreation methods non-public, and the way do you see this becoming into present regulatory frameworks for on-line gaming?
iGaming has at all times been constructed round a elementary battle: transparency is required to show equity, however secrecy is important to guard RNG programs, safety controls, and anti-bot logic. Expose an excessive amount of, and the system is gamed. Disguise an excessive amount of, and belief collapses.
TEN resolves that battle via selective confidentiality. Delicate elements keep non-public, whereas the principles and outcomes stay provable.
On randomness, this permits “provably truthful” to be literal relatively than aspirational. Video games can use commit-reveal and verifiable randomness schemes the place randomness is dedicated to prematurely, outcomes are independently verifiable by gamers, and RNG seeds stay non-public till it’s protected to reveal, or are solely partially revealed. Gamers get confidence in equity with out attackers gaining a usable blueprint.
The identical precept applies to anti-bot and danger controls. Bot-detection heuristics and fraud programs run confidentially, which issues as a result of as soon as these mechanisms are public, subtle actors adapt instantly. Protecting them non-public preserves their effectiveness whereas nonetheless permitting the system to supply verifiable outcomes.
Extra broadly, this permits provable recreation integrity. Gamers can confirm {that a} recreation adopted its printed guidelines and that outcomes weren’t manipulated, with out exposing delicate internals like safety logic, thresholds, or technique parameters.
From a regulatory perspective, this maps cleanly onto present frameworks. Regulators sometimes care about auditability, equity ensures, and enforceable controls, not about forcing each inside mechanism into the open. TEN’s mannequin of verifiable outcomes mixed with selective disclosure aligns naturally with these necessities.
From a developer’s standpoint, what does constructing a “selectively non-public” sensible contract on TEN appear like, how do they mark features for TEE execution, and the way do they check and debug logic that they can not simply sign off to a public mempool?
From a developer’s standpoint, the best manner to consider TEN is that you simply’re constructing with two execution zones.
There’s a public zone, which appears like regular Ethereum growth: normal EVM logic, public state, and composable contracts that behave the way in which you count on on any L2.
Then there’s the confidential zone, the place particular features and items of state execute inside TEEs, with encrypted inputs and tightly managed disclosure.
In apply, builders explicitly determine what ought to run “in confidence” and what ought to stay public. The confidential facet is the place you’d put issues like commerce matching, RNG, technique analysis, or secret storage, whereas every thing else stays within the open for composability and settlement.
The workflow shift exhibits up most in testing and debugging, as a result of you’ll be able to’t deal with the general public mempool as your always-on debug console. As a substitute, testing and debugging sometimes leans on native devnets with enclave-like execution, deterministic check vectors, and managed debug modes throughout growth. And relatively than counting on public logs, you validate behaviour via verifiable commitments and invariants, proving that the system stayed inside the guidelines even when the inputs are non-public.
The important thing change is transferring away from mempool introspection as a debugging crutch, and designing for provable correctness from the beginning.
You spotlight composability between non-public and public elements as a key differentiator; what new utility patterns do you count on to emerge from this hybrid mannequin, and the way can present Ethereum protocols combine TEN with out fully rewriting their stack?
TEN’s hybrid mannequin unlocks utility patterns which might be both extraordinarily troublesome or just not attainable on chains which might be clear by default.
One apparent sample is non-public execution with public settlement. Delicate logic like commerce matching, technique analysis, RNG, or danger controls can run confidentially, whereas the ultimate outcomes nonetheless settle publicly on Ethereum. You get privateness the place it issues, with out giving up verifiability or composability.
One other space is protected value discovery and darkish liquidity. Sealed bids, hidden order books, and personal routing make it attainable to run fairer markets, whereas nonetheless producing outcomes which might be verifiable on-chain. The market will get integrity with out turning each participant’s intent into public information.
Video games and AI brokers are one other pure match. Arms, methods, prompts, or mannequin internals can stay non-public, whereas equity, correctness, and settlement keep provable. That mixture could be very laborious to attain in a completely clear execution atmosphere.
You additionally begin to see selective disclosure purposes emerge. Issues like id, fame, compliance, or eligibility checks can keep non-public, whereas nonetheless implementing public guidelines and producing auditable outcomes.
What makes TEN distinct is that none of this requires abandoning Ethereum. TEN is a full EVM, so present Ethereum sensible contracts deploy on TEN out of the field and behave precisely as builders count on. The distinction is that they instantly achieve the choice to run elements of their logic in confidence.
For a lot of protocols, integration may be easy. Groups can deploy the identical contracts to TEN alongside Ethereum, maintain the general public model unchanged, after which progressively allow confidential execution the place it provides essentially the most worth.
That naturally creates two adoption paths. Some groups will take the minimal-effort route, deploying present contracts unchanged and gaining each a public and confidential occasion with virtually no further work. Others will take a progressive method, selectively transferring high-value flows like order move, auctions, video games, or agent logic into confidential execution over time.
The important thing level is that TEN doesn’t power builders to decide on between composability and confidentiality. It lets them maintain Ethereum’s ecosystem, liquidity, and tooling, whereas making privateness a first-class functionality relatively than a bolt-on.
Who operates the enclaves and infrastructure that energy TEN, how do you keep away from centralization round a small set of operators, and what does the roadmap appear like for decentralizing the community, bootstrapping the ecosystem, and attracting the primary breakout apps on TEN?
Like most new networks, TEN begins with a sensible bootstrap section. Early on, meaning a smaller, extra curated set of operators and infrastructure, with the main focus squarely on reliability and safety. The objective at this stage isn’t maximal decentralization on day one, however ensuring the system works predictably and safely as builders begin constructing actual purposes on it.
Avoiding long-term centralization is the place the structure and incentives actually matter. The roadmap is constructed round permissionless operator onboarding, paired with robust attestation necessities so operators can show they’re working the precise code in the precise atmosphere. Financial incentives are designed to encourage many unbiased operators relatively than a small cartel, and there’s an express emphasis on geographic and organizational range. On prime of that, efficiency and safety standards are clear, and the protocol itself is structured to stop any single operator from dominating execution.
When it comes to how the roadmap unfolds, the primary section is about bootstrapping reliability and developer tooling. As soon as that basis is strong, the main focus shifts to delivery flagship purposes that genuinely want confidentiality, issues like iGaming, protected DeFi workflows, and verifiable AI brokers. From there, operator participation expands, governance decentralizes, and the safety posture continues to harden as extra worth flows via the community and the stakes rise.
That’s what units up the ecosystem flywheel. Builders don’t come to TEN simply because it’s one other EVM; they arrive as a result of it affords capabilities they will’t get elsewhere.
The breakout app thesis is simple. The primary actually profitable TEN-native utility might be one thing that both can not exist, or can’t be aggressive, on transparent-by-default chains. In that case, confidentiality isn’t a checkbox characteristic. It’s the product itself.
Ethereum’s transparency has lengthy been considered one of its biggest strengths, however for a lot of real-world purposes, it has additionally change into a structural limitation. From MEV-driven buying and selling inefficiencies to information leakage in DeFi, gaming, and AI-driven workflows, the idea that every thing have to be public so as to be verifiable is more and more being challenged.
TEN Protocol is constructed round a special premise: that computation can stay provably right with out forcing customers, builders, and companies to reveal delicate inputs, methods, or logic to all the market.
On this CryptoSlate Q&A, the group behind TEN Protocol explains its idea of “compute in confidence” and why they consider privacy-first execution is a lacking primitive in Ethereum’s scaling roadmap.
Fairly than launching a separate privateness ecosystem, TEN is designed as a full EVM atmosphere anchored to Ethereum settlement and liquidity, permitting builders to selectively select what ought to stay public and what ought to execute confidentially.
The dialogue explores how this hybrid mannequin reshapes consumer expertise, mitigates MEV, allows sealed-bid markets and hidden order move, and unlocks new classes of purposes, from verifiable AI brokers to provably truthful iGaming.
It additionally addresses the safety and governance trade-offs of utilizing Trusted Execution Environments, and the way TEN’s structure is designed to make failures detectable, contained, and recoverable relatively than silently catastrophic.
Collectively, the Q&A affords an in depth take a look at how selective confidentiality might redefine belief, composability, and usefulness throughout the Ethereum ecosystem. 
For readers who’re new to TEN Protocol, how do you clarify in easy phrases what “compute in confidence” means and what drawback TEN is definitely fixing that present Ethereum L2s don’t?
At its easiest, “compute in confidence” means you should utilize a dapp with out broadcasting your intent, your technique, or your delicate information to everybody watching the chain.
On most Ethereum L2s in the present day, transparency is the default. Each transaction, its parameters, the intermediate execution steps and sometimes even the “why” behind an motion are seen. That stage of openness is highly effective for verification, however in apply it creates very actual issues. Trades get front-run or sandwiched. Wallets and dapps leak behavioural and financial information. Video games and auctions wrestle to remain each truthful and personal. And lots of real-world or enterprise workflows merely can not function if inputs and logic need to be public by design.
That is the core structural limitation TEN addresses. Ethereum was constructed on the idea that information have to be seen so as to be verifiable. TEN retains verifiability intact, however removes the concept that information itself needs to be uncovered. With the precise privateness expertise, you’ll be able to show computation is right with out revealing the underlying inputs or logic.
What meaning in apply is confidence. Confidence that node operators can’t front-run you. That video games aren’t quietly rigged. That bids aren’t being copied in actual time. That rivals aren’t spying on technique. That dapps aren’t extracting or monetising non-public consumer inputs.
You continue to get Ethereum-grade safety and verification. You simply don’t need to put every thing on show to get it.
There are different privacy-focused and TEE-oriented tasks in crypto; what’s concretely completely different about TEN’s structure and menace mannequin in comparison with issues like privateness L1s, rollups with off-chain proving, or MPC-based approaches?
TEN is constructed as privacy-first Ethereum execution, not as a parallel ecosystem. The objective could be very slender and really intentional: run EVM-style purposes with selective confidentiality, whereas maintaining settlement, composability, and liquidity anchored to Ethereum itself.
That design alternative is what actually units TEN aside in apply.
When you take a look at privateness L1s, they typically ask builders to maneuver into a brand new world. New tooling, new execution semantics, and completely different assumptions round composability are widespread. TEN takes the other method. It’s meant to really feel like Ethereum, not change it. Builders maintain the EVM, the requirements they already use, and entry to present liquidity, whereas gaining confidentiality solely the place it truly issues.
ZK-based non-public execution affords extraordinarily robust privateness ensures, however these ensures often include trade-offs for general-purpose purposes. Circuit complexity, efficiency constraints, and developer friction could make on a regular basis app growth tougher than it must be. TEN makes use of TEEs as an alternative, focusing on general-purpose confidential compute with a really completely different efficiency and developer-experience profile.
MPC-based approaches keep away from trusting {hardware} distributors, which is an actual benefit, however they introduce their very own challenges. Coordination overhead, latency, and operational complexity can shortly translate right into a poor consumer expertise for regular purposes. TEN accepts a hardware-rooted belief assumption, after which focuses on mitigating it via governance, redundancy, and rigorous safety engineering.
On the core, the differentiator is that this hybrid mannequin. Issues that needs to be public, like finality, auditability, and settlement, keep public. Issues that have to be non-public, like inputs, order move, methods, and secret state, stay confidential.
You speak about TEN making crypto really feel like “regular apps” for finish customers, non-public, easy, reliable; what does that appear like from a UX perspective, and the way will utilizing a TEN powered dapp really feel completely different from utilizing a typical Ethereum dapp in the present day?
At a consumer stage, it removes the fixed feeling that every thing you do is seen and probably exploitable.
In a TEN-powered dapp, that exhibits up in small however significant methods. There’s no mempool nervousness and no watching your trades get sandwiched in actual time. Intent is non-public by default, whether or not that’s bids, methods, or execution thresholds. Customers don’t need to depend on defensive workarounds like non-public RPCs or handbook slippage hacks simply to really feel protected utilizing an app.
What you’re left with is a a lot cleaner psychological mannequin, one which’s nearer to Web2. You assume that your inputs and the appliance’s enterprise logic aren’t routinely public, as a result of in most software program, they aren’t.
The shift itself is delicate, nevertheless it’s elementary. Privateness stops being a bolt-on characteristic or a sophisticated setting solely energy customers perceive, and as an alternative turns into a core product primitive that’s merely there by default.
Trusted Execution Environments introduce a special type of belief assumption, specifically reliance on {hardware} distributors and enclave safety; how do you deal with considerations about side-channel assaults, backdoors, or vendor-level failures in your safety and governance mannequin?
That’s precisely the correct of skepticism. TEN’s place isn’t that TEEs are magic or risk-free. It’s about being express in regards to the menace mannequin and designing the system so {that a} compromise isn’t silently catastrophic.
TEN assumes enclaves present confidentiality and integrity inside outlined bounds, after which builds round that assumption relatively than pretending it doesn’t exist. The objective is to make failures detectable, contained, and recoverable, not invisible.
From a safety perspective, this exhibits up as defense-in-depth. There are robust distant attestation necessities, managed code measurement and reproducible builds, and strict key-management practices, together with sealed keys, rotation, and tightly scoped permissions. The enclave assault floor is intentionally minimized, with as little privileged code as attainable working inside it.
Redundancy and fail-safe design are simply as essential. TEN avoids architectures the place one enclave successfully guidelines the system. The place attainable, it depends on multi-operator assumptions and constructions protocols in order that even a compromised enclave can not rewrite historical past or forge settlement on Ethereum.
Governance and operational readiness full the image. Safety isn’t solely about cryptography; it’s additionally about how shortly and transparently a system can reply. That features patching, revocations, enclave model pinning, and clear incident playbooks that may be executed with out ambiguity.
The underside line is that this: TEN isn’t asking customers to “belief nothing.” It’s about decreasing the sensible belief it is advisable to place in operators and counterparties, and concentrating the remaining belief right into a a lot narrower, auditable floor.
On the DeFi facet, how do sealed-bid auctions, hidden order books, and MEV-resistant routing truly work on TEN in apply, and the way can customers or regulators achieve confidence in programs the place the core buying and selling logic and order move are deliberately encrypted?
At a excessive stage, TEN works by altering what’s public by default.
Take sealed-bid auctions. As a substitute of broadcasting bids within the clear, customers submit them in encrypted kind. The public sale logic runs inside a TEE, so particular person bids are by no means uncovered throughout execution. Relying on how the public sale is designed, bids could solely be revealed at settlement, or not revealed in any respect, with solely the ultimate end result printed on-chain. That single change eliminates bid sniping, copy-trading, and the strategic leakage that plagues open auctions in the present day.
The identical concept applies to hidden order books. Orders aren’t seen in a manner that lets others reconstruct intent or technique in actual time. Merchants are protected against being systematically copied or exploited, whereas the system nonetheless produces execution outcomes that may be verified after the actual fact.
MEV-resistant routing follows naturally from this mannequin. As a result of consumer intent isn’t broadcast to a public mempool, the basic MEV pipeline of see, copy, and sandwich merely doesn’t exist. There’s nothing to front-run within the first place.
That naturally raises the belief query. If the core logic and order move are encrypted, how can customers or regulators be assured the system is behaving accurately?
The reply is that TEN separates privateness of inputs from verifiability of outcomes. Even when inputs are non-public, the principles should not. Anybody can verify that the matching engine adopted the printed algorithm, that clearing costs had been computed accurately, and that no hidden desire or manipulation happened.
On prime of that, there are clear audit surfaces and mechanisms for selective disclosure. Regulators or auditors may be granted entry below outlined situations, whereas the general public nonetheless sees cryptographic commitments and on-chain proofs that execution was right.
The result’s a mix that’s uncommon in in the present day’s DeFi: confidentiality of order move paired with accountability of outcomes.
Verifiable AI brokers are considered one of your flagship use circumstances; are you able to stroll via a concrete instance of an AI agent working on TEN, what stays non-public, what’s publicly verifiable on-chain, and why that’s higher than working the identical agent completely off-chain?
A easy manner to consider that is an AI-driven treasury rebalancer for a protocol.
When that agent runs on TEN, a number of what makes it worthwhile stays non-public by design. The mannequin weights or prompts, which are sometimes the core mental property, by no means need to be uncovered. Proprietary indicators and paid information feeds stay confidential. Inner danger limits, intermediate reasoning, and choice logic aren’t leaked to the market. Even the execution intent stays non-public till the second it’s dedicated.
On the similar time, there’s a transparent set of issues which might be publicly verifiable on-chain. Anybody can verify that the authorized code truly ran, through attestation. They’ll confirm that a certified coverage module enforced the related constraints, and that the ensuing actions revered the outlined invariants. The ultimate state transitions and settlement nonetheless occur on Ethereum, within the open, as typical.
That mixture is what makes this meaningfully higher than working the identical agent completely off-chain. Off-chain brokers in the end ask customers to belief logs, operators, or unverifiable claims that “the bot adopted the principles.” TEN removes that blind belief. It lets brokers maintain their aggressive edge non-public, whereas nonetheless proving to customers, DAOs, and counterparties that they acted strictly inside their mandate.
iGaming has traditionally been affected by belief points, bots, and opaque RNG; how does TEN allow provably truthful video games whereas nonetheless maintaining RNG seeds, anti bot logic, and recreation methods non-public, and the way do you see this becoming into present regulatory frameworks for on-line gaming?
iGaming has at all times been constructed round a elementary battle: transparency is required to show equity, however secrecy is important to guard RNG programs, safety controls, and anti-bot logic. Expose an excessive amount of, and the system is gamed. Disguise an excessive amount of, and belief collapses.
TEN resolves that battle via selective confidentiality. Delicate elements keep non-public, whereas the principles and outcomes stay provable.
On randomness, this permits “provably truthful” to be literal relatively than aspirational. Video games can use commit-reveal and verifiable randomness schemes the place randomness is dedicated to prematurely, outcomes are independently verifiable by gamers, and RNG seeds stay non-public till it’s protected to reveal, or are solely partially revealed. Gamers get confidence in equity with out attackers gaining a usable blueprint.
The identical precept applies to anti-bot and danger controls. Bot-detection heuristics and fraud programs run confidentially, which issues as a result of as soon as these mechanisms are public, subtle actors adapt instantly. Protecting them non-public preserves their effectiveness whereas nonetheless permitting the system to supply verifiable outcomes.
Extra broadly, this permits provable recreation integrity. Gamers can confirm {that a} recreation adopted its printed guidelines and that outcomes weren’t manipulated, with out exposing delicate internals like safety logic, thresholds, or technique parameters.
From a regulatory perspective, this maps cleanly onto present frameworks. Regulators sometimes care about auditability, equity ensures, and enforceable controls, not about forcing each inside mechanism into the open. TEN’s mannequin of verifiable outcomes mixed with selective disclosure aligns naturally with these necessities.
From a developer’s standpoint, what does constructing a “selectively non-public” sensible contract on TEN appear like, how do they mark features for TEE execution, and the way do they check and debug logic that they can not simply sign off to a public mempool?
From a developer’s standpoint, the best manner to consider TEN is that you simply’re constructing with two execution zones.
There’s a public zone, which appears like regular Ethereum growth: normal EVM logic, public state, and composable contracts that behave the way in which you count on on any L2.
Then there’s the confidential zone, the place particular features and items of state execute inside TEEs, with encrypted inputs and tightly managed disclosure.
In apply, builders explicitly determine what ought to run “in confidence” and what ought to stay public. The confidential facet is the place you’d put issues like commerce matching, RNG, technique analysis, or secret storage, whereas every thing else stays within the open for composability and settlement.
The workflow shift exhibits up most in testing and debugging, as a result of you’ll be able to’t deal with the general public mempool as your always-on debug console. As a substitute, testing and debugging sometimes leans on native devnets with enclave-like execution, deterministic check vectors, and managed debug modes throughout growth. And relatively than counting on public logs, you validate behaviour via verifiable commitments and invariants, proving that the system stayed inside the guidelines even when the inputs are non-public.
The important thing change is transferring away from mempool introspection as a debugging crutch, and designing for provable correctness from the beginning.
You spotlight composability between non-public and public elements as a key differentiator; what new utility patterns do you count on to emerge from this hybrid mannequin, and the way can present Ethereum protocols combine TEN with out fully rewriting their stack?
TEN’s hybrid mannequin unlocks utility patterns which might be both extraordinarily troublesome or just not attainable on chains which might be clear by default.
One apparent sample is non-public execution with public settlement. Delicate logic like commerce matching, technique analysis, RNG, or danger controls can run confidentially, whereas the ultimate outcomes nonetheless settle publicly on Ethereum. You get privateness the place it issues, with out giving up verifiability or composability.
One other space is protected value discovery and darkish liquidity. Sealed bids, hidden order books, and personal routing make it attainable to run fairer markets, whereas nonetheless producing outcomes which might be verifiable on-chain. The market will get integrity with out turning each participant’s intent into public information.
Video games and AI brokers are one other pure match. Arms, methods, prompts, or mannequin internals can stay non-public, whereas equity, correctness, and settlement keep provable. That mixture could be very laborious to attain in a completely clear execution atmosphere.
You additionally begin to see selective disclosure purposes emerge. Issues like id, fame, compliance, or eligibility checks can keep non-public, whereas nonetheless implementing public guidelines and producing auditable outcomes.
What makes TEN distinct is that none of this requires abandoning Ethereum. TEN is a full EVM, so present Ethereum sensible contracts deploy on TEN out of the field and behave precisely as builders count on. The distinction is that they instantly achieve the choice to run elements of their logic in confidence.
For a lot of protocols, integration may be easy. Groups can deploy the identical contracts to TEN alongside Ethereum, maintain the general public model unchanged, after which progressively allow confidential execution the place it provides essentially the most worth.
That naturally creates two adoption paths. Some groups will take the minimal-effort route, deploying present contracts unchanged and gaining each a public and confidential occasion with virtually no further work. Others will take a progressive method, selectively transferring high-value flows like order move, auctions, video games, or agent logic into confidential execution over time.
The important thing level is that TEN doesn’t power builders to decide on between composability and confidentiality. It lets them maintain Ethereum’s ecosystem, liquidity, and tooling, whereas making privateness a first-class functionality relatively than a bolt-on.
Who operates the enclaves and infrastructure that energy TEN, how do you keep away from centralization round a small set of operators, and what does the roadmap appear like for decentralizing the community, bootstrapping the ecosystem, and attracting the primary breakout apps on TEN?
Like most new networks, TEN begins with a sensible bootstrap section. Early on, meaning a smaller, extra curated set of operators and infrastructure, with the main focus squarely on reliability and safety. The objective at this stage isn’t maximal decentralization on day one, however ensuring the system works predictably and safely as builders begin constructing actual purposes on it.
Avoiding long-term centralization is the place the structure and incentives actually matter. The roadmap is constructed round permissionless operator onboarding, paired with robust attestation necessities so operators can show they’re working the precise code in the precise atmosphere. Financial incentives are designed to encourage many unbiased operators relatively than a small cartel, and there’s an express emphasis on geographic and organizational range. On prime of that, efficiency and safety standards are clear, and the protocol itself is structured to stop any single operator from dominating execution.
When it comes to how the roadmap unfolds, the primary section is about bootstrapping reliability and developer tooling. As soon as that basis is strong, the main focus shifts to delivery flagship purposes that genuinely want confidentiality, issues like iGaming, protected DeFi workflows, and verifiable AI brokers. From there, operator participation expands, governance decentralizes, and the safety posture continues to harden as extra worth flows via the community and the stakes rise.
That’s what units up the ecosystem flywheel. Builders don’t come to TEN simply because it’s one other EVM; they arrive as a result of it affords capabilities they will’t get elsewhere.
The breakout app thesis is simple. The primary actually profitable TEN-native utility might be one thing that both can not exist, or can’t be aggressive, on transparent-by-default chains. In that case, confidentiality isn’t a checkbox characteristic. It’s the product itself.
