Spike: run signed oracle binary

[mudler]

High level with TEE

• Create a reproducible build
• Add code to generate an attestation document at runtime for your chosen trusted execution environment (e.g. AMD SEV, Intel SGX, or AWS Nitro Enclaves)
• Build the application enclave and measure it.
• Run the enclave.

Now that we have known-good measurements, clients can attempt verification:

• The client fetches the enclave’s attestation document using a challenge-response mechanism.
• The client verifies the attestation document, comparing the software measurement of the running software with the known-good measurement obtained from the build. If they match, trust in the software is established.

Notes / Open questions

• Increased rewards for those that run signed binary (might be required to run in a VM >?)

References

• https://arxiv.org/abs/2402.08908
• https://optee.readthedocs.io/en/latest/building/trusted_applications.html
• Linux IMA / Trusted boot -> RA against TPM PCR banks (this needs basically a VM that we pre-ship a signed OS image with)
• https://www.cysec.com/fluid-os-project/

[mudler]

very interesting paper on the subject: https://arxiv.org/pdf/2402.08908

[mudler]

High level with TEE

• Create a reproducible build
• Add code to generate an attestation document at runtime for your chosen trusted execution environment (e.g. AMD SEV, Intel SGX, or AWS Nitro Enclaves)
• Build the application enclave and measure it.
• Run the enclave.

Now that we have known-good measurements, clients can attempt verification:

• The client fetches the enclave’s attestation document using a challenge-response mechanism.
• The client verifies the attestation document, comparing the software measurement of the running software with the known-good measurement obtained from the build. If they match, trust in the software is established.