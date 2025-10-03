แลกเปลี่ยนDEX+
ซื้อคริปโตตลาดสปอตฟิวเจอร์ส500XEarnกิจกรรม
เพิ่มเติม
มหกรรมเทรด CHZ
This article explores how PSL leverages SCL to securely execute workloads inside enclaves, using sandboxed JavaScript for isolation, attestation protocols for trust, and hierarchical deterministic (HD) wallet-style key management for scalable cryptographic control. With enclaves handling runtime environments, PSL ensures keys are uniquely derived, rotated efficiently, and protected against leakage. The result: a secure, flexible framework for serverless computing that reduces the trusted computing base while enabling scalable, encrypted, and verified workloads.This article explores how PSL leverages SCL to securely execute workloads inside enclaves, using sandboxed JavaScript for isolation, attestation protocols for trust, and hierarchical deterministic (HD) wallet-style key management for scalable cryptographic control. With enclaves handling runtime environments, PSL ensures keys are uniquely derived, rotated efficiently, and protected against leakage. The result: a secure, flexible framework for serverless computing that reduces the trusted computing base while enabling scalable, encrypted, and verified workloads.

Inside PSL: Key Management, Sandboxing, and Secure Enclaves Explained

โดย: Hackernoon
2025/10/03 05:15
Ambire Wallet
WALLET$0.01912-1.08%

Abstract and I. Introduction

II. Background

III. Paranoid Stateful Lambda

IV. SCL Design

V. Optimizations

VI. PSL with SCL

VII. Implementation

VIII. Evaluation

IX. Related Work

X. Conclusion, Acknowledgment, and References

VI. PSL WITH SCL

We discuss the experience and implementation effort to use SCL for PSL. Every PSL worker is started with a Worker Enclave in SCL, and attested by In-Enclave FaaS Leader. The code for PSL is directly executed on sandboxed Javascript engine. Our key distribution and management protocol provides every worker enclave with unique private keys derived from a master key by the FaaS Leader. The keys can be easily generated, verified and rotated to prevent potential key leakage.

\ A. Sandboxing

\ To isolate in-enclave applications from the PSL infrastructure, we use a sandboxed Javascript interpreter, Duktape, to dynamically interpret the Lambda program at runtime. In order for sandboxed Javascript program communicate with its other counterparts, we modify the Duktape and introduce two functions put and get to interact with SCL. We note that the program is transparent with and sandboxed from the underlying cryptographic schemes, so that it cannot observe and unintentionally leak the cryptographic secrets.

\ B. Attestation

\ PSL builds its attestation protocol on top of the Asylo’s attestation primitives. For each worker or FaaS leader that requires code running in the enclave, it starts with an Assertion Generation Enclave(AGE) as a Quoting Enclave(QE) that helps generates quotes on behalf of the enclave. The QE is certified by the Provisioning Certification Enclave (PCE), which uses Provisioning Certification Key (PCK) that is written, and distributed by Intel to sign QE’s hardware REPORT. The PCK certificate chain can be traced back to Intel SGX Root Certificate Authority(CA). After receiving an assertion request from a remote attester, the worker or FaaS leader establishes bi-directional local attestation with AGE to forward the assertion request from the remote attester and to get the assertion from the AGE. After the remote attester verifies the assertion, they establish a secure gRPC channel and the remote attester sends confidential information, such as crypographic keys, to the worker or FaaS leader.

\ C. Launching Process

\ Each PSL worker node starts a lambda runtime in the enclave, which is registered with a third-party job scheduler. To launch a PSL workload, the user contacts the job scheduler with an encrypted program and corresponding launching configurations, such as how many lambdas are needed. The job scheduler contacts idle worker nodes within its registry and forwards the encrypted program to the potential worker nodes. To prevent malicious worker nodes, the user sends cryptographic keys via a separate channel through FaaS leader that runs in an enclave. After verifies the identity of the FaaS leader using remote attestation, the worker distributes the keys to the FaaS leader. The workers which receive the encrypted program also verify itself with remote attestaion with the FaaS leader. After the workers are authenticated, the FaaS leader forwards the cryptographic keys to the worker nodes, and the worker nodes can decrypt and run the program. When the PSL workload is finished, all the user-related confidential information, such as the content of the memtable, is cleared by a RESET command by the FaaS leader, because restarting the lambda runtime may take longer time. The FaaS leader keeps track of the idleness of the workers and only distribute keys to the idle workers. The workers after RESET need to be re-attested for the next PSL workload.

\ D. Key Management

\ In PSL, key management is needed for worker enclaves to verify each other’s identity, and to satisfy the security guarantees of DataCapsules. Our key management design goals are: 1) Provenance: by providing a unique key pair per worker enclave; 2) Authentication: each worker enclave needs to sign with the (derived) DataCapsule owner identity; 3), PSL uses a hierarchical structure with a parent FaaS Leader and multiple child Lambda Enclaves. We want to design a key management scheme to efficiently manage hierarchically structured key pairs with low overhead.

\ To derive a each set of public/private key pairs from a master key, we use Hierarchical Deterministic (HD) Wallet from Bitcoin Wallet[30]. HD Wallet is a key management scheme that allows all the child public keys to be derived from a single parent public key. We use hardened derived child keys, a scheme of HD wallet to prevent the problem of HD Wallet that the leakage of the child private key leaks the private key of the parent. HD Wallet enables efficient key management in PSL as follows: 1) After attestation between the client and the FaaS Leader, the client sends its owner key to the FaaS Leader. 2) The FaaS Leader generates a child public/private key pair for the current running application. 3) The FaaS Leader uses the application child key pair to generate multiple grandchild key pairs, one per worker enclave. 4) The FaaS Leader attests and sends every enclave its grandchild key pair. 5) FaaS Leader multicasts the application public key to all enclaves. 6) Each worker enclave derives the other worker enclaves’ public keys using the application public key.

\

\ Key Leakage and Rotation We enable efficient key rotation scheme with SCL that can derive and distribute a new set of key pairs for the workers from the new hardened key pair. This prevents the cryptographic key leakage over time. This is done by (1) client deriving a new child hardened key pair and multicasting the public key to all enclave workers; (2) the FaaS Leader then derives a new set of key pairs for the workers from the new key pair. To handle lost multicasted messages or enclave worker failure, we can rely on SCL’s consistency coordinator and include the current parent public key in the SYNC reports. This ensures that any enclave worker can verify that they are using the correct signing keys in a given epoch by validating the keys against the consistency coordinator’s SYNC reports. The frequency in which key rotation occurs depends on the user’s threat model. Users may choose to rotate keys per function invocation. This ensures any new function invocations may not affect previous function invocations.

VII. IMPLEMENTATION

Our codebase contains 32,454 LoC in C++ excluding comments and 43,011 LoC code base in total counted by cloc[1]. The core SCL KVS code consisted of roughly 4,000 lines of code in C++, excluding the attestation, distributive application implementations, and experiment scripts. We implement the KVS directly on top of Asylo instead of on a containerized enclave environment. This yields a much smaller TCB than related works such as Speicher [9].

\ Asylo is a hardware-agnostic framework for TEEs, supporting Intel SGX(v1 and v2) and ARM TrustZone. It also provided a POSIX compliant library that made it easier to port existing applications into enclaves. We use ZeroMQ to implement network multicast and communications between Worker Enclaves. We use gRPC to create a secure FaaS Leader Enclave, which can generate HD Wallet keypairs and startup enclave workers. We use DukTape, an embedded JavaScript engine in C++, to sandbox enclave applications, now that enclaves can directly execute JavaScript code.

\ CapsuleDB is implemented in C++ and is 2200 LoC. It also uses several features of Asylo and the structures created in the PSL implementation. We use a similar memtable implementation, but leverage mutexes on each entry instead of a spinlock. Due to the implementation timeline, the current version of CapsuleDB writes data to disc rather than to a network attached DataCapsule using the Boost serialization library. The DataCapsule replication service contains about 1,000 LoC in C++ excluding comments. We use RocksDB as embedded persistent storage for each DataCapsule replica, ZeroMQ to implement network communication between DataCapsule replicas, and OpenSSL for signature and verification.

\

:::info Authors:

(1) Kaiyuan Chen, University of California, Berkeley (kych@berkeley.edu);

(2) Alexander Thomas, University of California, Berkeley (alexthomas@berkeley.edu);

(3) Hanming Lu, University of California, Berkeley (hanming lu@berkeley.edu);

(4) William Mullen, University of California, Berkeley (wmullen@berkeley.edu);

(5) Jeff Ichnowski, University of California, Berkeley (jeffi@berkeley.edu);

(6) Rahul Arya, University of California, Berkeley (rahularya@berkeley.edu);

(7) Nivedha Krishnakumar, University of California, Berkeley (nivedha@berkeley.edu);

(8) Ryan Teoh, University of California, Berkeley (ryanteoh@berkeley.edu);

(9) Willis Wang, University of California, Berkeley (williswang@berkeley.edu);

(10) Anthony Joseph, University of California, Berkeley (adj@berkeley.edu);

(11) John Kubiatowicz, University of California, Berkeley (kubitron@berkeley.edu).

:::

:::info This paper is available on arxiv under CC BY 4.0 DEED license.

:::

\

ข้อจำกัดความรับผิดชอบ: บทความที่โพสต์ซ้ำในไซต์นี้มาจากแพลตฟอร์มสาธารณะและมีไว้เพื่อจุดประสงค์ในการให้ข้อมูลเท่านั้น ซึ่งไม่ได้สะท้อนถึงมุมมองของ MEXC แต่อย่างใด ลิขสิทธิ์ทั้งหมดยังคงเป็นของผู้เขียนดั้งเดิม หากคุณเชื่อว่าเนื้อหาใดละเมิดสิทธิของบุคคลที่สาม โปรดติดต่อ service@mexc.com เพื่อลบออก MEXC ไม่รับประกันความถูกต้อง ความสมบูรณ์ หรือความทันเวลาของเนื้อหาใดๆ และไม่รับผิดชอบต่อการดำเนินการใดๆ ที่เกิดขึ้นตามข้อมูลที่ให้มา เนื้อหานี้ไม่ถือเป็นคำแนะนำทางการเงิน กฎหมาย หรือคำแนะนำจากผู้เชี่ยวชาญอื่นๆ และไม่ถือว่าเป็นคำแนะนำหรือการรับรองจาก MEXC

คุณอาจชอบเช่นกัน

DBS Partners With Franklin Templeton and Ripple for Tokenized Lending Platform

DBS Partners With Franklin Templeton and Ripple for Tokenized Lending Platform

TLDR DBS Digital Exchange, Franklin Templeton, and Ripple signed a memorandum of understanding to launch tokenized trading and lending services on the XRP Ledger DBS will list Franklin Templeton’s sgBENJI token alongside Ripple’s RLUSD stablecoin, allowing real-time swaps for institutional investors The partnership enables portfolio rebalancing and yield generation during volatile market conditions through tokenized [...] The post DBS Partners With Franklin Templeton and Ripple for Tokenized Lending Platform appeared first on CoinCentral.
RealLink
REAL$0.0636-4.93%
XRP
XRP$2.3233-4.46%
TokenFi
TOKEN$0.006507-5.73%
แชร์
Coincentral2025/09/18 17:06
Forward Industries Files $4 Billion ATM Offering to Boost Solana Treasury

Forward Industries Files $4 Billion ATM Offering to Boost Solana Treasury

Forward Industries filed an automatic shelf to offer up to $4 billion in at-the-market common stock to support its Solana (SOL) treasury strategy.
Solana
SOL$151.89-4.27%
Boost
BOOST$0.02566-39.80%
แชร์
Blockchainreporter2025/09/18 05:10
New Trump appointee Miran calls for half-point cut in only dissent as rest of Fed bands together

New Trump appointee Miran calls for half-point cut in only dissent as rest of Fed bands together

The post New Trump appointee Miran calls for half-point cut in only dissent as rest of Fed bands together appeared on BitcoinEthereumNews.com. Stephen Miran, chairman of the Council of Economic Advisers and US Federal Reserve governor nominee for US President Donald Trump, arrives for a Senate Banking, Housing, and Urban Affairs Committee confirmation hearing in Washington, DC, US, on Thursday, Sept. 4, 2025. The Senate Banking Committee’s examination of Stephen Miran’s appointment will provide the first extended look at how prominent Republican senators balance their long-standing support of an independent central bank against loyalty to their party leader. Photographer: Daniel Heuer/Bloomberg via Getty Images Daniel Heuer | Bloomberg | Getty Images Newly-confirmed Federal Reserve Governor Stephen Miran dissented from the central bank’s decision to lower the federal funds rate by a quarter percentage point on Wednesday, choosing instead to call for a half-point cut. Miran, who was confirmed by the Senate to the Fed Board of Governors on Monday, was the sole dissenter in the Federal Open Market Committee’s statement. Governors Michelle Bowman and Christopher Waller, who had dissented at the Fed’s prior meeting in favor of a quarter-point move, were aligned with Fed Chair Jerome Powell and the others besides Miran this time. Miran was selected by Trump back in August to fill the seat that was vacated by former Governor Adriana Kugler after she suddenly announced her resignation without stating a reason for doing so. He has said that he will take an unpaid leave of absence as chair of the White House’s Council of Economic Advisors rather than fully resign from the position. Miran’s place on the board, which will last until Jan. 31, 2026 when Kugler’s term was due to end, has been viewed by critics as a threat from Trump to the Fed’s independence, as the president has nominated three of the seven members. Trump also said in August that he had fired Federal Reserve Board Governor…
Whiterock
WHITE$0.0001482-4.87%
OFFICIAL TRUMP
TRUMP$7.4-8.95%
Movement
MOVE$0.05713-5.72%
แชร์
BitcoinEthereumNews2025/09/18 02:26

ข่าวที่กำลังมาแรง

มากกว่า

DBS Partners With Franklin Templeton and Ripple for Tokenized Lending Platform

Forward Industries Files $4 Billion ATM Offering to Boost Solana Treasury

New Trump appointee Miran calls for half-point cut in only dissent as rest of Fed bands together

Will the Fed Begin Interest Rate Cuts Today? How Will Today’s Interest Rate Decision Affect Bitcoin and Cryptocurrencies? Analysis Firm Explains!

CryptoQuant: BTC's 12% pullback from its new high is completely normal and has not yet exceeded the historical average of 20-25% decline

ราคาคริปโต

mc_price_img_alt

Bitcoin

BTC

$101,073.86
$101,073.86$101,073.86

-1.14%

mc_price_img_alt

Ethereum

ETH

$3,379.57
$3,379.57$3,379.57

-1.41%

mc_price_img_alt

Solana

SOL

$151.75
$151.75$151.75

-2.54%

mc_price_img_alt

XRP

XRP

$2.3233
$2.3233$2.3233

-1.89%

mc_price_img_alt

KernelDAO

KERNEL

$0.11384
$0.11384$0.11384

+6.38%