I’d like to echo @nick.eth’s concerns here as this was an area of research that we went down at some point, trying to enhance our gateway and offer better security and privacy features.
We spent some time looking at the advantages that we might bring with a TEE based approach, also looked at generating zk-proofs of the data being resolved via our gateway (verifiable resolution), but unfortunately there was always a leak in every approach we looked at, whether through network traffic analysis, timing patterns, or the fundamental issue Nick mentioned about data inference from what gets sent to the TEE.
The way we see it today, is that the biggest security upgrade we could ship is to move the signing process to a secure enclave (using for example AWS Nitro Enclaves with P-256 key generation), and upgrade our resolver contract to verify secp256r1 signatures using the new EIP-7951 precompile. While this doesn’t solve privacy, it does provide hardware-guaranteed protection for our signing keys.
That said, it wasn’t extensive research as we had to cut our time short to focus on other priorities, but hope that helps! Excited to see your approach @bilinearlabs!