Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Possible problems with TDX attestation and the ability to change TSS account ID / endpoint #1058

Open
ameba23 opened this issue Sep 19, 2024 · 2 comments
Assignees
Labels
Feature introduces a new feature
Milestone

Comments

@ameba23
Copy link
Contributor

ameba23 commented Sep 19, 2024

#1051 introduces storing provisioning certification keys (PCKs), used for on-chain attestation the the TS server is running in a trusted domain.

The PCK is tied to the physical hardware the server runs on, so if a TS server moves, the PCK will need to change.

Since we have extrinsics which allow validators to change their associated TSS account ID and IP address, we need to allow them to also change their PCK. There are a few things to think about when implementing this:

  • If an endpoint (IP address) changes, probably the PCK must also change, so maybe this should be enforced by having a single extrinsic to update both of them.
  • When the PCK is changed, the same process of validating the PCK certificate must be carried out as when the validator joins initially. This part is not yet implemented.
@github-project-automation github-project-automation bot moved this to 📋 Backlog in Entropy Core Sep 19, 2024
@ameba23 ameba23 self-assigned this Sep 19, 2024
@ameba23
Copy link
Contributor Author

ameba23 commented Sep 19, 2024

Related to #982

@ameba23
Copy link
Contributor Author

ameba23 commented Oct 1, 2024

Linking to another related issue: #1072

@HCastano HCastano added this to the v0.4.0 milestone Oct 18, 2024
@HCastano HCastano moved this from 📋 Backlog to 🌝 Soon in Entropy Core Oct 18, 2024
@HCastano HCastano added the Feature introduces a new feature label Oct 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature introduces a new feature
Projects
Status: 🌝 Soon
Development

No branches or pull requests

2 participants