The iExec platform provides a network where application provider, workers, and users can gather and work together. The fully decentralized nature of iExec implies that no single agent is trusted by default, and that those agents require incentives to contribute correctly.
In this context, Proof-of-Contribution (PoCo) is the protocol used by iExec for consensus over off-chain computing.
Blockchain-based applications and computing are not owned or controlled by one specific entity but rather powered by a distributed network of multiple machines or ‘nodes’. The distributed nature of decentralized cloud computing networks presents a challenge to guarantee security.
This is because any root privilege user may easily inspect the sensitive data and tamper with the application running on the decentralized host. It is different from the case of traditional centralized cloud computing providers, where it is easier to employ existing security mechanisms protect the involved application.
For decentralized blockchain-based clouds, a silicon-based security solution, called Trusted Execution Environment (TEE), is the only effective solution to protect users and applications involved. Intel® SGX is such an implementation of TEE.
Intel® SGX (Intel Software Guard Extensions), is a set of CPU instruction codes that enable the execution of select pieces code and data in protected areas called enclaves. Basically, while you have an application running on a host machine, SGX enclaves essentially act as a bubble, isolating and protecting the application from the host machine, in this way, even the root privilege administrator of the host machine is not able to penetrate this bubble to access and tamper with the application.
An introduction to Intel® SGX Enclaves — iExec Security R&D, Lei Zhang
“What makes Intel® SGX compelling is that it provides a hardware trusted execution environment (TEE), allowing better protections for data in-use, at-rest and in-transit, built-in CPU instructions and platform enhancements provide cryptographic assertions for the code that is permitted to access the data. If the code is altered or tampered, then access is denied and the environment disabled.” — Rick Echevarria, Vice president of Intel’s Software and Services Group.
iExec is a pioneer in building a blockchain-enabled decentralized and distributed cloud network. We have now provided the first-ever full and end-to-end solution integrating trusted execution. Some of iExec’s initial work with Intel®SGX can be read in this blog post and is covered in this video presentation.
iExec presented the first phase of work on Intel® SGX in March 2018 at IBM Think in Las Vegas and presented alongside Intel in May 2018 at Consensus in New York. This first phase focused on the protection of secrets built into decentralized applications.
The proof-of-concept presented alongside Intel showed that Intel® SGX enclaves could ensure that, although the applications were running on decentralized nodes, the sensitive data could not be inspected or altered with by malicious attackers on the network.
This first piece of work was a great success, however, the solution was complicated for app developers and users, especially for those who are not in the field of security.
iExec has since continued to make significant contributions, working diligently with partners, to push forward a powerful and user-friendly full end-to-end trusted execution solution. The solution is intended to be used as an industry reference to enhance the overall security of decentralized cloud computing.
This new Intel® SGX solution, combined with Blockchain, allows for an unmatched level of trust for Decentralized Applications (Dapps) and execution/data processing on decentralized nodes. The iExec approach specifically allows Blockchain to work with Intel® SGX in order to:
Easy usability is a key element of User Experience; with the new iExec E2E Trusted Execution , the user only needs 3 simple steps to run a trusted application execution and to provide a full protection of user’s input and output data.
Let’s think about a typical application, a FinTech application, for example. The application is fed by user input data which contains the user’s personal and sensitive details (such as bank account information, personal private information, etc). The output result of the application also contains some sensitive data and is only intended for the user who triggers the application.
The input data and the output results need to be strictly protected during the whole procedure. The non-encrypted and sensitive data will never leave user ‘local’ scope and will be protected withing high-secured trusted execution environment: the Intel® SXG hardware enclave. The following will give a general description of the 3 main steps of the iExec E2E Trusted Execution.
Step 1: The user only needs to run one simple command which will automatically:
Step 2: The user triggers the target application by just a few clicks from the iExec Dapp store and Marketplace via a user-friendly UI interface.
Once the target application is triggered at remote enclave, the application will automatically pull the encrypted user input data from the remote file system (i.e. pushed in step 1); retrieve the secret key via secure channel, which is then used to decrypt the user input data, the decryption is done only inside the high-secured trusted environment — the Intel® SGX enclave.
The application result is finally encrypted and then the iExec’s verification procedure (i.e. Proof of Contribution) is triggered. Everything happens securely inside the enclave and no secret is able to be revealed to the outside world.
The signature is finally transferred to on-chain network and verified by on-chain smart contract via the registered corresponding public key. If the signature verification passes and application result’s trust level achieves a given threshold. The user will be informed to download the encrypted result.
It may sound complicated, but for the user, all this can be done in just a few simple clicks!
Step 3: The user can download the encrypted result package, running just one simple command to decrypt the result. Please note that only the user who triggers the task is able to download the encrypted result, and only the user owns the key to decrypt the application result.
Please note that the procedure is platform independent, and therefore is compatible with different operating systems: Windows, Linux, Mac OS.
In the near future, we will further simplify the user’s procedure — all the three steps will be integrated into one simple step.
The iExec platform is open to different implementations of trusted execution environment. The current iExec E2E Trusted Execution solution is based on SCONE platform provided by Scontain UG.
We have been working hard these past months together with the Scone team to deliver a complete solution that can be used by any blockchain developer without prior knowledge in secure computing. iExec has also been collaborating with Fortanix to integrate their frameworks into iExec’s E2E Trusted Execution solution, and we are confident that we’ll be soon ready to support this solution as well.
We are also in the phase of evaluating Intel’s Private Data Object (PDO) framework. In the future, we will also consider the framework of Graphene-SGX/Graphene-ng that is proposed by Golem. All the mainstream TEE solutions will be 100% compatible with iExec’s platform, and we will leave iExec Dapp developers and users to freely choose their preferred TEE frameworks.
Our objective is to promote the emergence of an ecosystem which provides trusted execution for Blockchain based computing, and these trusted services can be monetized on the iExec Marketplace.
iExec are very active in the research field of Trusted Computing and is leading the industrial standardization in the context of Blockchain technology.
Specifically: