By being 'proactive' I mean that the present owner cannot be stolen from if the server deleted the (all) previous owners keys (in the past).
Even if we updated the code (in the present), there is no way to get old key shares (from the past).
This does not protect against a 'proactive' theft/collusion, where the operator and a previous owner conspire to steal from you (a new owner). This requires trust.
However, the blinded nature of the server make this collusion more difficult.
0 sats \ 1 reply \ @joda 1 Feb
I'm sure it's outside the scope of this project, but is it possible to "prove" a particular version of a software is being run (if you know)?
reply
The principle (in theory) of SGX remote attestation is that you can verify that a specific value (e.g. a cryptographic key) has been produced in an enclave running a specified code. The attestation that this code is running in the enclave is called a 'quote' and is signed with a key unique to that CPU. You can then use Intel's attestation service to verify its a genuine enclave.
There are lots of caveats to this though, and you must trust intel (and also there are privacy issues using intel's service).
reply