PoPETS 2024 Artifacts Submission for SGX
These prerequisites assume a linux operating system and have been tested on Ubuntu 22.04.
Clone the repository, making sure you fetch the submodules, e.g.:
git clone --recurse-submodules https://github.com/initc3/sgxonerated-secretnetwork.git
If you are missing the submodules after having cloned, run:
git submodule update --init --recursive --remote
Docker Engine: https://docs.docker.com/engine/install/
Go into the hacking
directory:
cd hacking/
Setup and start the local network with:
./scripts/start_node.sh
What does the above command do?
1) Start a validator node (node-1) and a non-validator node (node-2)-
Store and instantiate demo contracts and set up the initial states. The pool sizes are 1000 for
token_a
and 2000 fortoken_b
. The victim and adversary account in the toy-swap contract each have a balance of 100token_a
andtoken_b
. -
Shut down node-1 to launch the attack in simulation mode without broadcasting any transactions to the network.
Launch the sandwich attack
make sandwich-attack
What does the above command do?
The above command simulates an adversary executing the following steps:-
Generate a victim swap transaction to swap 10
token_a
for at least 20token_b
. -
Find a front-run transaction by bisection search that, when executed before the victim's transaction, won't fail the victim's transaction. The front-run transaction found swaps 20
token_a
with a slippage limit of 0, resulting in obtaining 40token_b
. -
After the victim's transaction, the adversary executes a back-run transaction to sell the 40
token_b
, increasing their balance oftoken_a
by 1 and maintaining their balance oftoken_b
.
Secret Network offers scalable permissionless smart contracts with a private by default design— bringing novel use cases to blockchain not feasible on public systems. Secret Network enables users to take back ownership over their private (financial) information and for them to share this information with whom they trust. Secret Network was the first protocol to provide private smart contracts on mainnet, live since September 2020. Secret Network is Built with the Cosmos Software Development Kit (SDK) bringing Interoperable privacy to the entire Cosmos ecosystem. Secret Network uses a combination of the Intel SGX (Software Guard Extension) Trusted Execution Environment technology, several encryption schemes and key management to bring privacy by default to blockchain users. Secret Contracts are an implementation of the Rust based smart contract compiling toolkit CosmWasm, adding private metadata possibilities. Secret Network is powered by the Native public coin SCRT which is used for fees, Proof Of Stake security and Governance. With more than 20+ Dapps, 100+ full time builders and a strong grassroots community Secret Network aims to bring privacy to the masses.
Click the button below to start a new development environment:
-
Install extension
-
Clone this repository into a new dev container
- From Docker Desktop, create a new Dev Environment from the prebuilt image -
ghcr.io/scrtlabs/secretnetwork-dev:latest
- Connect with VSCode, or use the container directly
- Make sure the code is updated by using
get fetch
andgit pull
apt-get install -y --no-install-recommends g++ libtool autoconf clang
Clone this repo to your favorite working directory
Install rust from https://rustup.rs/.
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
Then, add the rust-src component. This will also install the version of rust that is defined by the workspace (in rust-toolchain
) -
rustup component add rust-src
To run tests you'll need to add the wasm32 target -
rustup target add wasm32-unknown-unknown
Install go from https://go.dev/doc/install
sudo apt install go-bindata
To compile the code and run tests, you'll need to install the SGX SDK and PSW. To run in simulation (or software) modes of SGX you do not need to install the SGX driver. For a simple install, run the install-sgx.sh script in the following way:
chmod +x ./scripts/install-sgx.sh
sudo ./scripts/install-sgx.sh true true true false
Note: If you are using WSL you'll need to use the 5.15 kernel which you can find how to do here, otherwise you'll have to run anything SGX related only in docker
We need a very specific version of xargo for everything to compile happily together
cargo install xargo --version 0.3.25
Use make build-linux
to build the entire codebase. This will build both the Rust (enclave & contract engine) and the Go (blockchain) code.
To build just the rust code, you can use make build-linux
, while to build just the Go code, there is the aptly named make build_local_no_rust
.
Tip:
For a production build the enclave must be copied from the most recent release.
This is due to non-reproducible builds, and the fact that enclaves must be signed with a specific key to be accepted on mainnet.
Still, the non-enclave code can be modified and ran on mainnet as long as there are no consensus-breaking changes
To build run all tests, use make go-tests
Run ./scripts/start-node.sh
For the latest documentation, check out https://docs.scrt.network
- Homepage: https://scrt.network
- Blog: https://blog.scrt.network
- Forum: https://forum.scrt.network
- Docs: https://docs.scrt.network
- Discord: https://chat.scrt.network
- Twitter: https://twitter.com/SecretNetwork
- Community Telegram Channel: https://t.me/SCRTnetwork
- Community Secret Nodes Telegram: https://t.me/secretnodes
SecretNetwork is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. The GNU Affero General Public License is based on the GNU GPL, but has an additional term to allow users who interact with the licensed software over a network to receive the source for that program.