general/hacker-challenge
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1a897d780f
hacker-challenge/README.md

59 lines
2.2 KiB
Markdown
Raw Blame History

# Welcome to the HACKER CHALLENGE
## Building and packaging the challenge
The host can be without SGX support.
To build and package the challenge you will need the docker environment.
Do the following steps to build the challenge:
```bash
# Notice that there is no SGX device mounted, run inside rewrite directory
docker run --rm --name packager -it -v .:/root/rewrite occlum/occlum:latest-ubuntu20.04
# Inside the docker container run package.sh and follow its instructions
cd /root/rewrite && ./scripts/package.sh --prep
exit # Feel free to exit the container
```
## Testing the challenge
To test the challenge you will need the SGX support.
```bash
# this will boot few containers containing servers that will replicate the private key generated by one of the nodes
./scripts/testnet.sh
# to interact with the servers list the ports
docker container list
# pick some node and
curl localhost:your-port
# node will respond with a homepage with more information
```
The node homepage source is also [here](./src/HOMEPAGE.md).
## Production build
```bash
./scripts/build-container.sh
```
## Contributing to the challenge
Don't forget to run `cargo clippy` and `cargo fmt` before submitting a PR.
## Known issues
1. If you create a new node as a root and it will create the private key and save it
to the disk, it will remain sealed and when the node will restart and try to join
the rest of the network, it will still use the private key from the disk for
minting and sharing.
2. If you run the hacker challenge on the Out Of Life processors you may have a
privilege to run certain attacks, for instance check (this
article)[https://x.com/PratyushRT/status/1828183761055330373].
3. The challenge is compiled using the HW mode, not HYPER so it may not work on
some cloud providers, like Azure Intel SGX VMs (needs more testing).
4. The performance and stability of the challenge is not at its theoretical peak as
the challenge was done mostly as a poc and was not meant to be infinitely scalable
or very performant.
5. The challenge is not mutable once deployed, which means that it will remain
secure for as long as the community will not find a new vulnerability in SGX.
Reference in New Issue View Git Blame Copy Permalink