Content
@
0 reply
0 recast
2 reactions
Andrew Miller
@socrates1024
Here's a post about Solidity verifiers for SGX remote attestation, https://collective.flashbots.net/t/demystifying-remote-attestation-by-taking-it-on-chain/2629/2 specifically RAVE from Puffer Finance and https://github.com/automata-network/automata-dcap-v3-attestation from Automata
1 reply
3 recasts
8 reactions
mac
@mac-
I've been out of the loop here. Three quick questions for you: 1) are people using gramine/occlum? What's your sgx lib of choice? 2) how are people doing remote attestation? Is anyone using RA-TLS? 3) can we ditch sgx yet for a performant zkvm? πΈ
1 reply
0 recast
1 reaction
Andrew Miller
@socrates1024
1) I use gramine for rapid prototype, pufferfi use occlum https://github.com/PufferFinance/secure-signer Fortanix and teaclave used by others 2) RA-TLS yes, tho I prefer non-interactive attestation because it's more understandable 3) my goal is to use SGX only for things ZK can't work at all for, like auctions
1 reply
0 recast
1 reaction
mac
@mac-
What's the easy way are co's proving the code on git is the code that ran? Do devs in web3 trust azure / aliyun or are we running our own PCCS ? βοΈπΉπ·
1 reply
0 recast
0 reaction
Andrew Miller
@socrates1024
These are great questions, imo exactly what are needed next. Reproducible builds aren't very durable yet, my best so far is just using the Gramine dockerhub image as starting point. We still need a community PCCS alternative, but it's clear that this is possible & untrusted code
3 replies
0 recast
0 reaction
Andrew Miller
@socrates1024
Also Automata has an interesting approach here, where they do *builds* of SGX enclaves in AWS Nitro, so the build process does come w some evidence. Not sure I agree with this approach vs just improving dependency pinning for repro builds
1 reply
0 recast
0 reaction
Andrew Miller
@socrates1024
https://docs.ata.network/automata-2.0/modular-attestation
0 reply
0 recast
0 reaction