lx3-g
commented
5 months ago Hello Isaac,
At the moment reads and writes to a disk are not supported by AWS nitro enclaves and GCP confidential compute. The reasons for that are the side channel and other attacks that this exposes the system to.
thegreatfatzby
Thinking about KV storage options, SSD in particular, and noticed this sentence around here:
Key Value server stores an in-memory data set, because of TEE limitations.Am I correct that the "TEE Limitation" here is that a read to disk, even if done through some provided API, would end up with sysinfo metrics leaving and that can ultimately cause bit leakage?