Course 1: The What, Why and How of TEE Coprocessors

Question: What is the definition of “offchain computing”?

Answer: Computation performed offchain, with results verified on-chain.

Question: How do we distinguish coprocessors from rollups?

Answer: Rollups are described as sandboxed and “blockchain-esque,” while coprocessors are compared to flexible VMs with attestations.

Question: Which of the following is listed as a component of a coprocessor’s general architecture?

Answer: Relay contracts

Question: What “missing piece” in data protection does Confidential Computing address that Traditional Encryption leaves vulnerable?

Answer: Data “In Use”

Question: What is the only primary “con” or disadvantage listed for TEE (Trusted Execution Environment) coprocessors?

Answer: Hardware vendor trust dependency

Question: What components are used to verify the TEE deployed AI’s response on-chain?

Answer: The “Oyster Signature” and the “Enclave Public Key”.

Question: “Centralization concerns” and “challenge periods” are cons for which technology?

Answer: Layer 2 scaling (rollups)

Question: What is the primary goal of remote attestations?

Answer: To verify that an attestation is valid, recent, and from a real enclave running a specific image.

Question: Which TEE type is characterized by having “no persistent storage, external networking, or interactive access”?

Answer: AWS Nitro Enclaves

Question: According to the project overview, what is the primary reason for using Marlin’s Oyster TEE coprocessors?

Answer: To host verifiable AI (Llama 3.2) because blockchains cannot run AI and traditional APIs cannot be trusted.

Course 2: Building Production-Ready Backends Using TEEs

Question: What is the primary networking challenge associated with AWS Nitro Enclaves, and how does Oyster solve it?

Answer: They only support vsock networking, so Oyster provides a simple IP interface to hide this complexity.

Question: What is the core architectural difference between the Nautilus “Root Server” and “Derive Server”?

Answer: The Root Server derives public keys (publicly), while the Derive Server derives private keys (inside the enclave).

Question: Which of the following is listed as a “con” of using Confidential Virtual Machines (CVMs)?

Answer: Upfront lease cost and longer cold start

Question: According to the document, which computing model is characterized as “ephemeral,” “stateless,” and “event-driven”?

Answer: Serverless Computing

Question: Which of the following is included in the checklist for verifying a decoded attestation document?

Answer: Verify that the certificate chain’s root is the AWS Nitro Enclaves Root certificate.

Question: What is the fundamental purpose of a Key Management System (KMS)?

Answer: The lifecycle management of cryptographic keys, including their generation, storage, distribution, and rotation.

Question: Which of the following is listed as a key property of persistent storage in a TEE?

Answer: Data persists across the enclave lifecycle and is cryptographically protected.

Question: Which of the following is not a characteristic of “Contract-Based Persistent Storage”?

Answer: It is a simple but rigid approach where the same code results in the same persistent keys.

Question: What is the “Key Concept” of reproducible builds as defined in the document?

Answer: Same source code + Same build environment = Identical binary output.

Question: What is the “gap” that Remote Attestation alone cannot solve, which reproducible builds address?

Answer: Remote attestation verifies the binary (EIF) is running, but it doesn’t prove what source code was used to create that binary.

Course 3: Applications

Question: What is the purpose of using npx pkg -t node18-alpine app.js in Step 2?

Answer: To create a self-contained binary that runs without installing Node.js inside the enclave.

Question: In Step 5, how is the deployed NodeJS server interacted with, and what is the expected response?

Answer: By running curl :4000, expecting “Hello from Oyster Enclave!”.

Question: How is the deployed Marlin Oyster serverless function linked to the EthRate.sol smart contract before deployment?

Answer: The transaction hash (codeHash) from the serverless deployment is added to the script/deploy/EthRate.ts file.

Question: What is the primary role of the Marlin Oyster CVM enclave in this ZK-proof application?

Answer: To secure the user’s private inputs (age, BMI) so they cannot be leaked.

Question: What is the primary security benefit of the decentralized frontend approach?

Answer: It ensures that only enclaves running authorized images can request certificates for the domain, preventing tampering.

Question: After fetching the subdomain, what happens during the 4–5 minute waiting period?

Answer: The enclave is updating the DNS records.

Question: In Step 3, what is the purpose of the flag “–init-params “.env:1:1:file:./.env””?

Answer: To pass the environment variables file into the enclave during deployment.

Question: How does a user interact with the deployed AI agent?

Answer: By running nc <Enclave_IP> 8080 and entering a prompt.

Question: What command is used to verify the enclave through remote attestation?

Answer: oyster-cvm verify –enclave-ip

Question: Where does the user go to deploy the minified JavaScript function for the Marlin Oyster Serverless service?

Answer: They navigate to https://hub.marlin.org/oyster/serverless-sandbox/