Secret Network

Category: Privacy Infrastructure - Privacy Blockchain Ecosystem: Cosmos Status: Active Production Last Updated: 2026-01-19

---

Overview

Secret Network is a privacy-focused Layer 1 blockchain built on Cosmos SDK that enables "Secret Contracts" - smart contracts where inputs, outputs, and state are encrypted. This is achieved using Trusted Execution Environments (Intel SGX) on validator nodes.

Unlike transparent blockchains where all transaction data is public, Secret Network allows developers to build applications with programmable privacy, where users control what information is revealed.

---

Key Features

• Encrypted Smart Contracts: Inputs, outputs, and state are encrypted
• Public Code: Contract logic is verifiable on-chain
• TEE-based Privacy: Intel SGX hardware enclaves
• IBC Compatible: Interoperable with Cosmos ecosystem
• Encrypted Mempool: Frontrunning resistant by default
• Secret NFTs: NFTs with private content and ownership
• Viewing Keys: Selective disclosure to chosen parties

---

Privacy Model

Secret Network uses hardware-based privacy via Trusted Execution Environments:

1. User submits encrypted transaction
2. Validator nodes decrypt inside SGX enclave
3. Computation happens in protected memory
4. Only encrypted results leave the enclave
5. Contract state remains encrypted on-chain

---

Team

| Name | Role | Background | |------|------|------------| | Guy Zyskind | CEO, SCRT Labs | MIT Media Lab, whitepaper author | | Can Kisagun | Co-founder, SCRT Labs | Technical co-founder | | Tor Bair | Founder, Secret Foundation | Core contributor |

Note: Leadership controversy in January 2023 regarding foundation fund management.

---

Token (SCRT)

• Use Cases: Gas fees, staking, governance
• Listed: Major exchanges (Kraken, etc.)
• Staking: Proof-of-stake with delegated validators

---

Links

• Website: https://scrt.network
• GitHub: https://github.com/scrtlabs/SecretNetwork
• Documentation: https://docs.scrt.network
• Graypaper: https://scrt.network/graypaper

---

Constitutional Research Notes

• Verified: Website, GitHub, team (core members), technology
• Confidence: 0.85 (High)
• Gaps: Complete organizational structure, full audit list
• Controversy: 2023 foundation fund dispute documented

Secret Network OPSEC & Vulnerability Assessment

Project: Secret Network (SCRT) Assessment Date: 2026-01-20 Methodology: Constitutional Research Framework v3 Confidence Score: 0.91

---

CRITICAL FINDINGS

| Finding | Severity | Status | Location | |---------|----------|--------|----------| | 5 CVEs detected | HIGH | Unpatched | api.scrt.network | | nginx 1.16.1 (EOL) | HIGH | Outdated | API server | | HTTP/2 Rapid Reset | HIGH | CVE-2023-44487 | API server | | Missing CSP header | MEDIUM | Not configured | Main site |

---

Executive Summary

Secret Network's main website is cleanly hosted on Framer with no vulnerabilities detected. However, the API server (api.scrt.network) presents significant security concerns with 5 CVEs detected including the HTTP/2 Rapid Reset attack and an end-of-life nginx version. The RPC infrastructure uses Fastly CDN appropriately. Missing security headers on the main site reduce the overall security posture.

---

Infrastructure Overview

DNS Configuration

| Attribute | Value | |-----------|-------| | Primary Domain | scrt.network | | DNS Provider | Cloudflare | | Nameservers | darl.ns.cloudflare.com, penny.ns.cloudflare.com |

IP Infrastructure

| Service | IP | Provider | Status | |---------|-------|----------|--------| | Main Website | 31.43.161.6, 31.43.160.6 | Framer | Clean | | API Server | 85.17.52.219 | Unknown | CRITICAL | | RPC | 151.101.x.91 (multiple) | Fastly CDN | Clean |

---

Vulnerability Analysis

API Server (85.17.52.219) - CRITICAL

{
  "ip": "85.17.52.219",
  "ports": [8080, 31210],
  "cpes": ["cpe:/a:f5:nginx:1.16.1"],
  "tags": ["eol-product"],
  "vulns": [
    "CVE-2023-44487",
    "CVE-2025-23419",
    "CVE-2021-23017",
    "CVE-2021-3618",
    "CVE-2019-20372"
  ]
}

CVE Details

| CVE | Name | Severity | Description | |-----|------|----------|-------------| | CVE-2023-44487 | HTTP/2 Rapid Reset | HIGH | DDoS vulnerability allowing resource exhaustion | | CVE-2025-23419 | Recent | TBD | Recently disclosed vulnerability | | CVE-2021-23017 | DNS Resolver | HIGH | nginx DNS response processing vulnerability | | CVE-2021-3618 | ALPACA | MEDIUM | TLS confusion attack on nginx | | CVE-2019-20372 | Request Smuggling | MEDIUM | HTTP request smuggling vulnerability |

End-of-Life Warning

| Component | Version | Status | |-----------|---------|--------| | nginx | 1.16.1 | End of Life |

nginx 1.16.1 was released in August 2019 and is no longer receiving security updates. Current stable is nginx 1.25.x.

---

Shodan Analysis

Main Website (31.43.161.6) - CLEAN

{
  "hostnames": ["sites.framer.app"],
  "ports": [80, 443],
  "cpes": [],
  "vulns": []
}

API Server (85.17.52.219) - CRITICAL

• Exposed ports: 8080, 31210 (non-standard)
• Software: nginx 1.16.1 (EOL)
• Vulnerabilities: 5 CVEs detected
• Action required: Immediate patching

---

Security Headers Analysis

scrt.network - PARTIAL

| Header | Value | Status | |--------|-------|--------| | Server | Framer/7c13ce5 | Version exposed | | Strict-Transport-Security | max-age=31536000 | ✅ | | X-Content-Type-Options | nosniff | ✅ | | Content-Security-Policy | Not set | ❌ | | X-Frame-Options | Not set | ❌ | | Referrer-Policy | Not set | ❌ | | Permissions-Policy | Not set | ❌ |

Missing critical headers increase clickjacking and XSS attack surface.

---

Subdomain Analysis

Discovered Services (37 subdomains)

API Infrastructure

| Subdomain | Purpose | |-----------|---------| | api.scrt.network | Main API | | beta-api.scrt.network | Beta API | | rpc.scrt.network | RPC endpoint | | grpc-web.scrt.network | gRPC web interface | | beta-lcd.scrt.network | Light client daemon |

DeFi Services

| Subdomain | Purpose | |-----------|---------| | bridge.scrt.network | Token bridge | | wrap.scrt.network | Token wrapping | | auctions.scrt.network | Auction service |

Developer Tools

| Subdomain | Purpose | |-----------|---------| | docs.scrt.network | Documentation | | secretjs.scrt.network | JavaScript SDK | | build.scrt.network | Build tools |

Community

| Subdomain | Purpose | |-----------|---------| | forum.scrt.network | Community forum | | chat.scrt.network | Chat service | | meet.scrt.network | Video meetings |

---

GitHub Organization

| Metric | Value | |--------|-------| | Organization | scrtlabs | | Public Repos | 248 | | Created | June 27, 2016 |

Main Repository (SecretNetwork)

| Metric | Value | |--------|-------| | Stars | 573 | | Forks | 228 | | Open Issues | 78 | | Language | Rust |

248 public repositories demonstrates strong commitment to open-source development.

---

Privacy Architecture Assessment

TEE-Based Privacy Model

User → Encrypted Tx → Validator SGX Enclave → Encrypted State → Response
                           ↑
                    Intel SGX TEE

Security Guarantees

| Feature | Status | Notes | |---------|--------|-------| | Encrypted inputs | ✅ | Client-side encryption | | Encrypted state | ✅ | At-rest encryption in SGX | | Encrypted outputs | ✅ | Before leaving enclave | | Code privacy | ❌ | WASM bytecode is public | | Metadata privacy | ❌ | Transaction graph visible |

Known Vulnerabilities (Mitigated)

| Issue | Description | Status | |-------|-------------|--------| | wiretap.fail | Academic side-channel attack | Mitigated in v1.22 | | SGX side-channels | Physical access required | Active monitoring |

Trust Assumptions

1. Intel SGX hardware - Trust in silicon
2. Intel Attestation Services - Trust in Intel
3. Validator key management - Trust in network

---

Known Governance Issues

2023 Foundation Controversy

| Aspect | Details | |--------|---------| | Issue | $2.6M dividend payment dispute | | Party | Tor Bair | | Status | Documented in public governance | | Impact | Community trust concerns |

---

Risk Assessment Summary

Critical Issues

| Issue | Impact | Recommendation | |-------|--------|----------------| | CVE-2023-44487 | DDoS vulnerability | Patch immediately | | CVE-2021-23017 | DNS resolver exploit | Patch immediately | | nginx 1.16.1 EOL | No security updates | Upgrade nginx | | Missing CSP | XSS vulnerability | Add header |

Security Posture Rating

| Category | Rating | Notes | |----------|--------|-------| | Main Website | ✅ GOOD | Clean, Framer hosted | | API Infrastructure | CRITICAL | 5 CVEs, EOL nginx | | Security Headers | PARTIAL | Missing CSP, X-Frame-Options | | Transparency | ✅ EXCELLENT | 248 public repos | | Privacy Tech | ✅ GOOD | TEE-based with known trade-offs |

---

Comparison: Privacy Chains

| Aspect | Secret Network | Zcash | Aztec | |--------|----------------|-------|-------| | CVEs on infrastructure | 5 | 0 | Unknown | | Privacy model | TEE (SGX) | ZK-SNARKs | ZK Rollup | | Trust assumption | Hardware | Math | Math | | Smart contracts | Yes | Limited | Yes | | HSTS enabled | ✅ | ✅ | ✅ |

---

Potential Improvements

For Secret Network (Urgent)

1. CRITICAL: Upgrade nginx on API server to current stable version
2. CRITICAL: Patch all CVEs on api.scrt.network immediately
3. HIGH: Add Content-Security-Policy header to main site
4. HIGH: Add X-Frame-Options header
5. MEDIUM: Review API server infrastructure - consider migration to managed service
6. MEDIUM: Hide server version in headers

For Users

1. Be aware of API server vulnerabilities when building applications
2. Understand SGX trade-offs vs cryptographic privacy
3. Monitor governance for ongoing foundation issues
4. Use viewing keys appropriately for sensitive data
5. Consider backup privacy options for critical use cases

---

Methodology & Sources

This assessment was conducted using:

• crt.sh - Certificate transparency enumeration
• Shodan InternetDB - Vulnerability scanning
• DNS resolution - Infrastructure mapping
• HTTP header analysis - Security posture
• GitHub API - Repository analysis
• Public governance records - Known issues

Assessment conducted in accordance with Constitutional Research Framework principles.

---

Report generated: 2026-01-20 Next review recommended: 2026-02-20 (accelerated due to CVE findings)

Code Review: Secret Network

Last Updated: 2026-01-19

---

Repository Overview

| Repository | Description | Languages | |------------|-------------|-----------| | scrtlabs/SecretNetwork | Main blockchain | Go, Rust | | SecretFoundation/docs | Documentation | Markdown |

---

Open Source Status

• License: MIT
• Open Source: Yes (client-side, node software)
• Contract Code: Public on-chain (auditable)
• Active Development: Yes

---

Technology Stack

Blockchain Layer

• Framework: Cosmos SDK
• Consensus: Tendermint BFT (Proof of Stake)
• Language: Go

Smart Contracts

• Framework: CosmWasm (modified)
• Language: Rust → WebAssembly
• Privacy: Custom "compute" module for SGX integration

Privacy Layer

• Hardware: Intel SGX
• Enclaves: Secure execution environment
• Encryption: AES-256-GCM for state encryption

---

Architecture

┌─────────────────────────────────────────┐
│           Application Layer             │
│  (Secret Contracts - Rust/CosmWasm)     │
├─────────────────────────────────────────┤
│         Compute Module (SGX)            │
│  (Encrypted inputs/outputs/state)       │
├─────────────────────────────────────────┤
│           Cosmos SDK                    │
│  (Staking, Governance, IBC)             │
├─────────────────────────────────────────┤
│          Tendermint BFT                 │
│  (Consensus, Networking)                │
└─────────────────────────────────────────┘

---

CosmWasm Modifications

Secret Contracts differ from standard CosmWasm:

• Handle encrypted data
• Secure enclave integration
• Key management design

Contract code is public, but:

• Input data is encrypted
• Output data is encrypted
• Internal state is encrypted

---

Development Workflow

Writing Secret Contracts

1. Write contract in Rust
2. Compile to WebAssembly
3. Deploy to Secret Network
4. Contract executes in SGX enclave

Testing

• Local development environment available
• Testnet for pre-mainnet testing
• SecretJS SDK for frontend integration

---

Key Dependencies

| Dependency | Purpose | |------------|---------| | Cosmos SDK | Blockchain framework | | Tendermint | Consensus engine | | CosmWasm | Smart contract runtime | | Intel SGX SDK | TEE integration |

---

Recent Activity

The codebase shows active development with regular releases addressing:

• Security updates
• Performance improvements
• SGX attestation updates
• IBC compatibility

---

Code Quality Considerations

Strengths

• Built on battle-tested Cosmos SDK
• CosmWasm provides Rust's memory safety
• MIT license allows broad usage
• Documentation available

Areas for Verification

• SGX integration complexity
• Custom cryptographic implementations
• Audit reports not comprehensively listed

---

Sources

| Source | Type | |--------|------| | GitHub - SecretNetwork | Code | | Secret Contracts Intro | Documentation | | Cosmos SDK Docs | Documentation |

---

Actual Code Analysis (January 2026)

Analysis performed via direct code inspection on cloned repository.

Cryptographic Implementation

Files Analyzed:

• cosmwasm/enclaves/shared/crypto/src/lib.rs
• cosmwasm/enclaves/shared/crypto/src/aes_siv.rs
• cosmwasm/enclaves/execute/src/registration/seed_exchange.rs

Encryption: AES-SIV (RFC 5297)

// cosmwasm/enclaves/shared/crypto/src/aes_siv.rs
/// AES-SIV encryption in rust - https://tools.ietf.org/html/rfc5297
///
/// This is a unique AES mode for deterministic encryption, where it is
/// difficult to generate random values. The risks of reusing a nonce are
/// only such that encrypting the same data with the same nonce and ad
/// will give the same result.

Why AES-SIV?: The code comments explain:

"We assume that the risk of using [AES-SIV] is much lesser than the risk of using AES-GCM, or other nonce-collision sensitive ciphers."

AES-SIV is nonce-misuse resistant - unlike AES-GCM which catastrophically fails on nonce reuse.

Key Management

// cosmwasm/enclaves/execute/src/registration/seed_exchange.rs
pub fn encrypt_seed(
    seed_to_share: Seed,
    pk: &[u8; PUBLIC_KEY_SIZE],
    sk: &[u8],
) -> Result<[u8; SINGLE_ENCRYPTED_SEED_SIZE], EnclaveError> {
    // ECDH to derive shared encryption key
    let shared_enc_key = derive_key(sk, pk)?;

    // encrypt the seed using the symmetric key derived in the previous stage
    let res = match AESKey::new_from_slice(&shared_enc_key)
        .encrypt_siv(seed_to_share.as_slice(), Some(&authenticated_data))

Key Exchange: ECDH (Elliptic Curve Diffie-Hellman)

Cryptographic Summary

| Component | Algorithm | Standard | |-----------|-----------|----------| | Authenticated Encryption | AES-128-SIV | RFC 5297 | | Key Derivation | HKDF-SHA256 | RFC 5869 | | Signatures | Ed25519 | RFC 8032 | | Blockchain Signatures | secp256k1 | SEC 2 | | Key Exchange | ECDH | ANSI X9.63 | | Hash | SHA-256 | FIPS 180-4 |

SGX Enclave Architecture

// cosmwasm/enclaves/execute/src/lib.rs
#[cfg(not(target_env = "sgx"))]
extern crate sgx_tstd as std;

extern crate sgx_trts;
extern crate sgx_types;

The enclave code compiles specifically for Intel SGX TEE, using Intel's SGX SDK bindings.

Enclave Components:

| Directory | Purpose | |-----------|---------| | enclaves/execute/ | Contract execution enclave | | enclaves/shared/crypto/ | Cryptographic primitives | | enclaves/shared/utils/ | Key management, storage | | enclaves/ffi-types/ | C FFI type definitions |

Memory Safety

Languages:

• Go (Cosmos SDK, blockchain logic)
• Rust (SGX enclaves, smart contracts)

Rust Enclave Code:

• Compiles with #![no_std] when not in SGX mode
• Uses Intel SGX standard library (sgx_tstd)
• Rust memory safety protections apply within enclave

Trust Model

| Trust Boundary | Protection | |----------------|------------| | User → Node | Transaction encryption | | Node → Enclave | SGX attestation | | Enclave memory | SGX hardware isolation | | State storage | AES-SIV encryption |

Key Trust Assumption: Intel SGX hardware is secure (hardware root of trust).

Known Limitations

Per code analysis and documentation:

1. Hardware Trust: Relies on Intel SGX - side-channel attacks theoretically possible
2. Transaction Graph: Who transacts with whom is visible (not encrypted)
3. Timing Analysis: Possible but mitigated by Tendermint batching

Build System

# Requires Intel SGX SDK and Rust SGX toolchain
cargo build --target x86_64-unknown-linux-sgx

SGX mode can be switched between simulation (SW) and hardware (HW).

---

Constitutional Research Note: Secret Network builds on established frameworks (Cosmos SDK, CosmWasm) with custom SGX integration for privacy. The codebase is open-source and actively maintained. The choice of AES-SIV over AES-GCM shows thoughtful consideration of nonce-misuse risks in the SGX environment. The main complexity is in the SGX/enclave integration layer.

Team Analysis: Secret Network

Last Updated: 2026-01-19

---

Core Organizations

SCRT Labs

Development company behind Secret Network.

Secret Foundation

Non-profit foundation for ecosystem development.

---

Key Team Members

Guy Zyskind

Role: CEO, SCRT Labs

Background:

• Former research assistant at MIT Media Lab
• Author of Secret Network whitepapers
• One of the most highly-cited authors on blockchain privacy (2,500+ academic citations)
• US citizen

Credibility: Very high - academic foundation in blockchain privacy

---

Can Kisagun

Role: Co-founder, SCRT Labs

Background:

• Technical co-founder
• Laid foundation for Secret Network through academic exploration at MIT

Credibility: High - early contributor

---

Tor Bair

Role: Founder, Secret Foundation

Background:

• Core contributor to Secret Network
• Sole shareholder of Secret Foundation Inc.

2023 Controversy: In January 2023, a dispute arose regarding foundation funds:

• Guy Zyskind alleged an undisclosed sale of foundation tokens
• Tor Bair claimed the funds were owed as part of his SCRT vesting schedule
• $2.625 million dividend payment disclosed
• Resulted in calls for more transparency and reform

This controversy led to validator departures and leadership concerns.

Note: The controversy relates to governance and fund management, not the underlying technology.

---

Academic Origins

Secret Network originated from academic research at MIT, providing strong theoretical foundations for the privacy technology.

---

Organizational Structure

The project has a somewhat complex governance structure:

| Entity | Role | |--------|------| | SCRT Labs | Core development | | Secret Foundation | Ecosystem growth, marketing | | Validators | Network consensus | | Community | Governance via SCRT |

---

Sources

| Source | Type | |--------|------| | CoinDesk - Leadership Controversy | News | | Decrypt - Foundation Calls | News | | SCRT Labs LinkedIn | Official |

---

Constitutional Research Note: The founding team has strong academic credentials from MIT. The 2023 governance controversy is documented for transparency but doesn't affect the technical privacy guarantees of the network. Complete organizational details remain somewhat opaque.

Security Analysis: Secret Network

Last Updated: 2026-01-19

---

Privacy Model

Secret Network uses Trusted Execution Environments (Intel SGX) to provide encrypted smart contract execution where no one - including node operators - can see the data being processed.

---

Trusted Execution Environment (TEE)

Intel SGX

• Hardware-based security feature in Intel CPUs
• Creates isolated "enclaves" for secure computation
• Data is encrypted in memory
• Even the operating system cannot access enclave data

Implementation

Every Secret Network validator:

1. Runs SGX-enabled hardware
2. Executes contract code inside secure enclaves
3. Decrypts user inputs only within the enclave
4. Encrypts outputs before returning

---

Security Design Assumptions

From the Secret Network graypaper:

1. Untrusted Hosts: Each node is assumed to be run by a malicious host
2. Trusted Enclaves: SGX enclaves execute code securely
3. Cryptographic Guarantees: Standard cryptographic assumptions hold

---

What Secret Network Protects

Encrypted

• Transaction inputs (function parameters)
• Contract state (database)
• Transaction outputs (return values)

Public

• Contract code (auditable)
• Transaction sender/receiver (like all blockchains)
• Gas fees

---

SGX Attestation

Node operators must verify their SGX enclaves:

1. Authenticate with Intel Attestation Services
2. On-chain verification of enclave authenticity
3. Proof that hardware is patched against known exploits

---

Known Vulnerabilities & Mitigations

Wiretap.fail Attack (2024)

Academic researchers discovered:

• Physical access attack on certain Intel SGX systems
• Affects Secret Network, Phala, Crust Network, IntegriTee

Secret Network Response:

• Proactive measures implemented in v1.22 upgrade
• According to researchers, "Secret Network is the only project that implemented such proactive measures"

Important Context:

• Attack requires physical access to servers
• Attack can only put data privacy at risk
• Attack cannot affect funds
• Most theoretical SGX attacks occur in research labs

---

Security Features

Encrypted Mempool

• Transactions are encrypted before entering mempool
• Prevents frontrunning by default
• Order sizes, bids, liquidation points all hidden

Viewing Keys

• Users can create keys to share specific data
• Selective disclosure to auditors, regulators, or partners
• Privacy preserved for everyone else

---

Trust Assumptions

Users Must Trust

• Intel SGX hardware security
• Node operators running genuine enclaves
• Attestation verification process

Mitigating Factors

• Distributed validator set (no single point of failure)
• On-chain attestation verification
• Open-source contract code

---

Comparison to Other Privacy Approaches

| Approach | Secret Network | ZK Proofs | Mixnets | |----------|---------------|-----------|---------| | Privacy via | Hardware (TEE) | Math | Network routing | | Computation | General purpose | Limited | N/A | | Trust assumption | Intel SGX | Math only | Node operators | | Performance | Fast | Slow to generate | Variable |

---

Sources

| Source | Type | |--------|------| | Secret Network Graypaper | Technical | | SGX Documentation | Official | | Wiretap.fail Response | Official |

---

Constitutional Research Note: Secret Network's security relies on Intel SGX hardware, which introduces a trust assumption in Intel. Academic attacks exist but require physical access. The project actively responds to security disclosures and implemented proactive mitigations. The main security trade-off is hardware trust vs. pure cryptographic approaches like ZK proofs.