Here are some blog posts that were published lately which may be of interest, if you missed them:
We announced a developer preview of our SGX JVM work (codenamed Oblivium). For various reasons you need to register to obtain a trial version of the artifacts, and then you can write JVM apps that run inside
SGX enclaves and which can be remotely attested over the internet. There’s documentation, Gradle plugins to make it all easy, build reproducibility to support auditing of enclave code, and much more fun stuff too.
There’s a lot more work involved to start being able to use SGX in Corda. We need to complete the basic feature set, especially around building encrypted connections into RA’d enclaves. Then we need to connect
it to the flow framework so there’s a high level API for sending objects to/from enclaves based on their code hash or signer identities. Then we can start implementing useful features:
- Semi-validating notaries, that accept a signature by an enclave as evidence of validity. Can stop so-called “denial of state” attacks without requiring
a fully validating notary, with the privacy and scaling consequences that implies.
- Ability to convince other nodes of the validity of a transaction if you can’t or won’t send them the tx chain for validation. This is less secure than
the planned final integration, we call it the “lose integrity” model vs the more desirable “lose privacy” model (i.e. what you lose if SGX/the enclave breaks). But it may be useful in some situations, like when data can’t cross borders even encrypted, due
to badly written laws.
- Ability to outsource verification logic to peer nodes, which can be useful if you don’t upgrade your node quickly enough and fall behind a data model
minPlatformVersion bump and thus would lose the ability to understand transactions.
- Ability to implement many business use cases on top of Corda/SGX, like BNO billing based on transaction contents without losing transaction privacy.
- And of course, full ledger encryption.
But it’s a big milestone!
Advanced app interop: how to write generic RPC clients that can work with data from unknown apps, and how apps can interact with each other in generic ways on the ledger. Covers:
- How to set interop standards using JVM interfaces
- How the RPC stack can synthesise classes on the fly when the apps that originally defined the classes are missing.
- How calculated properties work in serialization
- How these features interact to provide various kinds of interop
How to migrate to Spring Boot (or other web servers) away from our custom ‘legacy’ web server. Eric has written a great explanation of why we’d like everyone to do this, along with tutorials on how to do it.
There’s a lot of other good stuff too, including many posts written by users and developers: