Feature: Implement Safeguards to Prevent Potential Data Exfiltration from Enclave in Cocos

[SammyOina]

Is your feature request related to a problem? Please describe.

There is a potential vulnerability with cocos, where algorithms with access to data within an enclave have the ability to extract and copy this data to result files. The concern is that this data exfiltration can be hidden or obfuscated, for example, by encrypting the file or corrupting the data, making it difficult to detect such behavior.

Describe the feature you are requesting, as well as the possible use case(s) for it.

To prevent or detect data breaches within the enclave, the following approaches were considered:

1. Result File Monitoring: Regularly monitor result files and compare them with the datasets to check for any matches, which would indicate potential data exfiltration.
2. Entropy Check: Analyze the entropy of the files and raise an alert if the file’s entropy indicates potential obfuscation or suspicious activity.
3. Algorithm Transparency: Make the algorithm public to consortium members to ensure no data breach is occurring. However, this approach is problematic if the algorithm is proprietary. Exploring these options further or considering alternative solutions to secure enclave data would help address this vulnerability.

Indicate the importance of this feature to you.

Must-have

Anything else?

Any other suggestions for detecting or preventing data exfiltration from the enclave would be appreciated.

[danko-miladinovic]

Maybe we can look into Verifiable Computing, to see if it can be implemented for SMPC. Link: https://www.microsoft.com/en-us/research/project/verifiable-computing/