On Nov. 1, 2018, iExec, a decentralized marketplace for computing power based in Lyon, France, released its end-to-end trusted execution environment. The developers of iExec describe the technology as “the first Intel SGX scalable solution for businesses to achieve privacy and security in blockchain-based computing.”
What is Intel SGX?
Intel SGX, or Software Guard Extensions, is a popular architecture extension, introduced in 2015. It was designed to increase the security of application code and its data. As described on Intel’s website, Intel SGX makes protection possible through the use of “enclaves”, which are isolated regions of memory built into the CPU. These regions protect data from processes running at any privileged level, including the operating system.
According to the iExec Medium blog, enclaves are paradigm-shifting tools in the world of cloud computing. “Thanks to the security they offer, anyone is able to run applications on any computer without the fear of disclosing sensitive data to a third party.”
Enclaves act as “a bubble or a safe,” protecting and isolating an application from a host machine. “Even the root privilege administrator of the host machine is not able to penetrate this bubble to access and tamper with the application,” explains the iExec press release.
Clouds for developers
In May 2018, iExec released its marketplace for trading cloud computing power “as a commodity.” According to iExec, one of the most important technologies to make this decentralized cloud infrastructure successful – aside from blockchain – is a trusted execution environment (TEE), like Intel SGX.
The decentralized nature of the iExec cloud computing network aims to guarantee security. Root privilege users will never be able to inspect sensitive data or tamper with the application running on the decentralized host.
iExec has been working on its solution utilizing Intel SGX, in partnership with Scontain UG, a software development company based in Dresden, Germany.
In iExec’s official press release, the new solution is presented as “the first-ever complete toolkit including Software Development Kit (SDK) and technical documentation, for businesses to easily employ Intel SGX enclaves to ensure the end-to-end protection of any blockchain product.”
The company emphasizes, that “end-to-end” privacy is ensured, meaning that although Decentralized Applications (DApps) are processed on decentralized nodes, they can never be inspected by someone apart from the end user. iExec showcased this new solution at the Devcon4 conference, one of the biggest gatherings for Ethereum blockchain developers and researchers.
An on-demand marketplace for cloud resources
The company says, the iExec marketplace allows application developers to access affordable, secure, and scalable computing power on-demand. Each transaction between buyers and sellers is audited and certified by the Proof-of-Contribution algorithm, which verifies every off-chain computation executed.
Today, iExec is working towards the “iExec V3”, where the marketplace will evolve beyond the trading of cloud power to integrate the trading of datasets as well. According to the company, iExec offers developers toolkits for building decentralized applications that will run on a decentralized network of nodes with a high level of security and scalability.