Skip to content

A Module for Privacy-preserving State Transitions with Verifiability

Notifications You must be signed in to change notification settings

noplan-inc/anonify

 
 

Repository files navigation


Anonify is a blockchain-agnostic execution environment with privacy and auditability based on TEE (Trusted Execution Environment). Anonify enables flexible execution of business logic while protecting a shared state that is not desired to be revealed to the others. Anonify also provides auditability, i.e., only an auditor can read a specific part of the state. The current implementation of Anonify only supports Ethereum-based blockchains such as Quorum as the backend.

Please refer to White Paper (JP), Anonify Book(EN) / Anonify Book(JP) for more information.

Note: This is a prototype implementation and has not been tested for production.

Setup

Copy environment variables and set your SPID and SUB_KEY.

$ cp .env.sample .env

Running anonify nodes

docker

The ERC20-like application is implemented as the initial state transition functions. (Assumed your hardware supports Intel SGX.)

You can build a latest docker image and then run the container:

$ docker build -t anonify-server:latest -f docker/server.Dockerfile ./
$ docker run -v /var/run/aesmd:/var/run/aesmd --device /dev/sgx/enclave --env-file ./.env --name anonify -d --rm -it anonify-server:latest

shell scripts

Running nodes

$ ./scripts/start-docker.sh
$ cd anonify
$ ./scripts/env-anonify.sh // Change env vars depending on your environment
$ ./scripts/run-server.sh

Using CLI

You can use anonify-cli to communicate with a whole anonify system. See the transfer tutorial section for usage.

Build Anonify's command line utilities.

$ ./scripts/build-cli.sh

If you want to build artifacts in release mode, pass a --release argument.

$ ./scripts/build-cli.sh --release

Developing

You can try to build the codebase on your local machine or test it in sgx-enabled environment.

Building in simulation mode

Anonify assumes your hardware supports Intel SGX. Without such hardware, you can build it in simulation mode, which allows you to build on macOS.

$ docker run -v `pwd`:/root/anonify --rm -it osuketh/anonify:20210310-1804-1.1.3

Testing (ERC20 app)

Assumed your hardware supports Intel SGX or run it on Azure Confidential Computing, you can test the core component you built works correctly.

The very first thing you need to do is starting aesm service in a SGX-enabled environment. For more details, see: https://github.com/apache/incubator-teaclave-sgx-sdk/blob/master/documents/sgx_in_mesalock_linux.md#solution-overview

LD_LIBRARY_PATH=/opt/intel/sgx-aesm-service/aesm /opt/intel/sgx-aesm-service/aesm/aesm_service

Running intel SGX environment, and then, you can build in HW mode.

$ cd anonify 
$ UID=`id -u` GID=`id -g` docker-compose up -d
$ docker-compose exec sgx_machine bash
$ ./scripts/test.sh

Implementation Tips

See docs/ to understand code-level architecture.

Documentations

Currently, documents are only available in Japanese.

License

Anonify is primarily distributed under the terms of the [Apache License (Version 2.0)], see LICENSE for details.

About

A Module for Privacy-preserving State Transitions with Verifiability

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Rust 94.9%
  • Dockerfile 2.0%
  • Shell 1.5%
  • Other 1.6%