hyperledger / fabric-private-chaincode

FPC enables Confidential Chaincode Execution for Hyperledger Fabric using Intel SGX.
Apache License 2.0
161 stars 91 forks source link

Guide for writing secure chaincode #267

Open g2flyer opened 4 years ago

g2flyer commented 4 years ago

challenges

see HLGF slides (where we announced this guide :-) for more challenges/issues

cliveb commented 4 years ago

[maybe off topic] Realms in es/js at tc39 (frozen realms from SES secure ecmascript) has implemented an object graph with wet/dry as observable/private membranes to stop key leakage. A great deal of research already, this PR gives succinct insight into implementation details underway. https://github.com/salesforce/observable-membrane/pull/48

jrlinton commented 4 years ago

Possibly add a pointer to/summary of guidelines for writing side-channel-resistant code, for most sensitive use cases

mbrandenburger commented 4 years ago

Found this article