From 9cd596a7b6b5eb39e6882ad8c21f16b078130e7f Mon Sep 17 00:00:00 2001 From: Alexander Eger <40068802+3xz1@users.noreply.github.com> Date: Tue, 6 Feb 2024 16:16:44 +0100 Subject: [PATCH 1/3] Update system-configuration.mdx --- .../prerequisites/system-configuration.mdx | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/node/run-your-node/prerequisites/system-configuration.mdx b/docs/node/run-your-node/prerequisites/system-configuration.mdx index 4b74ef9f7c..4ff13749af 100644 --- a/docs/node/run-your-node/prerequisites/system-configuration.mdx +++ b/docs/node/run-your-node/prerequisites/system-configuration.mdx @@ -198,7 +198,17 @@ chpst -u oasis oasis-node ... -5. Start your Oasis Node. +5. Adding SGX Permissions for ParaTime Node/Client + +If you intend to run a ParaTime Node or a ParaTime Client Node and want to enable SGX support, you'll need to ensure that the `oasis` user has the necessary permissions to access SGX resources. + +1. **Add `oasis` User to `sgx` Group:** + Ensure that the `oasis` user is added to the `sgx` group to grant it access to SGX resources. You can do this by running: + + ```bash + sudo usermod -aG sgx oasis + +6. Start your Oasis Node. [`User` directive]: https://www.freedesktop.org/software/systemd/man/systemd.exec.html#User= From e9f63228bcb6c8df413ffcfef43484d79db02bfd Mon Sep 17 00:00:00 2001 From: Alexander Eger <40068802+3xz1@users.noreply.github.com> Date: Tue, 6 Feb 2024 16:17:57 +0100 Subject: [PATCH 2/3] Update paratime-client-node.mdx --- .../run-your-node/paratime-client-node.mdx | 28 ++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/docs/node/run-your-node/paratime-client-node.mdx b/docs/node/run-your-node/paratime-client-node.mdx index 876572d3c1..435759475d 100644 --- a/docs/node/run-your-node/paratime-client-node.mdx +++ b/docs/node/run-your-node/paratime-client-node.mdx @@ -1,4 +1,4 @@ -import DocCard from '@theme/DocCard'; + import DocCard from '@theme/DocCard'; import {findSidebarItem} from '@site/src/sidebarUtils'; import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem'; @@ -208,6 +208,32 @@ Before using this configuration you should collect the following information to * You can find the current Oasis Seed Node address in the Network Parameters page ([Mainnet], [Testnet]). * `{{ runtime_orc_path }}`: Path to the [ParaTime bundle](paratime-client-node.mdx#the-paratime-bundle) of the form `/node/runtimes/foo-paratime.orc`. * You can find the current Oasis-supported ParaTimes in the Network Parameters page ([Mainnet], [Testnet]). +## Configuring for Confidential States + +To enable access to confidential states on your ParaTime Client Node using SGX, follow these steps: + +1. **Update Runtime Configuration:** + Add the following configuration to your `/node/etc/config.yml` file: + + ```yaml + runtime: + # Paths to ParaTime bundles for all of the supported ParaTimes. + paths: + - {{ runtime_orc_path }} + environment: sgx + config: + {{ paratime_id }}: + estimate_gas_by_simulating_contracts: true + allowed_queries: + - all_expensive: true + sgx_loader: /node/bin/oasis-core-runtime-loader + +Before using this configuration you should collect the following information to replace the variables present in the configuration file:. + +* `{{ paratime_id}}`: RUNTIME_ID - See runtime identifiers on how to choose a runtime identifier. +* `{{ runtime_orc_path }}`: Path to the [ParaTime bundle](paratime-client-node.mdx#the-paratime-bundle) of the form `/node/runtimes/foo-paratime.orc`. + * You can find the current Oasis-supported ParaTimes in the Network Parameters page ([Mainnet], [Testnet]). + ## Starting the Oasis Node From 67b8094765ff89b3a2bf24eff6cac7e05b1f4f2c Mon Sep 17 00:00:00 2001 From: Alexander Eger <40068802+3xz1@users.noreply.github.com> Date: Wed, 7 Feb 2024 18:05:46 +0100 Subject: [PATCH 3/3] Update paratime-client-node.mdx --- docs/node/run-your-node/paratime-client-node.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/node/run-your-node/paratime-client-node.mdx b/docs/node/run-your-node/paratime-client-node.mdx index 435759475d..fdc4637396 100644 --- a/docs/node/run-your-node/paratime-client-node.mdx +++ b/docs/node/run-your-node/paratime-client-node.mdx @@ -1,4 +1,4 @@ - import DocCard from '@theme/DocCard'; +import DocCard from '@theme/DocCard'; import {findSidebarItem} from '@site/src/sidebarUtils'; import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';