Town Crier: An Authenticated Data Feed for Smart Contracts
eprint.iacr.orgIt uses trusted hardware to authenticate and scrape data from HTTPS-enabled websites
It claims to do this using SGX. However, it uses a "Relay" - a non-SGX process - to pass network data into the SGX enclave.
To me that seems to make the claim of trustworthiness (in the "trustworthy computing" sense) questionable.
I'm not overly familiar with SGX and I've only scanned through this proposal, but I'd love someone more knowledgeable to expand my understanding.
It seems to me that the entire stack needs to be running in the SGX-enclave for it to gain the complete benefits?
Nevertheless, I think this is pretty interesting.
No it does not. You can verify the data has not been modified given the HTPS even if it has passed through arbitrary untrusted process in the middle. Think about the ISP being outside the SGX enclave and having the same ability as Relay.
The interesting thing here wont be the tech, but the business model and regulatory framework.