Tabellion: secure legal contracts on mobile devices

A legal contract is an agreement between two or more parties as to something that is to be done in the future. Forming contracts electronically is desirable since it is convenient. However, existing electronic contract platforms have a critical shortcoming. They do not provide strong evidence that a contract has been legally and validly created. More specifically, they do not provide strong evidence that an electronic signature is authentic, that there was mutual assent, and that the parties had an opportunity to read the contract. We present Tabellion, a system for forming legal contracts on mobile devices, such as smartphones and tablets, that addresses the above shortcoming. We define four secure primitives and use them in Tabellion to introduce self-evident contracts, the validity of which can be verified by independent inspectors. We show how these primitives can be implemented securely in the Trusted Execution Environment (TEE) of mobile devices as well as a secure enclave in a centralized server, all with a small Trusted Computing Base (TCB). Moreover, we demonstrate that it is feasible to build a fully functional contract platform on top of these primitives. We develop ~15,000 lines of code (LoC) for our prototype, only ~1,000 of which need to be trusted. Through analysis, prototype measurements, and a 30-person user study, we show that Tabellion is secure, achieves acceptable performance, and provides slightly better usability than the state-of-the-art electronic contract platform, DocuSign, for viewing and signing contracts.