Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/oasisprotocol/cipher-paratime

Official Oasis Protocol Foundation's ParaTime.
https://github.com/oasisprotocol/cipher-paratime

blockchain chain confidential crypto enclave network oasis official paratime privacy rust sgx tee wasm

Last synced: 1 day ago
JSON representation

Official Oasis Protocol Foundation's ParaTime.

Host: GitHub
URL: https://github.com/oasisprotocol/cipher-paratime
Owner: oasisprotocol
License: apache-2.0
Created: 2021-05-27T13:02:56.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2024-10-24T09:35:15.000Z (22 days ago)
Last Synced: 2024-10-25T06:59:04.479Z (21 days ago)
Topics: blockchain, chain, confidential, crypto, enclave, network, oasis, official, paratime, privacy, rust, sgx, tee, wasm
Language: Rust
Homepage:
Size: 427 KB
Stars: 9
Watchers: 15
Forks: 2
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

# The Cipher ParaTime

[![CI lint status][github-ci-lint-badge]][github-ci-lint-link]
[![CI audit status][github-ci-audit-badge]][github-ci-audit-link]

[github-ci-lint-badge]: https://github.com/oasisprotocol/cipher-paratime/workflows/ci-lint/badge.svg
[github-ci-lint-link]: https://github.com/oasisprotocol/cipher-paratime/actions?query=workflow:ci-lint+branch:main
[github-ci-audit-badge]: https://github.com/oasisprotocol/cipher-paratime/workflows/ci-audit/badge.svg
[github-ci-audit-link]: https://github.com/oasisprotocol/cipher-paratime/actions?query=workflow:ci-audit+branch:main

This is the Cipher ParaTime, an official [Oasis Protocol Foundation]'s ParaTime
for the [Oasis Network] built using the [Oasis SDK].

[Oasis Protocol Foundation]: https://oasisprotocol.org/
[Oasis Network]: https://docs.oasis.dev/oasis-network-primer/
[Oasis SDK]: https://github.com/oasisprotocol/oasis-sdk

## Note

* **This ParaTime currently depends on an unreleased version of [Oasis SDK].**
* **The code has not yet been audited.**

## SGX and Non-SGX Variants of the Binary

The non-SGX variant is a regular ELF binary that can be used by Oasis nodes
without SGX support to operate as client nodes.

This allows (non-SGX) Oasis nodes to interact with the Cipher ParaTime (e.g.
perform non-confidential queries and validate transactions they send out) but
they cannot participate in the execution of Cipher ParaTime's transactions and
they cannot see its confidential state.

## Building

### Prerequisites

#### Rust

Ensure you have [Rust] and [rustup] installed on your system.
For more details, see [Oasis Core's Development Setup Prerequisites]
documentation, the Rust section.

The version of the Rust toolchain we use for the Cipher ParaTime is specified in
the [rust-toolchain] file.

The rustup-installed versions of `cargo`, `rustc` and other tools will
[automatically detect this file and use the appropriate version of the Rust
toolchain][rust-toolchain-precedence] when invoked from the Cipher ParaTime git
checkout directory.

To install the appropriate version of the Rust toolchain, make sure you are
in an Cipher ParaTime git checkout directory and run:

```
rustup show
```

This will automatically install the appropriate Rust toolchain (if not
present) and output something similar to:

```
...

active toolchain
----------------

nightly-2021-08-17-x86_64-unknown-linux-gnu (overridden by '/code/rust-toolchain')
rustc 1.56.0-nightly (0035d9dce 2021-08-16)
```

Then add the Fortanix SGX Rust target to this version of the Rust toolchain by
running:

```
rustup target add x86_64-fortanix-unknown-sgx
```

[Rust]: https://www.rust-lang.org/
[rustup]: https://rustup.rs/
[Oasis Core's Development Setup Prerequisites]:
https://docs.oasis.dev/oasis-core/development-setup/prerequisites
[rust-toolchain]: rust-toolchain
[rust-toolchain-precedence]:
https://github.com/rust-lang/rustup/blob/master/README.md#override-precedence

#### System Packages

Building Cipher ParaTime requires the following system packages:

- [GCC]
- [Clang] (for compiling the [wasm3-rs] crates)

_NOTE: On Ubuntu/Debian systems, compiling [wasm3-rs] crates when building the
SGX binary requires having the `gcc-multilib` package installed._

On Fedora 35+, you can install the above with:

```
sudo dnf install gcc clang
```

On Ubuntu 20.04+, you can install the above with:

```
sudo apt install gcc gcc-multilib clang
```

[GCC]: http://gcc.gnu.org/
[Clang]: https://clang.llvm.org/
[wasm3-rs]: https://github.com/wasm3/wasm3-rs

### Mock SGX Binary

Mock SGX allows a developer to run the Cipher ParaTime binary without
performing the attestation and requiring actual SGX hardware. While you can't
connect to a production Mainnet or Testnet with such a setup, it is useful for
testing Cipher locally and/or testing dApps that require
Cipher-specific features, for example in the CI environments.

To build the unsafe, mock SGX binary of the Cipher ParaTime for Localnet
checkout the appropriate version and run:

```shell
export OASIS_UNSAFE_SKIP_AVR_VERIFY=1 OASIS_UNSAFE_ALLOW_DEBUG_ENCLAVES=1
cargo build --release --features debug-mock-sgx
```

The resulting ELF binary is located at `target/release/cipher-paratime`.

_NOTE: The mock SGX binary is dynamically linked so it may not be portable
between machines with different versions of shared libraries._

### SGX Binary

To build the SGX binary of the Cipher ParaTime, checkout the appropriate version
and run:

```
cargo build --release --target x86_64-fortanix-unknown-sgx
cargo elf2sgxs --release
```

The resulting SGX binary is located at
`target/x86_64-fortanix-unknown-sgx/release/cipher-paratime.sgxs`.

_NOTE: The SGX binary is always statically linked so it doesn't exhibit the
portability issues the ELF binary has._