Auditor Assignment

Every Slot, each enclave (or TEE) $T_i$ in the set [$T$] is assigned a subset of auditors [$A_{T_i}$] from the set [$A$], such that |[$A_{T_i}$]| = k (where k or AuditorsPerEnclave is a constant that determines the number of auditors assigned per enclave). $A_{T_i}$] largely consist of different subsets of Auditors for different Slots of an Epoch.

The assignment from [$A$] to [$T$] for slots in epoch $E_i$ is randomized using a seed $R_{E_i}$ which is generated at the start of the epoch $E_{i-1}$. $R_{E_i}$ is currently considered to be the blockhash of the block at which the epoch $E_{i-1}$ starts.

Auditors can only enter or leave the auditor set [A] at the end of an Epoch which ensures that the auditor assignment doesn't change within an Epoch. Enclave set [T] can expand or decrease based on whether a new Job is added or an existing Job is closed or runs out of funds.

Each enclave, for a given Slot of an Epoch, is assigned an auditor subset [$A_{T_i}$] of length k using the following algorithm:

let AuditorSubsetIndices = [];
let count = 0;
let iter = 0;
while(count < k) {
    index = (keccak256(`${iter}-${SlotId}-${EnclaveJobId}`)) mod(t)
    if(!AuditorSubsetIndices.includes(index)) {
        AuditorSubsetIndices.push(index);
        count++;
    }
    iter++;
}

The above algorithm ensures that the auditor subset for any enclave in a Slot consists of unique Auditors. This also ensures that any new enclaves started during the Epoch can still be assigned Auditors. Auditing of the new enclave takes effect only after c slots (JobStartupPeriod) from the Slot at which the Job was created, where c is a constant that determines the delay for auditing new enclaves.