Aujourd'hui, seuls les paresseux n'ont pas écrit sur la technologie blockchain, les crypto-monnaies et à quel point c'est cool. Mais cet article ne fera pas l'éloge de cette technologie, il se concentrera simplement sur ses lacunes et les moyens de les éliminer.

, , . -. , , - , . . .

, , , - . - (flight delay, ..). -, , , . , Town Crier DECO. - -, , .

, - 0.001 btc bitcoin- . , - , , : , - , , - ?

2 : - -, — , . , , , Oraclize, TLSNotary ( TLS ). Oraclize , , , : Town Crier DECO. , .

Town Crier

Town Crier (TC) IC3 (The Initiative for CryptoCurrencies and Contracts) 2016 CCS’16. TC: - , , TC , . TC TEE (Trusted Execution Environment) . TC Intel SGX.

Town Crier — TC Server.



TC Contract front end TC. C_U (- ) TC Server. TC Server Relay, ( ) . Enclave prog_encl, , , prog_encl - .

Intel SGX , API, ecall. Ecall . , , . , , ocall. Ocall . ocall .



Enclave secure channel -, TLS handshake . TLS (mbedTLS) HTTP- SGX. , Enclave root CA certificates ( ), . Request Handler datagram , Ethereum, . Ethereum, requested datagram, sk_TC Relay.

Relay Client Interface, TCP, Blockchain Interface. Client Interface . ecall timestamp, sk_TC att ( ), att Intel Attestation Service (IAS), timestamp time service. Blockchain Interface datagrams. Geth — Ethereum Relay RPC calls.

TEE, TC , 3 . 15 tx/sec, 20 65 tx/sec, , Bitcoin — 26 tx/sec.

DECO

DECO (Decentralized Oracles for TLS) CCS’20, , TLS . .

DECO c TLS , - , , , TLS. DECO prover (-), verifier () web-server ( ).

DECO , (prover) D (verifier), D TLS- S. , TLS TLS- , (provenance difficulty).

DECO K_Enc K_Mac. Q -, R , K_Mac, TLS . DECO , «» K_Mac (prover), . K_Mac prover verifier — K_p^Mac K_v^Mac. K_Mac K_p^Mac ⊕ K_v^Mac = K_Mac.

, .



, Chainlink, , Ethereum, Bitcoin Hyperledger, : . , Chainlink , , ( ). , . .

Chainlink PoC DECO , Mixicles. Forbes, , Chainlink DECO Cornell University.

, Town Crier:

1. Rogue smart-contact code injection on TEE nodes.
   
   : TEE -, , , , () - . private key, /.
   
   , . , .

   
   
   

2. Contract state ciphertext changes leak.
   
   : , -, contract state . , , contact state , - , - .
   
   .

   
   
   

3. Side-channel attacks.
   
   , . — Prime and Probe.
   
   
   
   :

   
   
   
   • t₀: .
   • t₁: , ( ). cache line keybit. , keybit = 0 X cache line 2. , X, , , .
   • t₂: , — , . . keybit, .
   
   
   

: Intel SGX side-channel attacks, , , Prime and Probe , .



, .

Spectre Foreshadow (L1TF), Prime and Probe. - . Spectre-v2, .

DECO, :

1. Prover Integrity: prover server server . server prover.
2. Verifier Integrity: verifier prover .
3. : verifier (, ).

DECO , . , verifier fresh nonce. , verifier (IP-). , verifier server . Proxy.

Town Crier , DECO . : , , .

: DECO , LAN 0.37 , 2PC-HMAC (0,13 ). DECO TLS, . IC3: LAN 10,50 . , Town Crier 0,6 , 20 , DECO. , TC .

: Intel SGX (side-channel attacks) -. DECO , , proxy . DECO .

: , Intel SGX DECO. TC .

: Town Crier , TEE. , Intel SGX Intel Core 6- . DECO , DECO TEE. DECO , hardware TC, DECO .

, , Town Crier DECO . DECO , , , , . TC DECO, , side-channel attack . , DECO 2020 , , . Town Crier 4 , .