Content pfp
Content
@
0 reply
0 recast
2 reactions
Andrew Miller pfp
Andrew Miller
@socrates1024
Here's a post about Solidity verifiers for SGX remote attestation, https://collective.flashbots.net/t/demystifying-remote-attestation-by-taking-it-on-chain/2629/2 specifically RAVE from Puffer Finance and https://github.com/automata-network/automata-dcap-v3-attestation from Automata
1 reply
3 recasts
8 reactions
mac pfp
mac
@mac-
I've been out of the loop here. Three quick questions for you: 1) are people using gramine/occlum? What's your sgx lib of choice? 2) how are people doing remote attestation? Is anyone using RA-TLS? 3) can we ditch sgx yet for a performant zkvm? 🐸
1 reply
0 recast
1 reaction
Andrew Miller pfp
Andrew Miller
@socrates1024
1) I use gramine for rapid prototype, pufferfi use occlum https://github.com/PufferFinance/secure-signer Fortanix and teaclave used by others 2) RA-TLS yes, tho I prefer non-interactive attestation because it's more understandable 3) my goal is to use SGX only for things ZK can't work at all for, like auctions
1 reply
0 recast
1 reaction
mac pfp
mac
@mac-
What's the easy way are co's proving the code on git is the code that ran? Do devs in web3 trust azure / aliyun or are we running our own PCCS ? βœŒοΈπŸ‡ΉπŸ‡·
1 reply
0 recast
0 reaction
Andrew Miller pfp
Andrew Miller
@socrates1024
These are great questions, imo exactly what are needed next. Reproducible builds aren't very durable yet, my best so far is just using the Gramine dockerhub image as starting point. We still need a community PCCS alternative, but it's clear that this is possible & untrusted code
3 replies
0 recast
0 reaction
Andrew Miller pfp
Andrew Miller
@socrates1024
Also Automata has an interesting approach here, where they do *builds* of SGX enclaves in AWS Nitro, so the build process does come w some evidence. Not sure I agree with this approach vs just improving dependency pinning for repro builds
1 reply
0 recast
0 reaction
mac pfp
mac
@mac-
I'll add RA-TLS into my fork of Firefox mobile. Pray for me @ http://github.com/maceip/foolproof The Sequencers should offer PCCS ?πŸ€·β€β™€οΈ I don't know web3 I just wandered into this crazy Istanbul infra event:
1 reply
1 recast
1 reaction
mac pfp
mac
@mac-
I'm not rich or shilling a startup, but I'd put up a 1ETH bounty for someone to create TEE provable builds (using mrenclave or similar) integrated with github/sourcehut/gitlab
0 reply
0 recast
1 reaction