| ▲ | mirashii 3 hours ago | |
Looking at their paper at [1], there's a gaping hole: there's no actual way to verify the contents of the running binaries. The binary hash they include in their signatures is self-reported, and can be modified. That's simply game over. [1] https://github.com/Layr-Labs/d-inference/blob/master/papers/... | ||
| ▲ | mirashii 3 hours ago | parent [-] | |
A note, as others have posted on this thread: I mention this as a concrete and trivial flaw in their whole strategy, but the issue is fundamental: there's no hardware enclave for third-party code available to do the type of attestation that would be necessary. Any software approach they develop will ultimately fall to that hole. | ||