Super Protocol In Detail: Rationale Behind The Intel SGX

There are a number of Web3 projects aimed at cracking the problem of decentralized computation. The goal of creating a trustless network of distributed agents capable of providing a service better, or comparable in all the key aspects to what the current centralized cloud providers can offer is indeed non-trivial. There’s no right way to achieve it, at least not yet.

In this series, we take various aspects of the task and explain our thinking behind the solutions used to build Super Protocol.

At Super Protocol, we believe the future is going to be self-hosted (a less optimistic version of this thesis would be “the future is less centralized”). Web3 adoption and growth will be accompanied by an increasing number of home units used to store and process their owners’ private data. The excess of these resources could be provided as a service using a variety of protocols. Super Protocol connects computational resources to create a market of service providers.

A big centralized cloud infrastructure provider must and is capable of ensuring a high level of security and data protection, and still sometimes fails as data center breaches and leaks are common things in today’s news.

Providing data protection without direct access to the hardware is an immensely more complex task.

The most important question for us here: is how do we ensure data protection in all three of its states (at rest, in motion, and in use) in case it’s someone else’s computer?

Fortunately, modern technology allows us to approach it at both hardware and software layers. We’ve picked Intel SGX as a current market leader for a hardware part. It conveniently helps us solve the problem of physical access. Even if a malicious actor has direct access to the machine, and/or compromises its OS, Intel SGX provides a required level of protection (more details can be found in “Hardware Behind Confidential Computing: Intel SGX”).

All that while being a platform we can build on top of and a product that would exist in the market long enough to saturate it to the level when it becomes available for self-hosting units (since you have to consider such things in the long-term planning).

However, there’s no silver bullet and any technology has its limitations. Intel SGX has been constantly the focus of various groups trying to find and exploit its vulnerabilities (you can find a quite good overview and taxonomy here).

So far our R&D shows that there are no issues that would pose a direct threat to the Super Protocol. Keeping a list of potential threats is not enough, as we have to rate how big the threat is, whether are there any solutions, and what could be done to mitigate the damage — that’s one of the domains our R&D team is working on right now.

If you’re an Intel SGX vulnerabilities researcher, we’d be happy to share ideas and findings (we’re keeping a private list), please, contact us at: community@superprotocol.com