hyperledger sawtooth lake -- Intel only or not?

893 views Asked by At

I understand that hyperledger sawtooth lake uses new secure CPU instructions to achieve Proof of elapsed time (PoET)

Does this mean that hyperledger sawtooth lake can only be used with Intel hardware? Can other chips be used?

3

There are 3 answers

0
Dan Anderson On BEST ANSWER

There's some misstatements I need to correct here:

  • Hyperledger Sawtooth has "pluggable consensus" allowing multiple consensus algorithms, including PoET. See https://sawtooth.hyperledger.org/docs/core/releases/latest/introduction.html?highlight=poet%20simulator#pluggable-consensus-algorithms
  • The PoET Simulator is for non-Intel or non-SGX-hardware, including cloud environments.
  • The PoET Simulator is secure, it is for production use. This is due to multiple layers of security and sanity checks.
  • Edit: recently added to Sawtooth is the RAFT consensus algorithm. Consensus algorithm that elects a leader for a term of arbitrary time. Leader replaced if it times-out. Raft is faster than PoET, but is not Byzantine Fault Tolerant, BFT, (Raft is only Crash Fault Tolerant, CFT). Also Raft does not fork.
4
Haim Cohen On

Quoting the introduction section in the specification:

The initial reference implementation of PoET released to Hyperledger was written for an abstract TEE to keep it flexible to any TEE implementation. This specification defines a concrete implementation for SGX.

That means that the theoretical idea of PoET is not limited to a specific implementation, however, the concrete implementation is based on SGX (Software Guard Extensions) which is, as far as I know, the only available TEE (Trusted Execution Environment) that supports it.

Intel SGX is a technology for application developers to protect selected code and data from disclosure or modification, and enables the software to attest for the authenticity of the running code. (More on SGX can be found here).

SGX instructions are available on 6th generation (Skylake) Intel Core processor (or later) and also requires BIOS support.

0
Dan On

Short answer: No. Sawtooth is not Intel-only.

Hyperledger Sawtooth is a hardware neutral blockchain stack. It contains an optional SGX feature to harden consensus.

As of v0.8x Sawtooth contains 3 consensus options:

  1. DevMode - used for development and testing
  2. PoET (Simulated Enclave) - Provides limited Byzantine Fault Tolerance
  3. PoET (SGX Enclave) - Enforces Byzantine Fault Tolerance using Intel SGX.

As Haim points out the PoET spec is written to be flexible to other or future Trusted Execution Environments.

Updated docs link: https://sawtooth.hyperledger.org/docs/core/releases/latest/