Cloak TEE is based on EVM-for-CCF. It contains a sample application for the Confidential Consortium Framework(CCF), running at Ethereum Virtual Machine(EVM).
Cloak TEE is the core component in the Cloak Networks, and it runs the CCF framework to provide high-performance, fully-confidential distributed services, hosting a user-defined application and it also deals with Ethereum and Cloak transaction from users and synchronizes the results to Block chain. In this case the user-defined application is an interpreter for Ethereum bytecode, executing smart contracts entirely inside a TEE.
This service looks in many ways like a traditional Ethereum node, but has some fundamental differences:
- Consensus is deterministic rather than probabilistic. Since we trust the executing node, we do not need to re-execute on every node or wait for multiple block commits. There is a single transaction history, with no forks.
- There are no local nodes. Users do not run their own node, trusting it with key access and potentially private state. Instead all nodes run inside enclaves, maintaining privacy and guaranteeing execution integrity, regardless of where those enclaves are actually hosted.
- State is confidential, and that confidentiality is entirely controlled by smart contract logic. The app does not produce a public log of all transactions, and it does not reveal the resulting state to all users. The only access to state is by calling methods on smart contracts, where arbitrarily complex and dynamic restrictions can be applied.
This sample requires an developing environment of CCF's application. Installation of these requirements is described in CCF's documentation.
In order to quickly enter the CLoak-TEE compilation environment, we provide a docker images:
docker pull plytools/cloak-tee:latest
git clone --recurse-submodules https://github.com/OxHainan/cloak-tee.git
cd cloak-tee
mkdir build
cd build
# if you want to test case, you need add -DBUILD_TESTS=ON option
cmake .. -GNinja
ninja
To run the test case
cd build
ctest
User initialize a Cloak Service as described in the initialize Cloak Network on Blockchain, and deploy confidential smart contract to Block chain as described in the deploy cloak smart contract
The full documentation for Cloak can found on our Cloak documentation
The main purpose of this repository is to continue evolving Cloak TEE core. We want to make contributing to this project as easy and transparent as possible, and we are grateful to the community for contributing bug fixes and improvements. Read below to learn how you can take part in improving Cloak TEE.
Cloak TEE has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand what actions will and will not be tolerated.
Read our Call for Contributions to learn about our development process, how to propose bugfixed and improvements, and how to build and test your changes to Cloak.
You can learn more about our vision for Cloak Networks in the Roadmap.
If you find a bug or have some new idea, please submit it to issues. This is a great place to get started, gain experience, and get familiar with our contribution process.
The cloak-tee is made under the Apache 2.0, as found in the LICENSE file.
Cloak is an ongoing project. The security of our implementation has not been systematically reviewed yet! Do not use Cloak in a productive system or to process sensitive confidential data now. We will keep working on Cloak, making it cool and practical step-by-step.