search

comrade-coop / apocryph

A decentralized compute marketplace for running pods securely and confidentially
https://apocryph.network/
GNU General Public License v3.0
38 stars 7 forks source link

Spike: Remote verification of application #35

Open branimirangelov opened 1 month ago

branimirangelov commented 1 month ago

Within the current PoC, the remote attestation capability enables remote users (applications) to verify Apocryph Node provider on Base Protocol Level. The purpose of this spike is to investigate the options for remote users (applications) to perform a remote verification of a specficic application running in a verified cluster.

The spike investigates an implementation approach in which the Base Protocol and provides code signature information about a running application (pod). The code signature information for the application can be based on using exisiting sigstore infrastructure that can be enforced during pod deployment based on policy and then relayed to the remote users at request. This relaying process should be closely linked with Ingress Controller. The remote users (applications) should receive the code signature information paired with ingress endpoint / path that corresponds to the application (pod) - essentially relying on the Base Protocol's Ingress (attested) to connect the remote users (applications) with the application. 

┌───────────────┐                        ┌─────────────────────────────┐                              
│               │     (1)Attest          │                             │                              
│               ┼────────────────────────►     ┌─────────────────┐     │             ┌───────────────┐
│               │                        │     │                 │     │             │               │
│               │   app.apocryph.cloud   │     │                 │     │             │               │
│               ◄────────────────────────┼─────┼                ─┼─────┼─────────────┼►              │
│               │  (3)Code Signature     │     │     Ingress     │     │(2)Obain sig.│      Pod      │
│  Remote User  │                        │     │    Contoller    │     │    for pod  │    Service    │
│               │   app.apocryph.cloud   │     │                 │     │             │               │
│               ┼────────────────────────┼─────►                ─┼─────┼─────────────┼►              │
│               │(4)Access Application   │     │                 │     │ (5)Forward  │               │
│               │                        │     └─────────────────┘     │             └───────────────┘
│               │                        │        Base Protocol        │                Application   
└───────────────┘                        └─────────────────────────────┘

Important constraints:

  1. Remote users are not necessarily the end user that has deployed the application (essentially enabling the autonomous application narrative)
  2. Don't re-write / port the sigstore infrastructure, but just integrate it for the purpose of the spike.

References:

  1. Constellation Microservices: https://docs.edgeless.systems/constellation/architecture/microservices
  2. Constellation Attestation: https://docs.edgeless.systems/constellation/architecture/attestation
  3. Sigstore policies: https://docs.sigstore.dev/policy-controller/sample-policies/
  4. Sigstore Verification: https://docs.sigstore.dev/verifying/verify/

Note: This spike is part of the Autoscaler autonomous application effort.