Confidential Consortium Framework (CCF) Overview

Confidential Consortium Framework (CCF) Overview


Hi everyone I’m Chris Klepper I’m a
Program Manager with the Azure Blockchain team I’ve got today with me
Sylvan Clebsch with Microsoft Research who is one of the founders and developers
for what we call CCF the Confidential Consortium Framework thanks for joining
us today so I’m happy to be here thank you so let’s talk a little bit about CCF
so we know it’s it’s open source and live on github right now that’s right
yeah it has a lot of very interesting nuances to it but let’s go and start
simply at the top can you just give us a very basic description of what CCF is
sure CCF the reason is called the Constant Confidential Consortium
Framework because it really is intended as an SDK for building out confidential
blockchain like scenarios so multi chits secure multi-party computation scenarios
so it’s an open source framework that leverages trusted execution environments
and provides consensus distributed ledger technology confidentiality and
integrity all in a package that an application developer can use to build
out a confidential distributed application on top of the framework and
then if we contrast that versus the current state of blockchain sure so
blockchain has a lot of really exciting guarantees the tamper-proof Ledger’s is
in some sense the core of it but the cryptographic chaining the key to the
cryptographic check to my mind is that it establishes a total order of events
so it tells you what happened in the order it happened in and that’s
incredibly powerful in and it’s not just for cryptocurrencies right there are
lots of different scenarios that can be enabled with this kind of distributed
ledger technology but then on the other side there’s some core problems now
these are problems in the sense that they’re problems for decentralized
public blockchains but they are problems for enterprise-grade distributed ledger
technology and one of the key ones is power usage essentially existing
approaches demand a lot of power in order to enable Nakamoto consensus or
what’s called proof of work or even proof of stake models and on top of that
determining of a transaction is successful because of the way that
chains fork when using proof of work a proof of stake determining what
transaction successful probabilistic if you there’s a sort of a
rule of thumb that you weight roughly speaking six blocks and that radically
increases the chance that your transaction becomes persistent but
there’s no guarantee ever in addition transactions aren’t
confidential there’s an idea that blockchains provide anonymity but they don’t
they provide pseudo anonymity and what they do is expose all aspects of the
transaction but not necessarily personal information about who’s performing this
transaction because of the way that Bitcoin and Ethereum addresses and
things like that work but what we want to provide is actual complete
confidentiality of transactions and then there’s governance issues governance
issues folks might be aware of the various hard Forks that have happened or
roll backs in for example when the DAO attack happened on Ethereum these kinds
of things can be coped with in a public setting all these things have been
coped with but in an enterprise setting you need a lot stronger technical rule
keeping for this kind of stuff so this is really exciting technology but we
really feel like there’s some key elements for an enterprise great
application that aren’t really present at the moment and if we get into the
value of building on CCF sure so CCF’s intended to provide this high
throughput in low latency so that it’s competitive with it with a database
instead of being competitive with an existing blockchain technology and
provides confidentiality in all three states in some sense confidentiality at
rest so that your data is encrypted when it’s stored confidentiality in motion so
your data is encrypted during communication but also confidentiality
during computation so that your data is encrypted while it’s being operated over
and combining that with these contracts for governance it gives you some really
nice guarantees and it’s built on this idea of remote attestation which maybe
we can cover a little bit so some of the things that we’re able to do right now
are run about 50,000 transactions per second that’s for a straightforward
transfer scenario made that’s not running complex contracts but
it is in some sense a nice peak with latencies that are in tens of
milliseconds and that’s for deterministic commit so you know for a
fact that your transaction is committed and it provides full contract reality
provides the governance and we’re maintaining of course the key properties
that we love that of blockchain technologies integrity resilience
accountability the things that we expect out of a multi distributed ledger
technology yeah and so when you mentioned so many scenarios specific to
blockchain so it sounds like with CCF the intent isn’t to be really a ledger
of blockchain implementation itself it really can be an enabler of existing
blockchain technologies that’s right and sometimes that’s a little bit of a
tricky message to get across we’re not trying to put CCF out there to compete
with ledger technologies we’re trying to put it out there to provide a basis for
turning technologies into high performance confidential implementations
so provides the groundwork for this and it does that part by providing key
pieces like the consensus protocol and the key value store and the
communication mechanisms but the idea is that folks like JP Morgan for example
can come along and extend their existing implementations using CCF to make these
interesting new guarantees at the bottom of the stack okay and lastly we keep
talking about confidentiality and confidential computing can you tell us a
bit just about how that works within the CCF stack as well yeah absolutely
so CCF is built on top of this idea of using Trusted Execution Environments
where a Trusted Execution Environment generally speaking is a hardware
implementation although there are software orientations like there’s a
hyper-v mode called virtual secure modules that allows a software service
with a different guarantee but we’re targeting Intel SGX for now which is the
Intel software guard extensions which provide an Enclave on the chip where all
of the data is encrypted and integrity protected at the hardware level
including during computation on the CPU and these hardware enclaves mean like
in the diagram here that the application is completely isolated from the
operating system Hypervisor and even from hardware other than
CPU so that if someone were to compromise the operating system
compromise the hypervisor the trust execution environment would still be
secure that’s pretty powerful stuff that it really starts getting exciting when
you can talk about how remote attestation works you can get a crypt
back cryptographic proof called a quote that a specific piece of code is running
inside the Enclave and with CCF you can extend that proof to say that all nodes
in the system are running the correct version of code and you’re absolutely
communicating with one of those nodes and that your encrypted session your TLS
session actually terminates inside and Enclave so that it’s not observable even
by a compromised operating system thanks Sylvan
sure so for our audience please stay tuned for part two of this session where
we do a deeper dive into some of the technologies to play with CCF and
appreciate the time value so thank you very much you

You May Also Like

About the Author: Oren Garnes

Leave a Reply

Your email address will not be published. Required fields are marked *