From d911ef043124e9da4242f427edfcdf4e7a30be2b Mon Sep 17 00:00:00 2001 From: 0xYankee <105225833+0xYankee@users.noreply.github.com> Date: Fri, 29 Dec 2023 16:13:41 +0800 Subject: [PATCH] Update 50-secrets.mdx --- website/docs/101-learn/50-secrets.mdx | 41 +++++++++++++++++---------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/website/docs/101-learn/50-secrets.mdx b/website/docs/101-learn/50-secrets.mdx index c0bde32198..eafd7bca88 100644 --- a/website/docs/101-learn/50-secrets.mdx +++ b/website/docs/101-learn/50-secrets.mdx @@ -4,21 +4,32 @@ title: Switchboard Secrets keywords: [Switchboard, web3, oracle, data feeds] --- -There is some information, of course which you do not want to make publicly -visible on chain or inside your docker container. What if you want to fetch -Uniswap liquidity information but don't want to expose your Infura API key in -your container? For this, you can use Switchboard Secrets. - -Repo: https://github.com/switchboard-xyz/secrets-server - -By hosting a Switchboard Secrets server, you can keep your secret keys on a -private server and ensure the secrets will only be passed to your function -if it proves its running inside an enclave and is running the code you're -allowing to view the secrets! +:::info +Dive deeper into the usage of Secrets Server here: +[Secrets Server Github Repository] +(https://github.com/switchboard-xyz/sbv3/tree/main/apps/secrets-server) +::: -:::note +## What are Secrets? +Secrets are sensitive information like API keys, passwords, and database +credentials. In order to bring these types of information on-chain without +leaking the secrets, it is important to store them securely so unauthorized +individuals cannot access/tamper with them. -**Switchboard is creating a first party service to manage secret servers -for you. Coming Soon!** +### How it works +1. Store your secrets as key-value pairs in the server. +2. When your Switchboard Function needs to access a secret, it sends a request + to the server. +3. The server verifies the request using SGX-generated "quotes", ensuring only + authorized Functions can access secrets. +4. If authorized, the server encrypts the secret with a key generated by the + Function's enclave and returns it. +5. The secret is decrypted within the Function's secure enclave, ensuring + confidentiality. -::: +### Benefits to using Switchboard Secrets +* **Securely store secrets:** Keep your secrets outside your Switchboard Functions + and only decrypt them within the SGX enclave for confidentiality and security. +* **Easy integration:** Easily access your secrets directly from your Switchboard + Function with simple SDK calls. +* **Self-hosting option:** You can self-host the server for ultimate control and privacy.