Confidential Consortium Framework
Перейти к файлу
Alex 0c5e707255
ePBFT should not sign every request (#604)
2019-12-03 20:58:50 +00:00
.azure-pipelines-templates Support for HTTP in the CI (#550) 2019-11-13 09:54:32 +00:00
.devcontainer Update devcontainer.json (#543) 2019-11-10 12:53:10 +00:00
.github Remove CircleCI and rename vsts to azure-pipelines (#301) 2019-08-12 11:10:05 +01:00
3rdparty First try at using flatbuffers (#579) 2019-11-26 09:20:36 +00:00
cmake Disable PBFT cimetrics (#607) 2019-12-03 11:13:24 +00:00
docker Switch to rc2 (#476) 2019-10-24 10:51:13 +01:00
getting_started First try at using flatbuffers (#579) 2019-11-26 09:20:36 +00:00
samples Disable PBFT cimetrics (#607) 2019-12-03 11:13:24 +00:00
sphinx Remove keygenerator C++ utility (#605) 2019-12-03 10:14:51 +00:00
src ePBFT should not sign every request (#604) 2019-12-03 20:58:50 +00:00
tests ePBFT should not sign every request (#604) 2019-12-03 20:58:50 +00:00
.azure-pipelines-gh-pages.yml Fix gh pages docs not updating (#496) 2019-10-31 16:53:00 +00:00
.azure-pipelines.yml Update to OpenEnclave v0.7.0 (#494) 2019-10-31 13:38:17 +00:00
.clang-format Remove boost dependency (#349) 2019-09-03 17:24:38 +01:00
.codecov.yml Coverage badge is now green if coverage > 85% (#97) 2019-05-29 13:46:35 +01:00
.dockerignore Remove boost dependency (#349) 2019-09-03 17:24:38 +01:00
.gitattributes fix issue where ePBFT globals were added to both the host and the enclave (#391) 2019-09-24 10:06:58 +01:00
.gitignore Update public documentation structure (#460) 2019-10-22 16:04:14 +01:00
.gitmodules Remove submodule (#500) 2019-11-01 14:37:38 +00:00
.lgtm.yml Try to make LGTM find more code (#232) 2019-07-08 13:47:09 +01:00
CCF-TECHNICAL-REPORT.pdf TR and docs (#19) 2019-05-02 21:00:42 +01:00
CMakeLists.txt PBFT view changes (#580) 2019-11-25 16:52:04 +00:00
Doxyfile Initial file import 2019-04-26 16:27:27 +01:00
LICENSE Initial file import 2019-04-26 16:27:27 +01:00
README.md Fix typo in README (#507) 2019-11-04 14:41:40 +00:00
THIRD_PARTY_NOTICES.txt Remove references to unused dependency (#7) 2019-04-30 14:25:15 +01:00
cgmanifest.json First try at using flatbuffers (#579) 2019-11-26 09:20:36 +00:00
check-format.sh Raft host/port rename (#279) 2019-08-06 12:38:19 -04:00
metrics.yml Support for cimetrics (#286) 2019-08-08 16:11:46 +01:00
notice-check.py find module for mbedtls (#571) 2019-11-20 11:18:15 +00:00
start_test_network.sh HTTP signed requests (client side) (#594) 2019-11-28 11:41:46 +00:00

README.md

Link
Community Chat Gitter
Continuous Integration Build Status
Code coverage codecov
Documentation docs

The Confidential Consortium Framework

The Confidential Consortium Framework (CCF) is an open-source framework for building a new category of secure, highly available, and performant applications that focus on multi-party compute and data. While not limited just to blockchain applications, CCF can enable high-scale, confidential blockchain networks that meet key enterprise requirements — providing a means to accelerate production enterprise adoption of blockchain technology.

Leveraging the power of trusted execution environments (TEEs), decentralized systems concepts, and cryptography, CCF enables enterprise-ready computation or blockchain networks that deliver:

  • Throughput and latency approaching database speeds. Through its use of TEEs, the framework creates a network of remotely attestable enclaves. This gives a web of trust across the distributed system, allowing a user that verifies a single cryptographic quote from a CCF node to effectively verify the entire network. This simplifies consensus and thus improves transaction speed and latency — all without compromising security or assuming trust.

  • Richer, more flexible confidentiality models. Beyond safeguarding data access with encryption-in-use via TEEs, we use industry standards (TLS and remote attestation) to ensure secure node communication. Transactions can be processed in the clear or revealed only to authorized parties, without requiring complicated confidentiality schemes.

  • Network and service policy management through non-centralized governance. The framework provides a network and service configuration to express and manage consortium and multi-party policies. Governance actions, such as adding members to the governing consortium or initiating catastrophic recovery, can be managed and recorded through standard ledger transactions agreed upon via stakeholder voting.

  • Improved efficiency versus traditional blockchain networks. The framework improves on bottlenecks and energy consumption by eliminating computationally intensive consensus algorithms for data integrity, such as proof-of-work or proof-of-stake.

A consortium first approach

In a public blockchain network, anyone can transact on the network, actors on the network are pseudo-anonymous and untrusted, and anyone can add nodes to the network — with full access to the ledger and with the ability to participate in consensus. Similarly, other distributed data technologies (such as distributed databases) can have challenges in multi-party scenarios when it comes to deciding what party operates it and whether that party could choose or could be compelled to act maliciously.

In contrast, in a consortium or multi-party network backed by TEEs, such as CCF, consortium member identities and node identities are known and controlled. A trusted network of enclaves running on physical nodes is established without requiring the actors that control those nodes to trust one another — what code is run is controlled and correctness of its output can be guaranteed, simplifying the consensus methods and reducing duplicative validation of data.

diagram

Microsoft has taken this approach in developing CCF: using TEE technology, the enclave of each node in the network (where cryptographically protected data is executed) can decide whether it can trust the enclaves of other nodes based on mutual attestation exchange and mutual authentication, regardless of whether the parties involved trust each other or not. This enables a network of verifiable, remotely attestable enclaves on which to run a distributed ledger and execute confidential and secure transactions in highly performant and highly available fashion.

A flexible confidentiality layer for any multi-party computation application or blockchain ledger to build upon

CCF currently runs on Intel SGX-enabled platforms. Because CCF uses the Open Enclave SDK as the foundation for running in an enclave, as Open Enclave supports new TEE technologies, CCF will be able to run on new platforms. Networks can be run on-premises, in one or many cloud-hosted data centers, including Microsoft Azure, or in any hybrid configuration.

Ledger providers can use CCF to enable higher throughput and higher confidentiality guarantees for distributed ledger applications. CCF developers can write application logic (also known as smart contracts) and enforce application-level access control in several languages by configuring CCF to embed one of several language runtimes on top of its key-value store. Clients then communicate with a running CCF service using JSON-RPC interfaces over TLS.

Learn more and get started

  • Read the CCF Technical Report for a more detailed description.
  • Browse the CCF Documentation.
  • Explore the CCF open-source GitHub repo, which also contains application examples and sample scripts for provisioning and setting up confidential computing VMs using Azure.
  • Learn more about Azure Confidential Computing offerings like Azure DC-series (which support Intel SGX TEE) and Open Enclave that CCF can run on.

Getting Started on Azure Confidential Computing

First, if you are checking out the CCF repository, run git clone:

git clone https://github.com/microsoft/CCF.git

Then, under CCF/getting_started/:

  • create_vm/ contains scripts to create an ACC VM (make_vm.sh). This script expects a valid Azure subscription name to be set, eg: export SUBSCRIPTION=sub_name.
  • setup_vm/ contains ansible playbooks that need to be run on the VM once created, for it to be able to build CCF. Running ./setup.sh will apply those playbooks to the VM.

Build and Test

cd CCF
mkdir build
cd build
cmake -GNinja ..
ninja

Run the tests.

cd build
./tests.sh

Third-party components

We rely on several open source third-party components, attributed under THIRD_PARTY_NOTICES.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.

All pull requests must pass a suite of CI tests before they will be merged. The test commands are defined in .azure-pipelines.yml and .azure-pipelines-no-sgx.yml, so you can locally repeat any tests which fail. You should at least run the code format checking scripts defined in .azure-pipelines-no-sgx.yml before creating a pull request, ensuring all of your code is correctly formatted. The test commands will only report misformatted files - to reformat the files, pass -f to the check-format.sh ... command and remove --check from the black ... command.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.