eliza icon indicating copy to clipboard operation
eliza copied to clipboard
verified publisher icon elizaOS

feat: RP for plugin-tee-verifiable-log

Open gene-zhan opened this issue 1 year ago • 7 comments

Relates to:

  1. Run verifiable Eliza in the TEE.
  2. Verifiable log for Eliza in the TEE

Add a verifiable log plugin to enable Eliza to sign verifiable logs and provide an interactive query interface. So external parties can query the verifiable logs and verify Eliza's execution process through signature validation.

Risks

Low

Background

What does this PR do?

Eliza running in a TEE (Trusted Execution Environment) is verifiable, ensuring that the AI agent operates strictly according to the code.

However, further development is needed for external parties to verify what Eliza specifically did: external parties should be able to access Eliza's operation logs, and Eliza must use a key pair derived from the TEE to sign these logs. This enables the logs to be verified as authentically originating from Eliza within the TEE.

img

For example, in the case of an Eliza AI agent running a Twitter client, it could be verified which tweets were posted by Eliza and which were directly posted by a human manually operating the Twitter account.

Future: Based on this plugin, other clients and plugins can generate verifiable logs that need to be authenticated externally. We can further develop a verifiable terminal for TEE Eliza to display signed, verifiable logs in real-time.

What kind of change is this?

  • Feature
  • TEE plugin
  • Verifiable feature

Documentation changes needed?

Yes, we will add documentation for using this plugin, including the guide on how other plugins can import it and generate verifiable logs.

Testing

Where should a reviewer start?

  1. Understand the existing plugin-tee

    1. We rely on Eliza's existing plugin-tee and use its key derivation interface.

  2. Understand what plugin-tee-verifiable-log does

    1. Derive a key pair for verifiable logs: It uses the TEE to derive a key pair specifically for signing verifiable logs.
    2. Remote attestation: The public key of verifiable logs is embedded in the remote attestation report, making it accessible for external verification.
    3. Sign logs: This plugin accepts logs passed in from external modules (e.g., tweets sent and received by a Twitter client, or executed actions), signs them with the TEE-derived key pair, and stores them in the database.
    4. Verification: External entities can use the remotely attested public key to verify these logs, ensuring that certain actions were indeed performed by TEE Eliza.

  3. What is not included in this PR

    1. Adding RPC interfaces for the direct client: For example, support for remote attestation and querying the public key for verifiable logs. This feature will be submitted in a separate PR that depends on plugin-tee-verifiable-log and modifies the direct client.
    2. Support for plugin-tee-verifiable-log in existing clients: Enhancements for existing clients to generate verifiable logs that need external validation. For instance, modifying the Twitter client to depend on plugin-tee-verifiable-log and produce logs that are worthy of external verification.

Detailed testing steps

It have completed the integration tests and can run the pnpm test file in the test directory.

gene-zhan avatar Dec 22 '24 09:12 gene-zhan

@odilitime @shakkernerd Could you please help resolve the code conflicts? I’ve already submitted the code several times, but I noticed that the conflicts and the file changes display different content, and I’m not sure how to handle it.

gene-zhan avatar Dec 24 '24 03:12 gene-zhan

Hi @gene-zhan alright, I will look into it.

shakkernerd avatar Dec 24 '24 06:12 shakkernerd

@shakkernerd Thank you. By the way, is there anything else I need to update or adjust in this pull request to get it merged?

gene-zhan avatar Dec 25 '24 02:12 gene-zhan

@shakkernerd @odilitime @martincik Are there any other codes that need improvement to help move this PR towards merging?

gene-zhan avatar Jan 02 '25 07:01 gene-zhan

@gene-zhan is this an updates PR from the previous one I approved?

HashWarlock avatar Jan 05 '25 20:01 HashWarlock

@gene-zhan lemme know when you can update these conflicts. I cannot make the edits to your branch. Once they are done then I will merge your changes in

HashWarlock avatar Jan 07 '25 17:01 HashWarlock

Hi @gene-zhan, I've resolved the conflicts with develop branch in my fork: Branch: fix/resolve-conflicts

Changes made:

  • Resolved conflicts in .env.example
  • Resolved conflicts in agent/package.json
  • Resolved conflicts in agent/src/index.ts
  • Resolved conflicts in packages/client-direct/src/index.ts

Please review and let me know if any changes are needed.

yueliao11 avatar Jan 09 '25 12:01 yueliao11