Trustless Intel SGX Attestation


In order to participate in the Enigma network, a node must be registered with an Intel attestation. This allows a dApp user to be sure that his private data will be handled inside a TEE.

Can we therefore still say that the Enigma network is a trustless one ? We need to trust a third party (Intel) that the computation will indeed occure inside a TEE.

Or Am I missinterpreting what are those attestation ?


We’ve done quite a bit in the way of making this decentralized, removing the need of having nodes registered directly with Intel (which is a lengthy and cumbersome process), as well as reducing the interaction with Intel’s Attestation Service to a bootstrapping phase.

After the bootstrapping phase, every node in the Enigma network has its own uniquely generated attestation key that does not require any interaction with Intel.

From a security perspective, this feels sufficient to me. From an optics perspective, we would all love to remove even this one-time interaction with IAS - and Intel is well aware of that (and has plans to do it).


Is it theoretically possible to load the bootstrap from another trusted node in the network ? Like you have a genesis trusted node that load the other ones ?

(nice doggo :dog:)


Thanks :wink: .

There’s been some research work on it and it’s likely possible, but complicated. At this point given the implementation complexity and the associated risks we decided against it.

This is something that’s a high priority for Intel and us, so it’s definitely something to work on later in the roadmap.