People often assume that once you're verified, the service handling verification actually saw your documents, evaluated them, and simply remembers the result.
Newton's identity verification is designed differently. The verification runs inside a TEE, a Trusted Execution Environment, so the verifier's normal infrastructure never directly accesses the underlying identity data. It receives the outcome of the verification rather than the raw inputs themselves.
That's a different security model than encryption alone. Encryption protects data while it's stored or transmitted, but something usually has to decrypt it to perform the verification. A TEE aims to keep even that computation isolated, with the host operating the system unable to inspect what happens inside the enclave.
That also fits Newton's broader identity model. Verifiers validate credential proofs without learning the underlying personal information. The goal isn't just to Keep data off chain, but to keep it hidden from the verifier as well.
The remaining question is trust. TEEs reduce how much you have to trust the Verifier, but they don't eliminate trust entirely. Instead, some of that trust shifts to the TEE implementation, the hardware vendor, the firmware, and the attestation process. TEEs have had real hardware and side channel vulnerabilities in the past, so they're a riSk reduction mechanism rather than a guarantee.
What I'm most curious about is the failure model. If a serious TEE vulnerability were discovered in the hardware Newton relies on, what happens to credentials that were previously verified through those enclaves? Would the impact be limited t0 future attestations after the vulnerability is known, or could earlier verification sessions also be considered compromised? And if that happened, is there a documented recovery process, such as revoking trusted enclaves, rotating attestation keys, or requiring credentials to be reverified?
$NEWT @NewtonProtocol #Newt $LAB $TLM #labcrashed