Introduction
A secure enclave is a protected system where data and code are isolated from other processes usually at a hardware level. Also known as Trusted Execution Environments (TEEs), they ensure confidentiality of data and integrity of computation running in them. This property is especially useful in decentralized networks where data and computation might be leaked or manipulated by untrusted hosts in whose machines the data is stored and processed.
Marlin Oyster brings the power of enclaves to Web 3. It allows services that would otherwise be centrally hosted (think relays, gateways, APIs) to be run in a decentralized network of untrusted nodes. Simultaneously, it allows these services to be managed purely through smart contracts removing the need for individuals, signatories of a multisig or a team of devops engineers to manage infrastructure.
For users
Users who wish to deploy enclaves can start with the quickstart and a tutorial:
🗃️ Quickstart - Users
2 items
🗃️ Deploy a Node.js server
4 items
For providers
Infrastructure providers who wish to support users in running their enclaves can start with the quickstart:
🗃️ Quickstart - Providers
3 items
Tutorials
Follow tutorials to get your hands dirty with Oyster:
🗃️ Deploy a Node.js server
4 items
🗃️ Perform privacy preserving addition
5 items
Topics
Learn more about the concepts and design decisions behind Oyster:
📄️ Remote attestation
Remote attestation is the process of generating and verifying attestations from the enclave. The goal is to verify the following:
📄️ Outgoing connections
Enclaves do not have a traditional IP-based networking stack. Instead, all communication needs to flow through a vsock interface. Oyster provides support for outgoing TCP connections using transparent proxies and iptables rules enabling end-user applications to remain unmodified.
📄️ Incoming connections
Enclaves do not have a traditional IP-based networking stack. Instead, all communication needs to flow through a vsock interface. Oyster provides support for incoming TCP connections using transparent proxies and iptables rules enabling end-user applications to remain unmodified.
Reference
Technical reference for various components that make up Oyster:
📄️ Proxies
Repository
📄️ Attestation server
Repository
📄️ Verifier
Repository
📄️ Keygen
Repository