diff --git a/src/content/blog/announcements/introducing-fleek-edge-sgx/index.md b/src/content/blog/announcements/introducing-fleek-edge-sgx/index.md index d22a13d3..364fea46 100644 --- a/src/content/blog/announcements/introducing-fleek-edge-sgx/index.md +++ b/src/content/blog/announcements/introducing-fleek-edge-sgx/index.md @@ -6,47 +6,45 @@ thumbnail: ./sgxservicefleek.png image: ./sgxservicefleek.png --- -# Seamlessly add permissionless, performant, and hassle free Intel SGX capabilities into any protocol, app, or use case +# Seamlessly add permissionless, performant, and hassle-free Intel SGX capabilities into any protocol, app, or use case -We are excited to debut Fleek’s Edge SGX Service powered by Fleek Network. It’s an easy-to-use and highly performant private and verified compute solution built for developers who are looking to add SGX capabilities to their projects without worrying about hardware or devops or any of the other complexities typically associated with SGX and TEE (trusted execution environment) development. +We are excited to debut Fleek’s Edge SGX Service powered by Fleek Network. It’s an **easy-to-use and highly performant private and verified compute solution built for developers who are looking to add SGX capabilities to their** projects without worrying about hardware or devops or any of the other complexities typically associated with SGX and TEE (trusted execution environment) development. -Today we released the V0 Alpha Preview of the Edge SGX service. The goal of the alpha preview is to allow developers to start testing and building with the Edge SGX service over the next few weeks while we work on some finishing touches and improve the DevEx based on early feedback. We highly recommend not using V0 in production environments. The V0 alpha supports WASM in the execution environment, with future support for additional languages on the way. +Today we released the [V0 Alpha Preview](https://blog.fleek.network/post/fleek-network-intel-sgx-integration/) of the Edge SGX service. The goal of the alpha preview is to allow developers to start testing and building with the Edge SGX service over the next few weeks while we work on some finishing touches and improve the DevEx based on early feedback. We highly recommend not using V0 in production environments. The V0 alpha supports WASM in the execution environment, with future support for additional languages on the way. -For more technical details on the SGX integration, you can check out the Fleek Network SGX integration announcement post. +For more technical details on the SGX integration, you can check out the Fleek Network SGX integration [announcement post](https://blog.fleek.network/post/fleek-network-intel-sgx-integration/). Now let’s jump in. -Key benefits and advantages of Fleek’s Edge SGX service - -Recently there has been a lot of renewed excitement around using SGX and TEE’s, especially within the web3 space, as a much more cost-effective alternative for private and/or verified compute needs. One of the main reasons driving this is cost, because alternatives like ZK (zero knowledge) compute can be prohibitively expensive for the vast majority of use cases. +--- -However, for those developers interested in adding SGX or TEE capabilities to their projects, the current options are very time, cost and resource-intensive, require specialized skills, and offer very unfriendly devex. Fleek’s Edge SGX service now offers an alternative option that we believe can be a better, faster, and cheaper way for most developers to add SGX capabilities to their protocols, apps, and use cases. +## Key benefits and advantages of Fleek’s Edge SGX service -Below are a few of the unique benefits and advantages of Fleek’s Edge SGX service: +Recently there has been a lot of renewed excitement around using SGX and TEE’s, especially within the web3 space, as a much more **cost-effective alternative for private and/or verified compute needs**. One of the main reasons driving this is cost, because alternatives like ZK (zero knowledge) compute can be prohibitively expensive for the vast majority of use cases. However, for those developers interested in adding SGX or TEE capabilities to their projects, the current options are very time, cost and resource-intensive, require specialized skills, and offer very unfriendly devex. Fleek’s Edge SGX service now offers an alternative option that we believe can be a **better, faster, and cheaper way for most developers to add SGX capabilities to their protocols, apps, and use cases**. Below are a few of the unique benefits and advantages of Fleek’s Edge SGX service: -### 1. Private and secure compute with TEEs +**1. Private and secure compute with TEEs** -Fleek’s Edge SGX service utilizes Intel’s SGX Trusted Execution Environments (TEEs) to ensure that sensitive data remains encrypted and secure, even from the nodes processing the requests. The data is only decrypted inside the enclave, and our unique implementation of a “Shared Secret Encryption Key” across nodes ensures that encrypted data can be handled by any node in the network without compromising security. This guarantees that your data remains private and secure, regardless of where it’s processed. +Fleek’s Edge SGX service utilizes Intel’s SGX Trusted Execution Environments (TEEs) to ensure that sensitive data remains encrypted and secure, even from the nodes processing the requests. The data is only decrypted inside the enclave, and our **unique implementation of a “Shared Secret Encryption Key” ensures that encrypted data can be handled by any node in the network without compromising security**. This guarantees that your data remains private and secure, regardless of where it’s processed. -### 2. Remote attestation for verified security +**2. Remote attestation for verified security** -Our SGX service is verifiable via **remote attestations** using Intel SGX DCAP ECDSA, ensuring that communications between enclaves are trusted and secure. This also enables secure enclave-to-enclave communications via mutual TLS connections, with full verification before data is exchanged. The remote attestation guarantees that each node running your program is fully verified before any sensitive data is shared. This remote attestation approach also reduces the reliance on Intel. +Our SGX service is verifiable via **Remote Attestations using Intel SGX DCAP ECDSA**, ensuring that communications between enclaves are trusted and secure. This also enables secure enclave-to-enclave communications via mutual TLS connections, with full verification before data is exchanged. The remote attestation guarantees that each node running your program is fully verified before any sensitive data is shared. This remote attestation approach also reduces the reliance on Intel. -### 3. Edge optimization for superior performance +**3. Edge optimization for superior performance** -Unlike traditional SGX implementations, Fleek’s edge-optimized approach ensures that secure compute happens as close to the user as possible, reducing latency and improving overall performance. By distributing secure enclaves across Fleek’s decentralized edge network, requests are handled efficiently, delivering fast, scalable, and secure compute resources globally. +Unlike traditional SGX implementations, Fleek’s edge-optimized approach ensures that secure compute happens lightning-fast and as close to your users as possible, reducing latency and improving overall developer and user experience. By distributing secure enclaves across Fleek’s decentralized edge network, requests are handled efficiently, delivering fast, scalable, and secure compute resources globally. -### 4. Reduced cost and overhead + faster time to market +**4. Reduced cost and overhead + faster time to market** -By leveraging Fleek’s Edge SGX rather than trying to integrate SGX into your own stack, developers will save significant development time and costs as well as eliminate all the devops and infra-maintenance work related to upkeep and scaling their own SGX-related infrastructure and usage (Fleek’s Edge SGX service auto-scales). Using Fleek’s Edge SGX service also significantly reduces the complexity of your own code base and allows you to focus on the unique parts of your app/product. All the above results in projects being able to add SGX capabilities to their protocol or app in a fraction of the time, at a much lower cost, with way less headaches, and lightning-fast performance. +By leveraging Fleek’s Edge SGX rather than trying to integrate SGX into your own stack, developers will save significant development time and costs as well as eliminate all the devops and infra-maintenance work related to upkeep and scaling their own SGX-related infrastructure and usage (Fleek’s Edge SGX service auto-scales). Using Fleek’s Edge SGX service also significantly reduces the complexity of your own code base and allows you to focus on the unique parts of your app/product. All the above results in projects being able to **add SGX capabilities to their protocol or app in a fraction of the time, at a much lower cost, with way less headaches, and lightning-fast performance**. -### 5. Seamless WASM support (with other languages on the way) +**5. Seamless WASM support (with other languages on the way)** -The SGX service currently supports WASM, making it easy for developers to compile their existing applications and deploy them securely on Fleek’s platform. By including the hash of your WASM program with your encrypted data, Fleek’s SGX service ensures that only the intended program can access the data, preventing any tampering or unauthorized access. We plan on adding additional language support in subsequent releases. +The SGX service currently supports WASM, making it easy for developers to compile their existing applications and deploy them securely on Fleek’s platform. By including the hash of your WASM program with your encrypted data, **Fleek’s SGX service ensures that only the intended program can access the data**, preventing any tampering or unauthorized access. We plan on adding additional language support in subsequent releases. -### 6. Content-addressable data for integrity +**6. Content-addressable data for integrity** -In addition to security, Fleek’s SGX service leverages content-addressed mechanisms. The encrypted data is matched to the hash of your WASM program, ensuring that only the program you uploaded can access your sensitive information. This extra layer of protection guarantees that the data remains safe, even if an attacker attempts to run a different program. +In addition to security, Fleek’s SGX service leverages content-addressed mechanisms including Blake3 hashing. **The encrypted data is matched to the hash of your WASM program, ensuring that only the program you uploaded can access your sensitive information**. This extra layer of protection guarantees that the data remains safe, even if an attacker attempts to run a different program. ---