REM(Resource-Efficient Mining) is a new blockchain mining framework that uses trusted hardware(Intel SGX) to achieve a fraction of the waste of PoW. It’s partially decentralized, and it achieves security guarantees similar to PoW. Its key idea, Proof-of-Useful-Work(PoUW), involves miners providing trustworthy reporting on CPU cycles they devote to inherently useful workloads. In a PoUW system, users can utilize their CPUs for any desired workload, and can simultaneously contribute their work towards securing a blockchain.
As Satoshi Nakamoto put Proof-of-Work(PoW) in BitCoin, PoW is widely used in blockchain so that the consensus can prevent an attacker from gaining majority power by cheaply masquerading as multiple machines. However, PoW in blockchains are wasteful, and it even has another name: Proof of Waste. PoWs serve no useful purpose beyond consensus and incur huge monetary and environmental costs, which is against FinTech’s demand.
Many attempts have been made to create a more resource useful consensus. However they have serious limitations.
Intel recently introduced a new instruction set architecture extension in Intel CPUs called Software Guard Extension(SGX). SGX permits the execution of trustworthy code in an isolated, tamper free environment, and can prove remotely that outputs represent the result of such execution. And Intel proposed another innovative consensus: Proof of Elapsed Time(PoET). However, PoET presents two notable technical challenges: broken chip problem(an attacker that can corrupt a single SGX-enabled node can win every consensus round and break the system completely) and stale chip problem(miners tend to power mining rigs with cheap, outmoded SGX-enabled CPUs used solely for mining). REM addresses both the stale and broken chip problems.
SGX enables process execution in a Trusted Execution Environment(TEE), and specifically in SGX in a protected address space known as an enclave. An enclave protects the confidentiality and the integrity of the process from certain forms of hardware attack and other processes on the same host, including privileged processes like operating systems. SGX signs quotes in attestations using a group signature scheme called Enhanced Privacy ID or EPID, and Intel made the design choice that attestations can only be verified by accessing Intel’s Attestation Service(IAS), a public Web service maintained by Intel whose primary responsibility is to verify attestations upon request.
The basic idea of PoUW, and thus REM, is to replace the wasteful computation of PoW with arbitrary useful computation. Since it is only partially decentralized, it relies for security on two key assumptions about the hardware manufacturer’s behavior: First, Intel correctly manages identities, specifically that it assigns a signing key(used for attestations) only to a valid CPU. Second, Intel does not blacklist valid nodes in the network, rendering their attestations invalid when the IAS is queried.
If Intel didn’t follow the two assumptions and was detected in any context, the company’s reputation and the perceived utility of SGX would be undermined and Intel would gain little revenue. So generally we can trust Intel SGX.
There are three types of entities in the ecosystem of REM: a blockchain agent, one or more REM miners, and one or more useful work clients.
The useful work clients supply useful workloads to REM miners in the form of PoUW tasks, each of which encompass a PoUW enclave and some input.
The blockchain agent collects transactions and generates a block template, a block lacking the proof of useful work(PoUW). A REM miner will attach the required PoUW and return it to the agent. The agent then publishes the full block to the P2P network, making it part of the blockchain and receiving the corresponding reward.
Although CPU cycles would have been a more accurate metric, they are vulnerable to manipulation. The operating system may set their values arbitrarily and even have them double-count cycles. Therefore, REM chose instruction counting for securely evaluating effort with the existing tools available in SGX.
The workflow of the PoUW toolchain is as shown below: First, the useful work code (usefulwork.cpp), C / C++ source code, is assembled while reserving a register as the instruction counter. Next, the assembly code is rewritten by the toolchain such that the counter is incremented at the beginning of each basic block (a linear code sequence with no branches) by the number of instructions in that basic block. The count is performed at the beginning of a block rather than its end to prevent a cheater from jumping to the middle of a block and gaining an excessive count.
PoUW attestations is formed with two-layer hierarchical attestations. Zhang et al hard-code only a single program’s fingerprint into the blockchain, a static-analysis tool called compliance checker. The compliance checker runs in a trusted environment and takes a user-supplied program as input.
Every PoUW then includes two parts: The useful work program attestation on the mining success, and an attestation from the compliance checker of the program’s compliance. Note that the compliance attestation and the program’s attestation must be signed by the same CPU. Otherwise an attacker that compromises a single CPU could create fake compliance attestations for invalid tasks.
近日Intel在其CPU中推行了一种新型指令集扩展结构，称为SGX(Software Guard Extension)。SGX允许可信任代码在隔绝、防干扰的环境中执行，并且远程验证程序执行的输出结果。在SGX的基础上，Intel提出了新的共识机制：运行时间证明(Proof of Elapsed Time, PoET)。然而，PoET有两个显著的技术挑战：芯片沦陷问题和芯片老旧问题。
SGX使进程执行在可信任执行环境(Trusted Execution Environment, TEE)中，而且SGX中专门有一块受保护的名为enclave（暂译为保护领地）的地址。Enclave保证了进程的机密性和完整性，避免来自硬件的攻击以及其他优先进程如操作系统等影响。SGX在认证过程中使用一种名为强化隐私ID(Enhanced Privacy ID, EPID)的群签名方案。同时Intel决定认证只能通过Intel认证服务(Intel’s Attestation Service)进行，IAS是Intel维持的公共网络服务，其首要责任是验证请求的认证。
虽然在5.1的Why Count Instructions中解释了为什么采用指令计数的方式。
While instructions are reasonable estimates of the CPU effort, CPU cycles would have been a more accurate metric. However, although cycles are counted, and the counts can be accessed through the CPU’s performance counters, they are vulnerable to manipulation. The operating system may set their values arbitrarily, allowing a rational operator, who controls her own OS, to improve her chances of finding a block by faking a high cycle count. Moreover, counters are incremented even if an enclave is swapped out, allowing an OS scheduler to run multiple SGX instances and having them double-count cycles. Therefore, while instruction counting is not perfect, we find it is the best method for securely evaluating effort with the existing tools available in SGX.
不过个人认为还是可以采用执行时间证明(Proof of Execution Time, PoET’)的方法实现共识。CPU的晶振周期与时钟周期是固定的（本来我以为单个机器的机器周期是固定不变的，但是机器周期即为CPU周期，所以才知道是可以由操作系统改变的）。可以使用执行时间÷时钟周期（晶振周期）÷某一常数近似估计指令数目，而不需要专门设计工具链对汇编语言进行计数。
另外，一篇名为Malware Guard Extension: Using SGX to Conceal Cache Attacks(Extend Version)的论文也值得引起我们对SGX安全性的重视。（这篇论文是我近日查找资料时不经意看到的搜狐报道的英特尔 SGX：是用来隐藏恶意软件，而不是保护系统；会泄漏加密密钥后去找的论文，还没有仔细看）