@@ -109,3 +109,149 @@ the on-chain rules:
109109- the worker gets paid
110110- app & dataset owners get their revenue shares
111111- any misbehavior results in stake-based penalties for the scheduler
112+
113+ ## Brokering
114+
115+ On iExec, ** brokering** is the mechanism that matches all parties involved in a computation:
116+
117+ - the ** application** (the logic to run)
118+ - the ** dataset** (optional, confidential input data)
119+ - the ** workerpool** (TEE-enabled workers)
120+ - the ** requester** (the user paying for the execution)
121+
122+ Each party publishes an ** order** describing what they offer or request.
123+ When compatible orders are combined, a ** deal** is created and PoCo enforces all economic, confidentiality, and governance rules.
124+
125+ ### Why off-chain brokering?
126+
127+ iExec uses an ** off-chain order book and off-chain matching** system because it provides major advantages:
128+
129+ - orders can be created, shared, and canceled ** without gas costs**
130+ - signatures make orders ** trustless and verifiable**
131+ - brokering is fast and flexible
132+ - the blockchain is used only to ** validate signatures** and ** create the final deal**
133+
134+ Although off-chain, the system is secure because each order is:
135+
136+ - encoded as a structured object
137+ - hashed using ** EIP-712**
138+ - ** signed** by the resource owner
139+
140+ This makes an order ** as authoritative as if it were published on-chain** , without paying gas.
141+ The ** PoCo** smart contract validates every signature and ensures correct matching.
142+
143+ ### What brokering enables?
144+
145+ - ** Access control / permissioning**
146+ Different actors define who can use their resources (specific apps, requesters, or workerpools).
147+
148+ - ** Dynamic pricing & monetization**
149+ Apps, datasets, and workerpools set prices; requesters set maximum prices.
150+
151+ - ** Asynchronous, trust-minimized execution**
152+ After a successful ` matchorders ` , the PoCo ensures that all parties can operate
153+ asynchronously and without direct trust:
154+ - the deal is created on-chain and acts as the single source of truth
155+ - the requester does not need to stay online during execution
156+ - TEE-enabled workers independently fetch tasks when ready
157+ - results, proofs, and outputs are submitted later when execution completes
158+
159+ PoCo guarantees that even though all actors act at different times, the workflow
160+ remains secure, deterministic, and economically enforced.
161+
162+ ### Order structures
163+
164+ Each actor expresses intent through a signed ** order** .
165+ There are four order types, all using ** EIP-712 signatures** :
166+
167+ 1 . ** AppOrder** — how the application can be used
168+ 2 . ** DatasetOrder** — how the dataset can be accessed
169+ 3 . ** WorkerpoolOrder** — what TEE workers are available
170+ 4 . ** RequestOrder** — what the requester wants to run
171+
172+ Every order includes:
173+
174+ - the resource address (app/dataset/workerpool/requester)
175+ - price
176+ - volume (number of times the order can be matched)
177+ - optional matching restrictions
178+ - a ` tag ` describing features (e.g., TEE requirement)
179+ - a ` salt ` for uniqueness
180+ - a cryptographic ** signature**
181+
182+ #### AppOrder
183+
184+ ```
185+ struct AppOrder
186+ {
187+ address app;
188+ uint256 appprice;
189+ uint256 volume;
190+ uint256 tag;
191+ address datasetrestrict;
192+ address workerpoolrestrict;
193+ address requesterrestrict;
194+ bytes32 salt;
195+ bytes sign;
196+ }
197+ ```
198+
199+ #### DatasetOrder
200+
201+ ``` text
202+ struct DatasetOrder
203+ {
204+ address dataset;
205+ uint256 datasetprice;
206+ uint256 volume;
207+ uint256 tag;
208+ address apprestrict;
209+ address workerpoolrestrict;
210+ address requesterrestrict;
211+ bytes32 salt;
212+ bytes sign;
213+ }
214+ ```
215+
216+ #### WorkerpoolOrder
217+
218+ ``` text
219+ struct WorkerpoolOrder
220+ {
221+ address workerpool;
222+ uint256 workerpoolprice;
223+ uint256 volume;
224+ uint256 tag;
225+ uint256 category;
226+ uint256 trust;
227+ address apprestrict;
228+ address datasetrestrict;
229+ address requesterrestrict;
230+ bytes32 salt;
231+ bytes sign;
232+ }
233+ ```
234+
235+ #### RequesterOrder
236+
237+ ``` text
238+ struct RequestOrder
239+ {
240+ address app;
241+ uint256 appmaxprice;
242+ address dataset;
243+ uint256 datasetmaxprice;
244+ address workerpool;
245+ uint256 workerpoolmaxprice;
246+ address requester;
247+ uint256 volume;
248+ uint256 tag;
249+ uint256 category;
250+ uint256 trust;
251+ address beneficiary;
252+ address callback;
253+ string params;
254+ bytes32 salt;
255+ bytes sign;
256+ }
257+ ```
0 commit comments