Solutions for trusted and private computations in Golem and in the wider Ecosystem

DEVCON 4

PIOTR JANIUK

We need trustworthy computations

Why do we need it?

Consensus in a trustless, decentralized network

​

01

Decentralized services

​

​

03

Remote computation

​

02

And more...

​

04

In the context of Golem

In the context of Golem

In the context of Golem

What is Golem?

A network of heterogeneous resources that can be either used by a requestor or provided to other participants by a provider.

​

01

Additional layers on top of the infrastructure (e.g., economy).

02

Problem statement

Requestor wants to be sure that

​

• He receives valid results from the provider after a trustworthy execution on the provider’s machine

​

• Gets results within a reasonable time

​

01

Problem statement

Provider on the other hand

​

• Needs to be protected from malicious tasks

​

02

High-level requirements

Requestor should be able to run an arbitrary, unmodified binary efficiently

​

​

​

01

High-level requirements

Requestor should be able to run an arbitrary, unmodified binary efficiently

​

Task input data has to be the same as prepared by the requestor

​

​

​

02

High-level requirements

Requestor should be able to run an arbitrary, unmodified binary efficiently

​

Task input data has to be the same as prepared by the requestor

​

The binary run by a provider must be the one requestor wanted

​

​

​

​

03

High-level requirements

Requestor should be able to run an arbitrary, unmodified binary efficiently

​

Task input data has to be the same as prepared by the requestor

​

The binary run by a provider must be the one requestor wanted

​

The execution of the task has to be carried out without tampering

​

​

04

High-level requirements

Requestor should be able to run an arbitrary, unmodified binary efficiently

​

Task input data has to be the same as prepared by the requestor

​

The binary run by a provider must be the one requestor wanted

​

The execution of the task has to be carried out without tampering

​

Output data cannot be altered without detection

​

​

05

High-level requirements

Requestor should be able to run an arbitrary, unmodified binary efficiently

​

Task input data has to be the same as prepared by the requestor

​

The binary run by a provider must be the one requestor wanted

​

The execution of the task has to be carried out without tampering

​

Output data cannot be altered without detection

​

Only the requestor can see the plain text input and output data�

​

​

​

​

06

High-level requirements

Requestor should be able to run an arbitrary, unmodified binary efficiently

​

Task input data has to be the same as prepared by the requestor

​

The binary run by a provider must be the one requestor wanted

​

The execution of the task has to be carried out without tampering

​

Output data cannot be altered without detection

​

Only the requestor can see the plain text input and output data�

Provider has to be protected from malicious binaries

​

​

​

​

06

Meeting the requirements

Limiting the class of problems

​

• deterministic (PoW or verification)

​

• nondeterministic (probabilistic verification)�

​

01

By means of the infrastructure (TEEs)

​

Introducing external sources of trust

03

02

Hybrid approach

​

04

Choosing the best approach

Tradeoff

​

• Inherent to the method

​

• Task specific

​

• Runtime dependent

​

01

Focus on a single one

​

• Based on the hardware infrastructure

​

• Allows remote computations

02

Meeting the requirements

SGX, Graphene and Graphene-ng

SGX - short recap

Overview

​

• An Intel® architecture extension designed to increase the security of application code and data

​

• Enclave based computation model (application is run in containers called enclaves, which are supposed to be protected from the host)

​

• Provides a mechanism for remote attestation

01

Developer perspective - an enclave

​

• Static interface specification

​

• Source code + Intel SDK

​

• By default limited to computations

Host (Untrusted Environment)

SGX - short recap

Summary

​

• Provides important security features

​

• Does not allow to run arbitrary applications in the enclave

​

• May be treated as a building block for more generic solutions

02

Host (Untrusted Environment)

Graphene overview

Features

​

• A framework with LibOS, which simulates the OS for the app in the enclave

​

• Runs unmodified, full Linux apps protected from the host

​

• Makes use of Intel SGX�

01

Graphene architecture

Graphene overview

Graphene vs other approaches

​

• TCB vs attack surface �
• Flexibility - other host or guest OS can be supported by changing a single component

​

• Better suited to sandboxing�

02

Graphene architecture

Graphene overview

With Graphene, a developer doesn’t have to

​

• Rewrite the code to suit SGX needs

​

• Specify the static enclave interface

​

• Compile the enclave

​

​

03

Default SGX enclave building process

Graphene overview

With Graphene:

​

• An arbitrary, unmodified Linux binary can be run inside an enclave

​

​

04

Graphene overview

With Graphene:

​

• An arbitrary, unmodified Linux binary can be run inside an enclave

​

​

05

• The process still requires manual work to configure, deploy and run the application

​

​

The next step

Graphene-ng

The next step

Graphene-ng = Graphene

+ Protected files

�+ Docker support

​

+ Tools (scripts)

+ Bug fixes�

The next step

Graphene-ng = Graphene

+ Protected files

�+ Docker support

​

+ Tools (scripts)

+ Bug fixes�

Resulting in a better UX regarding interaction with the enclave for both, the developer and the end user.

​

Graphene-ng by example

PoC integration with Golem

Provider setup

SGX must be enabled on provider's machine��Protected Files configuration:

​

• Enclave manifest

​

• Running the docker image

02

Graphene-ng Docker configuration

Provider setup

Graphene-ng Docker for Brass Golem configuration

SGX must be enabled on provider's machine��Protected Files configuration:

​

• Enclave manifest

​

• Running the docker image

03

Initialization - setup and handshake

The process

​

• Semi-automatic

​

• Uses convenience scripts

01

Application POV

Requestor POV

Requestor looks for SGX nodes in a P2P network

​

01

Requestor POV

And connects to available nodes that offer the SGX architecture

​

02

Requestor POV

It can be envisioned as if the local machine had more compute resources available locally

​

03

And yes, it works

Benefits for Golem and the community�

• Confidential remote computation

​

• Using unmodified binaries

​

• SGX as an infrastructure in Golem�

​

01

Next steps

SGX:

​

• Liberation: IAS, FLC

​

• Mitigation of known attacks

​

• EPC size and efficiency�

​

01

Development:

​

• Stable and efficient Graphene-ng

​

• Proofs of computation

​

• Windows support�

​

02

Graphene-ng Use Cases

• Golem ecosystem

Local Verification

• Task is computed by an untrusted host

​

• And verified in an enclave run by the provider

01

Golem Unlimited

Golem Unlimited

​

• Infrastructure based on a LAN-like network setup

​

Two trusted actors:

​

• The hub - requestor role

​

• Provider nodes

​

01

Golem Unlimited - powerful component with SGX

• Each Unlimited provider exposes SGX backend

​

• Can be envisioned as a powerful component with SGX added to the Golem network

02

Golem Unlimited - storing identities

• Storing the identity information only inside enclaves

​

• Binds identities to physical machines in a passwordless manner

​

03

Use Cases - other Golem integrations

Integrations with Golem by external developers

01

Graphene-ng Use Cases

02. Wider audience

Decentralized server implementation

• Centralized infrastructure

01

Decentralized server implementation

• Decentralized architecture

​

• May be potentially used to facilitate secure multi-party computation

02

Atomic swap

Cross-blockchain atomic swap

​

01

Logic implemented inside Enclave

Distributed exchanges

Implemented by means of cross-blockchain atomic swap

02

Storing secrets

• Sealing private keys locally

​

• Hardware wallet primitive

​

• Sealing private keys remotely

​

​

01

Storing secrets

• Threshold signatures

​

• Identity stored in a decentralized way

​

02

Graphene-ng Use Cases

03. In existing projects

Minimal Viable Plasma

Minimal Viable Plasma with operator

01

Minimal Viable Plasma

Plasma chain operator can be implemented in an SGX enclave

02

Minimal Viable Plasma

Plasma chain operator can be implemented in an SGX enclave

​

And additionally decentralised

03

Hoard

Data streaming

Thank you

​

GOLEM.NETWORK

PIOTR JANIUK

contact@golem.network

​