The Trust Problem in Ad Tech (And How We Solved It)
Nick Pellegrino and Peter Downs
•
Every day, ad platforms run billions of auctions. Can anyone prove the auctions are fair?
The Trust Gap in Programmatic Advertising
Publishers and advertisers both need fair auctions. Publishers want to maximize revenue, which happens when auctions are competitive. Meanwhile advertisers want to know their bids are treated fairly in auctions — that no other advertiser gets an unfair advantage. Ad platform policies like first-look undermine auction fairness, and nobody can prove that auctions are run without straight-up collusion.
The current solution: "trust us, it’s fair."
What If You Didn't Have to Trust Anyone?
In addition to our good word, CloudX furnishes hardware-backed cryptographic proof that every single auction is fair.
Our solution is to share our auction logic code with our bidding partners so they can see we’re treating each participant fairly. We run that code in a Trusted Execution Environment (TEE) that mathematically proves that we haven’t tampered with the logic in any way. Every bidder in the auction can check the result to prove that we’ve treated their bid fairly. And we allow participants to encrypt their bids such that no one, not even us, can peek at them before we run the auction and pick the winner.
Our TEE is built on AWS Nitro Enclaves - an industry-standard for secure computing. These Nitro Enclaves let us meet our scaling challenges while still providing state-of-the-art, mathematical guarantees that we are running auctions fairly. Our TEE is so secure that not even CloudX staff can tamper with a running auction - or look inside to see how much advertisers are bidding.
TEE: Here's What We Guarantee
Fair and Honest Auctions
We share the source code for our auction logic with everyone who participates in our auctions. Publishers and advertisers can audit the code and confirm for themselves: we treat all bidders fairly, no unfair prioritization, no information leakage, no shenanigans.
Moreover, our TEE provides a mathematical proof that the exact code we publish is what actually processes every auction. This allows advertisers to verify independently that we are running the auctions we promise. We provide the tools to make it easy to verify every auction and its winner. Just sharing our code isn’t enough — the TEE is the key to proving that we’re using that code and living up to our promise to provide fair auctions.
Bid Privacy
Advertisers want to keep their proprietary bidding strategies private. We allow advertisers to use end-to-end encryption to ensure that their bids can only be read inside the TEE - even concealed from the eyes of CloudX staff. At the end of the auction, only the top two bids are revealed - other bids remain hidden by end-to-end encryption.
What This Means for the Industry
Fair auctions - made possible by our TEE - can clean up the ad tech ecosystem. Publishers benefit from competitive auctions that maximize revenue. Advertisers benefit from fair bid treatment and protection of their proprietary bidding strategies.
Using our TEE, CloudX aims to raise the bar on transparency and move trust from promised to proven.
Interested in learning more about how we do all this? Our code is on Github at cloudx-io/openauction, and stay tuned for an upcoming blog post diving deeper into the proofs, architecture, and API design.