Welcome to the bob v2 image! For a higher-level conceptual overview, please visit our forum post: https://collective.flashbots.net/t/searching-in-tdx/3902

For the video version:

Intro to Bob V2

TDX Mental Model

First, searchers verify that the TDX operator, in this case Flashbots, cannot access or observe code inside a TDX machine through a process called attestation:

But, in the bob image, the searcher is also restricted to its own user group without root privileges. This allows us to implement sandboxing and log delays on the host safely, without the searcher being able to override or interfere with these restrictions. So, even though the searcher is given ssh access to the machine, the searcher is sufficiently restricted to guarantee they would not be able to expose any sensitive data submitted by the builder.

Importantly, implementing searcher sandboxing, log delays, and mode toggling inside the VM also allows block builders and their users to verify their orders cannot be frontrun using attestation.

Image Overview

There are three key features of the image:

  1. Network namespaces and firewall rules that enforce a searcher cannot SSH into the container while state diffs are being streamed in, and the only way information can leave is through the block builder’s endpoints.
  2. A log delay **script that enforces a two-minute (~10 block) delay until the searcher can view their bot’s logs.
  3. Mode switching which allows a searcher to toggle between production and maintenance modes, where the SSH connection is cut and restored respectively.

Together, they provide the “no-frontrunning” guarantee to order flow providers while balancing searcher bot visibility and maintenance.