I am going to create an SGX-based service you can access at
https://frame.sirrah.flashbots.net/… .but you can also acesss it at https://123.45.67.8.frame.sirrah.flashbots.net for any IP that you want…. or even overload it with /etc/hosts…
Actually despite the https this is a completely permissionless service.
🚨 Wtf??? Frames just uses ordinary TLS, no fancy .eth ens resolver or whatever
The idea is that this service can be provided by any TEE Kettle, because every TEE Kettle with the same mrenclave will be able to share the same TLS certificate.
We can even co-opt the Certificate Transparency system to strengthen the guarantee. Certificate providers publish all their open Certificate Transparency logs. So as long as long as we can show the remote attestation corresponding to every item in the Certificate Transparency log, we can provide an end-to-end affirmative guarantee that only a TEE Kettle can fulfill the Frame request.
A perfect application is a Frame that’s a “virtual hardware wallet.” It generates a private key (within some TEE), and lets you preview and authorize a transaction (through Frames) before signing a transaction.
Show me the code:
https://github.com/flashbots/gramine-andromeda-revm/blob/amiller-frame/src/main.rs
https://github.com/amiller/andromeda-sirrah-contracts/blob/amiller-frame/src/examples/FrameTest.sol
Certificate authorities opt in to Certificate Transparency. They publish logs of all their values. So even though we would remain in centralized control of the DNS record…. what we would be relying on is that the CA publishes every certificate that they’ve signed.
https://crt.sh/?q=flashbots.net
As long as we only generate Certificates / Certificate Requests from within TEE Kettles, then we can show that we have a remote attestation corresponding to every certificate signed by the CA.
Basically to create a certificate, we would: