Deploying Enclaves on Instances

Every Provider runs a Control Plane. The Control Plane is responsible for monitoring events emitting from the JobRegistry smart contract. Upon seeing a new Job corresponding to itself, the Control Place instantiates a new TEE-enabled node that fetches the enclave image from the url provided by the User when requesting an Instance. This url can be updated using a separate update transaction later.

An enclave image is a modified version of docker container which can run within an enclave. Enclaves and by extension the code that runs inside enclaves are run in sandboxed environments from where network access is disabled except for a vsock connection between the host machine and the enclave. To enable full network access to the applications running within an enclave, custom proxies are used to relay TCP traffic to the internet via host machine.

This enables the possibility of creating secure channels through which data can be shared between the enclave and the external world. As it is now possible to encrypt data end-to-end, the host machine can’t access the data that is passing through it on its way to and from the enclave. This enables the protocol to monitor nodes without the host being able to differentiate between application traffic or monitoring traffic, hence, providing better liveness guarantees for applications through auditing.