Town Crier: An Authenticated Data Feed for Smart Contracts (opens in new tab)

(eprint.iacr.org)

25 pointsrandombit10y ago3 comments

3 comments

nl10y ago

It uses trusted hardware to authenticate and scrape data from HTTPS-enabled websites

It claims to do this using SGX. However, it uses a "Relay" - a non-SGX process - to pass network data into the SGX enclave.

To me that seems to make the claim of trustworthiness (in the "trustworthy computing" sense) questionable.

I'm not overly familiar with SGX and I've only scanned through this proposal, but I'd love someone more knowledgeable to expand my understanding.

It seems to me that the entire stack needs to be running in the SGX-enclave for it to gain the complete benefits?

Nevertheless, I think this is pretty interesting.

niketear10y ago

No it does not. You can verify the data has not been modified given the HTPS even if it has passed through arbitrary untrusted process in the middle. Think about the ISP being outside the SGX enclave and having the same ability as Relay.

tdaltonc10y ago

The interesting thing here wont be the tech, but the business model and regulatory framework.

j / k navigate · click thread line to collapse