Abstract

Developers often struggle with the poor user experience and complexity of current blockchain systems. To address these challenges, Livy is introduced as the universal provenance layer, a language-agnostic execution layer for verifiable computing, leveraging Intel TDX (Trust Domain Extensions) Trusted Execution Environments (TEEs) to enable trusted off-chain computation using familiar languages like Rust, Go, and JavaScript.

Livy's approach compiles application source code within a TDX enclave and executes it with optional input parameters, producing both the execution result and a cryptographic quote (attestation) from the enclave. This TDX quote encapsulates the enclave’s identity, runtime integrity measurements (RTMRs), and a payload containing the compiled binary’s hash, the provided inputs, and the resulting outputs.

Blockchain smart contracts can verify the validity of this quote on-chain, confirming the computation’s integrity and correctness without rerunning the code. This design delivers near-native performance without requiring any domain-specific language, provides full provenance of the execution, and offers cross-chain compatibility, significantly simplifying the development of trustworthy off-chain services.

Introduction

Verifiable Computation

In verifiable computing, a Prover runs a function y=F(x,w) and generates a compact proof showing that the output y is correct for program F, public input x, and witness w. A Verifier can validate this short proof without re-executing the function. Every verifiable-computing scheme rests on certain trust assumptions about the underlying primitives or setup.

Problem

Engineers still face a steep learning curve when they step into the blockchain world. The hurdle grows even higher with cross-layer verifiable computation: it’s one thing to run a function once, but quite another to convince every chain that the result is correct.

Livy’s solution is a language-agnostic execution layer that slots any containerised compiler into an Intel TDX Trusted Execution Environment (TEE). The compiler turns source code into a native binary; the enclave executes that binary with optional runtime parameters and emits both the output and a signed quote.

No new DSLs: Rust, Go, JavaScript—anything that compiles—gets near-native speed and a hardware-level proof out of the box. The quote includes the enclave’s identity (MRENCLAVE), runtime-integrity metrics (RTMRs), and a hash binding binary, inputs, and outputs. Running transactions inside a TEE removes the need to wait for network consensus, delivering millisecond-level latency and throughput comparable to centralized systems. A trading engine, for example, can match orders and update balances almost instantaneously, providing real-time user feedback. Because the enclave deterministically seals both transaction order and execution, it also suppresses Maximal Extractable Value (MEV) by preventing any external reordering or front-running.