Confidential Consortium Framework
Перейти к файлу
Eddy Ashton 0c9b34e0db
Support automatic port assignment (#1173)
2020-05-13 13:01:40 +01:00
.azure-pipelines-templates Add wrapper for cmake format (#1132) 2020-05-07 16:12:32 +01:00
.devcontainer Update devcontainer.json to use oe-0.9.0 container (#1130) 2020-05-02 19:57:35 +01:00
.github Remove automerge. (#1040) 2020-04-06 17:21:40 +01:00
3rdparty Upgrade hacl-star (#1155) 2020-05-07 13:54:58 +01:00
cmake Switching to CMAKE_CURRENT_SOURCE_DIR in pbft.cmake (#1131) 2020-05-05 14:18:46 +01:00
doc Handler documentation (#1172) 2020-05-12 15:29:46 +01:00
docker Use 0.9 release of OpenEnclave (#1103) 2020-04-27 16:02:25 +01:00
edl Get time in enclave from host memory, not OCall (#1100) 2020-04-27 15:11:18 +01:00
getting_started Manually install 1.33 driver (#1137) 2020-05-05 13:41:04 +01:00
samples Update fmtlib (#1148) 2020-05-06 14:03:17 +01:00
src Support automatic port assignment (#1173) 2020-05-13 13:01:40 +01:00
tests Support automatic port assignment (#1173) 2020-05-13 13:01:40 +01:00
.azure-pipelines-gh-pages.yml Update docs (#1145) 2020-05-06 13:01:24 +01:00
.azure-pipelines.yml Doc versioning (#1124) 2020-04-30 21:48:29 +01:00
.clang-format Remove boost dependency (#349) 2019-09-03 17:24:38 +01:00
.cmake-format.py Fix e2e label (#1047) 2020-04-07 13:59:49 +01:00
.codecov.yml Coverage badge is now green if coverage > 85% (#97) 2019-05-29 13:46:35 +01:00
.daily.yml Use 0.9 release of OpenEnclave (#1103) 2020-04-27 16:02:25 +01:00
.dockerignore Remove boost dependency (#349) 2019-09-03 17:24:38 +01:00
.gitattributes fix issue where ePBFT globals were added to both the host and the enclave (#391) 2019-09-24 10:06:58 +01:00
.gitignore Add wrapper for cmake format (#1132) 2020-05-07 16:12:32 +01:00
.gitmodules Remove submodule (#500) 2019-11-01 14:37:38 +00:00
.nodes.sh Add ccf-ci-perf-0 to nodes script (#993) 2020-03-25 12:17:02 +00:00
.pylintrc Run Pylint in CI (#1077) 2020-04-17 12:53:01 +01:00
CCF-TECHNICAL-REPORT.pdf TR and docs (#19) 2019-05-02 21:00:42 +01:00
CMakeLists.txt Fix initial term history during recovery (#1159) 2020-05-07 18:05:37 +01:00
Doxyfile Initial file import 2019-04-26 16:27:27 +01:00
LICENSE Initial file import 2019-04-26 16:27:27 +01:00
README.md Update README.md (#1133) 2020-05-04 14:16:20 +01:00
SECURITY.md Create SECURITY.md (#813) 2020-02-07 13:58:27 +00:00
THIRD_PARTY_NOTICES.txt Remove references to unused dependency (#7) 2019-04-30 14:25:15 +01:00
cgmanifest.json Upgrade hacl-star (#1155) 2020-05-07 13:54:58 +01:00
check-cmake-format.sh Add wrapper for cmake format (#1132) 2020-05-07 16:12:32 +01:00
check-cmake-version-vs-tag.sh Copy OE into install dir (#1125) 2020-04-30 18:53:52 +01:00
check-format.sh Rename files for consistency (#989) 2020-03-25 16:02:04 +00:00
check-todo.sh Notodo (#808) 2020-02-06 14:37:48 +00:00
livehtml.sh Update docs (#1145) 2020-05-06 13:01:24 +01:00
metrics.yml Update metrics.yml 2020-04-13 11:02:55 +01:00
notice-check.py find module for mbedtls (#571) 2019-11-20 11:18:15 +00:00
scan-build.sh Add scan-build script (#647) 2019-12-13 16:47:37 +00:00
start_test_network.sh Fix issue with governance (#902) 2020-03-02 11:32:02 +00:00
update_evercrypt.sh Upgrade evercrypt and switch to new official hacl-star checked-in extracted C (#654) 2019-12-20 08:37:31 +00:00

README.md

Link
Community Chat Gitter
Continuous Integration Build Status
Code coverage codecov
Documentation docs
Daily Build Build Status

The Confidential Consortium Framework

ccf

The Confidential Consortium Framework (CCF) is an open-source framework for building a new category of secure, highly available, and performant applications that focus on multi-party compute and data. While not limited just to blockchain applications, CCF can enable high-scale, confidential blockchain networks that meet key enterprise requirements — providing a means to accelerate production enterprise adoption of blockchain technology.

Leveraging the power of trusted execution environments (TEEs), decentralized systems concepts, and cryptography, CCF enables enterprise-ready computation or blockchain networks that deliver:

  • Throughput and latency approaching database speeds. Through its use of TEEs, the framework creates a network of remotely attestable enclaves. This gives a web of trust across the distributed system, allowing a user that verifies a single cryptographic quote from a CCF node to effectively verify the entire network. This simplifies consensus and thus improves transaction speed and latency — all without compromising security or assuming trust.

  • Richer, more flexible confidentiality models. Beyond safeguarding data access with encryption-in-use via TEEs, we use industry standards (TLS and remote attestation) to ensure secure node communication. Transactions can be processed in the clear or revealed only to authorized parties, without requiring complicated confidentiality schemes.

  • Network and service policy management through non-centralized governance. The framework provides a network and service configuration to express and manage consortium and multi-party policies. Governance actions, such as adding members to the governing consortium or initiating catastrophic recovery, can be managed and recorded through standard ledger transactions agreed upon via stakeholder voting.

  • Improved efficiency versus traditional blockchain networks. The framework improves on bottlenecks and energy consumption by eliminating computationally intensive consensus algorithms for data integrity, such as proof-of-work or proof-of-stake.

A consortium first approach

In a public blockchain network, anyone can transact on the network, actors on the network are pseudo-anonymous and untrusted, and anyone can add nodes to the network — with full access to the ledger and with the ability to participate in consensus. Similarly, other distributed data technologies (such as distributed databases) can have challenges in multi-party scenarios when it comes to deciding what party operates it and whether that party could choose or could be compelled to act maliciously.

In contrast, in a consortium or multi-party network backed by TEEs, such as CCF, consortium member identities and node identities are known and controlled. A trusted network of enclaves running on physical nodes is established without requiring the actors that control those nodes to trust one another — what code is run is controlled and correctness of its output can be guaranteed, simplifying the consensus methods and reducing duplicative validation of data.

Microsoft has taken this approach in developing CCF: using TEE technology, the enclave of each node in the network (where cryptographically protected data is processed) can decide whether it can trust the enclaves of other nodes based on mutual attestation exchange and mutual authentication, regardless of whether the parties involved trust each other or not. This enables a network of verifiable, remotely attestable enclaves on which to run a distributed ledger and execute confidential and secure transactions in highly performant and highly available fashion.

A flexible confidentiality layer for any multi-party computation application or blockchain ledger to build upon

CCF currently runs on Intel SGX-enabled platforms. Because CCF uses the Open Enclave SDK as the foundation for running in an enclave, as Open Enclave supports new TEE technologies, CCF will be able to run on new platforms. Networks can be run on-premises, in one or many cloud-hosted data centers, including Microsoft Azure, or in any hybrid configuration.

Ledger providers can use CCF to enable higher throughput and higher confidentiality guarantees for distributed ledger applications. CCF developers can write application logic (also known as smart contracts) and enforce application-level access control in several languages by configuring CCF to embed one of several language runtimes on top of its key-value store. Clients then communicate with a running CCF service using HTTP requests over TLS.

Learn more and get started

  • Read the CCF Technical Report for a more detailed description.
  • Browse the CCF Documentation.
  • Explore the CCF open-source GitHub repo, which also contains application examples and sample scripts for provisioning and setting up confidential computing VMs using Azure.
  • Learn more about Azure Confidential Computing offerings like Azure DC-series (which support Intel SGX TEE) and Open Enclave that CCF can run on.

Getting Started on Azure Confidential Computing

First, if you are checking out the CCF repository, run git clone:

git clone https://github.com/microsoft/CCF.git

Then, under CCF/getting_started/:

  • create_vm/ contains scripts to create an ACC VM (make_vm.sh). This script expects a valid Azure subscription name to be set, eg: export SUBSCRIPTION=sub_name.
  • setup_vm/ contains ansible playbooks that need to be run on the VM once created, for it to be able to build CCF. Running ./setup.sh will apply those playbooks to the VM.

Build and Test

cd CCF
mkdir build
cd build
cmake -GNinja ..
ninja

Run the tests.

cd build
./tests.sh

Third-party components

We rely on several open source third-party components, attributed under THIRD_PARTY_NOTICES.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.

All pull requests must pass a suite of CI tests before they will be merged. The test commands are defined in test.yml, so you can locally repeat any tests which fail. You should at least run the code format checking scripts defined in checks.yml before creating a pull request, ensuring all of your code is correctly formatted. The test commands will only report misformatted files - to reformat the files, pass -f to the check-format.sh ... command and remove --check from the black ... command.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.