
Town Crier: An Authenticated Data Feed for Smart Contracts - randombit
https://eprint.iacr.org/2016/168
======
nl
_It uses trusted hardware to authenticate and scrape data from HTTPS-enabled
websites_

It claims to do this using SGX. However, it uses a _" Relay"_ \- a non-SGX
process - to pass network data into the SGX enclave.

To me that seems to make the claim of trustworthiness (in the "trustworthy
computing" sense) questionable.

I'm not overly familiar with SGX and I've only scanned through this proposal,
but I'd love someone more knowledgeable to expand my understanding.

It seems to me that the entire stack needs to be running in the SGX-enclave
for it to gain the complete benefits?

Nevertheless, I think this is pretty interesting.

~~~
niketear
No it does not. You can verify the data has not been modified given the HTPS
even if it has passed through arbitrary untrusted process in the middle. Think
about the ISP being outside the SGX enclave and having the same ability as
Relay.

------
tdaltonc
The interesting thing here wont be the tech, but the business model and
regulatory framework.

