devcon 4 / applying trusted compute to ethereum
- YouTube
- IPFS
- Details
Applying Trusted Compute to Ethereum
Duration: 02:01:25
Speaker: Andreas Freund, Guy Zyskind, Joanna Rutkowska, John Whelan, Lei Zhang, Marley Gray, Nicolas Bacca, Noah Johnson, Sanjay Bakshi, Sebastian Gajek
Type: Talk
Expertise: Intermediate
Event: Devcon
Date: Invalid Date
Explore the role of trusted computation in blockchain and decentralized computing for improving scalability, privacy and security. The breakout will begin with a number of short perspectives on how trusted computation can and should integrate with Ethereum, before shifting to a conversation of what is needed from trusted computation going forward from perspective of decentralization. Participants are members of Enterprise Ethereum Alliance that are working on applying trusted computation to Ethereum broadly. A common implementation of trusted computation is a Trusted Execution Environment (TEE) which is a secure area of a main processor. Code and data loaded inside the secure area, commonly known as secure enclave, is protected with respect to integrity and confidentiality. Intel SGX, TrustZone, Keystone etc. are examples of such TEEs. 10 companies are committed to support this breakout session.
- Related
Devcon
Talk
22:32
Hardening Smart Contracts with Hardware Security
Trusted hardware is not your enemy – as threats against cryptocurrencies are evolving (from dumb malware sweeping private keys to smart attackers attacking the presentation layers of smart contracts), we’ll review during this presentation a short history of trusted hardware, how Open Source code can be designed today on modern trusted execution environments to provide a flexible and auditable environment to delegate the security critical parts of smart contracts, and the security compromises made when dealing with the opaque features of trusted hardware.
Devcon
Talk
25:28
Passkeys : the good, the bad, the ugly
Passkeys are the new hype for easy onboarding, but it's a quite old protocol that has been hijacked for crypto purposes. We'll dig through the standard history, the potentially misleading security expectations, and see how to reverse engineer an implementation to validate its soundness
Devcon
Talk
18:31
Ledger SGX enclave - (un)popularity assessment and the way forward
An overview of the new developer features available for Ledger Nano S Ethereum application, including the validation of an arbitrary smart contract call on screen and how to design a Dapplet on a Nano S to assist the security of Dapps.
Devcon
Breakout
1:39:10
Off-Chain Trusted Compute Overlay testnet for Blockchain Privacy, Scalability and Adaptability.
During Devcon 4 we introduced potential for Trusted Compute as an option for addressing scalability and privacy challenges faced by blockchains. Since then Enterprise Ethereum Alliance (EEA) has released version 1.0 of Off-chain Trusted Compute specification. As part of the workshop we will introduce an Enterprise Ethereum network connected to EEA compliant Trusted Computing pool; both hosted on Azure cloud. In addition we will demonstrate one sample real-world usage scenario and give examples of more. During the workshop developers will be provided scripts to recreate the setup on their local laptops and guidance on how to create private test setups on Azure cloud. Developers will walk away with background on leveraging Trusted Compute in context of their decentralized applications for addressing privacy, scalability and/or adaptability.
Devcon
Talk
30:15
The Promise of Trusted Compute for Ethereum Scalability, Decentralization and Privacy
The Ethereum community has well known reservations about Trusted Compute and support those concerns. As Ethereum is becoming the dominant chain, scalability, decentralization and privacy will be the most important challenges. With the emergence of technologies such as PoS, Plasma and increasing use of staking and voting as design tenets, we believe Trusted Compute designed and deployed with decentralization as the objective can play a significant supporting role in not only preserving but also extending and democratizing the promise of decentralization. The presentation and related demonstrations are designed to engage with and trigger conversations within the Ethereum community on the relevance of Trusted Compute.
Devcon
Talk
23:35
Solutions towards trusted and private computations - built by Golem for the wider ecosystem
Intel SGX is a technology first developed by Intel for the protection of code and data. This an extremely promising technology that will contribute to the development of the blockchain space and is focusing efforts on solutions and further development.Our hard work has allowed us to be positioned as the most advanced team in this field. We are building this solution and open-sourcing it because we believe that our user-friendly product will enable many projects facing challenges like the ones we have faced apply this solution and push other development aspects of their projects. This talk will cover what we have accomplished so far and what are the next steps related to Intel SGX technology development. We will explain how we have achieved total security and privacy for requestors (people requesting computing power via the Golem p2p marketplace). They can be certain that the data they share is not accessible for the providers and they can be certain that the results are not manipulated. We'll also show how that integrates with our Concent service.Most importantly we will talk about other new possibilities that this technology enables for decentralized computations, explaining how to run arbitrary binaries inside SGX.
Devcon
Talk
17:48
Ethereum Security
Martin Swende gives their talk on Ethereum Security.
Devcon
Talk
19:41
Evolution of Smart Contract Security in the Ethereum Ecosystem
A lot has changed in the smart contract development ecosystem in the year since DEVCON2. Our perspective as leaders of the smart contract security community OpenZeppelin shows us that the industry is maturing. We give a brief overview of how security patterns and practices have evolved in the past months, dive into some details of recent developments, and talk about promising projects and their plans for the future.
Devcon
Talk
21:00
The Melon security approach
Melonport is striving to build a vibrant and successful developer ecosystem of Melon module builders. An important part of that ecosystem is the security and behaviour of smart contracts that make up Melon modules as well as how they interact with the Melon core and each other. In this presentation, we’ll demonstrate our ongoing technical efforts to assist Melon module developers in creating safe, secure smart contracts and touch on the importance of getting the auditing process right and how others can learn from our experience.
Devcon
Breakout
24:32
Vulnerability Coordination and Incident Response in a Decentralized World
There’s one question that every team of core blockchain developers has discussed at least once: what are we going to do when a critical vulnerability in our software is surfaced? By definition, everything we create is likely to include a vulnerability or code flaw and the difficult legal, ethical, and business issues arise when bugs show up in code. While decentralization does not require us to reinvent the first principles security, it does force us to challenge ourselves to manage significant complexity to reduce harm to those who depend on our code. This talk will discuss the CosmosCERT as a model for how teams can successfully coordinate vulnerabilities and respond to incidents in decentralized environments using on-chain governance mechanisms in a way that ensures stakeholders have a dedicated emergency response capabilities ready to go when the worst happens.