/biz/ - Business & Finance

ATTENTION LINKIES, THIS IS NOT A DRILL
SGX HAS BEEN COMPROMISED
if you have read the whitepaper you know this is a vital component of the ChainLink network

https://github.com/lsds/spectre-attack-sgx
https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/754168


FUCKING SELL BEFORE ITS TOO LATE

What effect do we think the spectre vulnerablity will have on LINK? At the moment Chainlink relies heavily on Intel's magical black box SGX to protect information in decentralized oracles - without it there's no benefit to using link.

SGX has been compromised: htt ps://github.com/lsds/spectre-attack-sgx#code-layout

From the link whitepaper:

"It is also important to recognize that of course today, whether or not we like it,
trust in Intel is inescapable. The CPU in the machine on which you are reading this
paper bears witness to this fact—or, if not, the CPU in the server from which you
downloaded this paper.
Of course, it would be preferable to make use of trusted hardware from multiple
vendors, and it is to be hoped that others will create equivalent capabilities. New,
open architectures for trusted hardware, and ways to weaken the trust assumptions
required of such hardware, are active areas of research, e.g., [19], [34]. The ability to
diversify across vendors or architectures per se would not ensure data confidentiality,
however."

Does this mean that the question is irrelevant as there's no existing alternatives to relying on Intel's compromised SGX?