Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/commerceblock/lockbox

Key share management in SGX secure enclaves.
https://github.com/commerceblock/lockbox

Last synced: 3 days ago
JSON representation

Key share management in SGX secure enclaves.

Host: GitHub
URL: https://github.com/commerceblock/lockbox
Owner: commerceblock
Created: 2020-10-14T10:15:38.000Z (about 4 years ago)
Default Branch: main
Last Pushed: 2024-08-13T21:58:35.000Z (3 months ago)
Last Synced: 2024-08-14T00:48:53.721Z (3 months ago)
Language: C
Size: 6.72 MB
Stars: 12
Watchers: 7
Forks: 3
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

Awesome-SGX-Open-Source - https://github.com/commerceblock/lockbox

README

# Lockbox

Key management and signing in SGX secure enclaves.

`/mercury`

Key management server for mercury layer

`/mainstay-signer`

Mainstay transaction signing server

`/mainstay-init`

Mainstay Shamir key generation

## Docker build

### Build docker image by executing:
```bash
docker build -t commerceblock/lockbox .
```

### Run image without SGX driver:
```bash
docker run --rm -it -p 8000:8000 commerceblock/lockbox bash
cd /root/lockbox/app
```

### Run image with SGX driver:
```bash
docker run --rm -it --device /dev/isgx -p 8000:8000 commerceblock/lockbox bash
cd /root/lockbox/app
```

### Launch lockbox server

From within container:
```
LD_LIBRARY_PATH=/opt/intel/sgx-aesm-service/aesm/ /opt/intel/sgx-aesm-service/aesm/aesm_service &
```
Then:
```
cd /root/lockbox/app/target/release
```
Then:
```
./server_exec
```

## Enable SGX

To enable SGX functionality on an Intel SGX capable device, clone the follow repository:
```
git clone https://github.com/intel/sgx-software-enable.git
```
Then build the application with:
```
make
```
and enable SGX with:
```
sudo ./sgx_enable
```
Then restart the device, and confirm the SGX status with:
```
sgx_enable --status
```

## Run using docker-compose

Install `docker-compose`.

```
sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose -v
```

Download the `docker-compose.yml` file in this repo.

In the directory of the file, enter:

`docker-compose up -d`

Once pulled from docker hub and run for the first time, the enclave pubkey is in the file `/data/pub/init_pub.dat`.

## Install SGX Driver for linux

Follow instructions on:

https://github.com/intel/linux-sgx-driver

# License

Released under the terms of the GNU General Public License. See for more information https://opensource.org/licenses/GPL-3.0