-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/solution skvs #766
base: main
Are you sure you want to change the base?
Feature/solution skvs #766
Conversation
Signed-off-by: chenchanglew <[email protected]>
Signed-off-by: chenchanglew <[email protected]>
Signed-off-by: chenchanglew <[email protected]>
Signed-off-by: chenchanglew <[email protected]>
Signed-off-by: chenchanglew <[email protected]>
05c5cd2
to
8fb8b84
Compare
Signed-off-by: chenchanglew <[email protected]>
// chaincode := fpc.NewPrivateChaincode(secretChaincode) | ||
skvsChaincode := fpc.NewSkvsChaincode(secretChaincode) | ||
|
||
// start chaincode as a service | ||
server := &shim.ChaincodeServer{ | ||
CCID: ccid, | ||
Address: addr, | ||
CC: chaincode, | ||
CC: skvsChaincode, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was wondering if we want multiple main files? So we have an example to run secret keeper with and without skvs?
/samples/chaincode/secret-keeper-go/cmd/simple/main.go
/samples/chaincode/secret-keeper-go/cmd/skvs/main.go
A few words in the secret-keeper readme would be nice as well.
"github.com/pkg/errors" | ||
) | ||
|
||
type SkvsStubInterface struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the name of this file should be all small caps
return &skvsStub{enclaveStub} | ||
} | ||
|
||
func (e *skvsStub) ChaincodeInvoke(stub shim.ChaincodeStubInterface, chaincodeRequestMessageBytes []byte) ([]byte, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have the feeling that we should remove this wrapper and instead just inject a provider function for the stub that we can set externally.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no sure about this one, might need to ask more insight
9cb49d8
to
dbe4851
Compare
Signed-off-by: chenchanglew <[email protected]>
Signed-off-by: chenchanglew <[email protected]>
Signed-off-by: chenchanglew <[email protected]>
Signed-off-by: chenchanglew <[email protected]>
dbe4851
to
754f02d
Compare
@chenchanglew can you please rebase in resolve the conflict within |
@munapower can you also please have look at this PR. Thanks! |
What this PR does / why we need it:
Implement a Rollback attack protection solution for FPC: SKVS.
Single Key-Value Storage (SKVS) is a naive approach for rollback attacks. All key-value pairs are encapsulated and stored in this approach with a single call to put_state(). During execution, the enclave must load the entire state before accessing individual key-value pairs. While this approach prevents the rollback attack, applications with large states and multiple writers will experience bad performance, as the use of a single key-value pair will cause transactions to fail due to concurrent write issues.
A user can use it by changing the chain code to SVKS chaincode
ex:
skvsChaincode := fpc.NewSkvsChaincode(secretChaincode)
Which issue(s) this PR fixes:
Fixes #484
Special notes for your reviewer:
Loom demonstration video: Watch here