new | show | ask | jobs Github

LoganDark 2 hours ago

What enclave are you using? Is it hardware-backed?

Edit: I found https://github.com/tinfoilsh/cvmimage which says AMD SEV-SNP / Intel TDX, which seems almost trustworthy.

▲

FrasiertheLion 2 hours ago | parent [-]

Yes, we use Intel TDX/AMD SEV-SNP with H200/B200 GPUs configured to run in Nvidia Confidential Computing mode

▲

LoganDark 2 hours ago | parent [-]

I would be interested to see Apple Silicon in the future, given its much stronger isolation and integrity guarantees. But that is an entirely different tech stack.

▲

julesdrean an hour ago | parent [-]

Apple does something very similar with Apple Private Cloud Compute. It's interesting cause their isolation argument is different. For instance, memory is not encrypted (so weaker protection against physical attacks), but they measure and guarantee integrity (and need to trust) all code running on the machine, not just inside the secure enclave.

Good question is how many lines of code do you need to trust at the end of the day between these different designs.

	▲	LoganDark 28 minutes ago \| parent [-]
		Lines of code hardly means anything, but I'd believe Apple has far fewer, given how aggressively they curtail their platforms rather than letting them collect legacy cruft.