dkg-substrate icon indicating copy to clipboard operation
dkg-substrate copied to clipboard
verified publisher icon webb-tools

[SPEC] Add TEE/SGX support for the signing/keygen functionality

Open drewstone opened this issue 3 years ago • 2 comments

Overview

  • We want the keygen to run inside an enclave. The key should be stored in the enclave.
  • We want the signing to run inside an enclave. All sensitive operations happen inside the enclave.
  • We can send the public key generated outside of the enclave for signing set operations.
  • Using AWS / Fortanix libraries.

Research

  • All MPC companies use enclaves for key management / operations (Fireblocks, Lit Protocol, etc.)

Examples

Questions/Issues

drewstone avatar Oct 18 '22 14:10 drewstone

https://aws.amazon.com/blogs/security/confidential-computing-an-aws-perspective/

drewstone avatar Jul 31 '23 15:07 drewstone

@thomivy we should consider structuring this as a grant.

drewstone avatar Aug 14 '23 15:08 drewstone