W3.io Logo
Menu

Compute

Execution environments for Smart Actions. Each produces different cryptographic attestations.

Smart Actions can run in three environments, each with distinct trust properties and verification mechanisms.

Onchain

Replicated state machine where every validator independently re-executes the computation, and consensus mechanisms ensure universal agreement on the results.

Artifact
Transaction receipt
Proves
State transition, code execution
Trust
Blockchain consensus

Examples: Bitcoin UTXO scripts, Ethereum smart contracts, Solana programs, zkRollup state transitions

Execution

Rust Code
// Transfer tokens on Ethereum
fn transfer(from: Address, to: Address, amount: u256) {
  require(balances[from] >= amount);
  balances[from] -= amount;
  balances[to] += amount;
  emit Transfer(from, to, amount);
}
Produced Output
{
"from": "0x742d...",
"to": "0x8ba1...",
"amount": "1000000000000000000",
"success": true
}

Verification

Attestation
{
"block_hash": "0xdef456...",
"transaction_hash": "0x789...",
"receipt": { "status": 1, "logs": [] },
"validator_signatures": ["0x...", "0x..."]
}
Verify Logic
# Re-execute transaction against state
new_state = execute_tx(old_state, tx)
# Verify state root matches consensus
assert new_state.root == block.state_root
Fraud Proof

Anyone can re-execute transaction and prove state divergence.

Trusted Execution Environment (TEE)

Hardware-isolated enclave where the CPU enforces privacy guarantees, and the manufacturer cryptographically signs attestations proving code identity.

Artifact
Hardware attestation
Proves

Code identity, execution environment

Trust
Intel/AMD/AWS

Examples: Intel SGX, AMD SEV, AWS Nitro Enclaves, Confidential computing

Execution

Rust Code
// Decrypt API key inside SGX enclave
fn call_api_in_tee(encrypted_key: &[u8]) -> Result {
  let key = sgx_unseal(encrypted_key)?; // Decrypts in enclave
  let result = api_call_with_key(key)?;
  Ok(result)
}
Produced Output
{
"api_response": { "data": "..." },
"enclave_measurement": "0xabc..."
}

Verification

Attestation
{
"output": { "api_response": "..." },
"quote": {
  "enclave_hash": "0xabc...",
  "cpu_signature": "Intel SGX signed"
}
}
Verify Logic
# Verify Intel's CPU signature
verify_intel_signature(quote.cpu_signature)
# Verify code hash matches expected
assert quote.enclave_hash == EXPECTED_CODE_HASH
🔒
Fraud Proof

Impossible to forge Intel's CPU signature. Operator cannot produce valid attestation for different code.

Cloud

Standard container or VM where the operator has full access to the execution environment and simply reports the claimed results.

Artifact
Logs, claimed outputs
Proves
Nothing cryptographically
Trust
Operator honesty, economic stake

Examples: AWS Lambda, GitHub Actions, Docker containers, Email/SMS APIs

Execution

Rust Code
// Send email via SendGrid API
fn send_email(to: &str, subject: &str, body: &str) -> Result {
  sendgrid::send(to, subject, body)?;
  Ok(SendOutput {
      message_id: "msg_abc123"
  })
}
Produced Output
{
"message_id": "msg_abc123",
"status": "sent",
"timestamp": 1234567890
}

Verification

Attestation
{
"output": { "message_id": "msg_abc123" },
"operator_signature": "0x1234...",
"timestamp": 1234567890
}
Verify Logic
# Verify operator signature
verify(operator_pubkey, output_hash, signature)
# That's it - no cryptographic proof email was sent
Fraud Proof

Cannot cryptographically prove email NOT sent. Dispute relies on operator's staked collateral and reputation.