Hardware Behind Confidential Computing: Intel SGX
This is the fourth installment of our Super Protocol in-depth but simple series. A previous article explained in plain words how the Trusted Execution Environment (TEE) works and the ways Web3 could benefit from utilizing the technology.
This time we’ll talk about the hardware part and the innovative technology that made TEE possible — Intel Software Guard Extensions (SGX for short, though the original paper’s “Innovative Instructions and Software Model for Isolated Execution” feels more descriptive).
In the world of information technology, everything is data, not just the typical “account A holds X funds”, but the applications’ code, how they work, how exactly they work, manipulate the aforementioned information, and how they store and exchange it. This implies that even if the manipulated data is encrypted, an attacker could potentially tamper with it by altering the program code or the address the data is sent to or corrupting some parts of it. So the best way of protection is making inaccessible (invisible) not only the data being processed but all the system’s moving parts.
TEE achieves this by using enclaves — restricted spaces in the processor only authorized applications can access. Dive in, if you’re not satisfied with this explanation still wanting to know how exactly these enclaves function, are they really that secure, and if it is possible to create a decentralized network of TEE providers.
Most of what you read on the Web3 tech security would be concerned with network-wide protection since it is believed that the only way to harm a malicious actor is by seizing control of the network or its key elements and tempering with the chain.
Unfortunately, the history of recent hacks and leaks proves that in some cases, even one compromised node (or not even a node, but a DNS provider) is more than enough to steal users’ money or private information. So what kind of future tech is that if we cannot protect the people who are adopting and using it?
With this out of the way, let’s consider what the hacker could do. Access the application (smart contract) code and somehow temper with it during execution, change destination addresses for the transaction or the date, gather intel, and use it in some deliberate social hack (trivial extortion is also an option). How can they do it? By compromising a machine remotely or by gaining direct access to it. Indeed, big hacks that would take down the whole network would require accessing more than 50% of said machines, but why do we so easily discard an attacker who’s just seeking specific information or wants to rid some poor folks of their hard-earned tokens?
Now we’ve got to the point where it’s apparent that even a single computer must not be compromised if we are willing to provide top-level SLA security for the end user. Would using the antivirus, following basic cyber security rules, and hoping that the protection mechanisms on the network level will do the rest be enough? Sadly, no. The best protection would be eliminating any potential point of failure.
That’s where the Intel SGX tech comes in. It’s been designed with all the points mentioned above in mind. The researchers’ question was: “how can we ensure that the attacker will be unable to harm, even if they gain physical access to the machine?”
Intel SGX technology removes potential attack angles on the hardware level. On a basic level, it is a set of low-level instructions that enable selected parts of the processor to operate differently from the rest of the system. This behaviour is also regulated by a programming model developed by the Intel SGX creators and allows other app developers to manipulate it on a granular level.
How is this more secure? First, other applications (even with higher privileges or the operating system itself) cannot see what’s happening inside the enclave. Second, to gain access, an app must undergo the attestation process and comply with regular security checks. Attestation proves to a user that they are communicating with a specific piece of software running in a secure container hosted by the trusted hardware provider.
Essential question: can the attestation be done remotely in a secure way? Yes! This means we can double down on security by combining the TEE from a trusted provider with the next levels of network security and consensus layer.
Being able to connect trusted TEE providers and verify everything that happens is an important part of how Super Protocol works and why it was created in the first place.
We’re aiming for protection not just for the network as a whole but for each and every of its participants.
Stay tuned for more awesome updates, and make sure to check out Super Protocol testnet!