In what way is persisted data protected from being obtained e.g. by a malicious actor breaking into my datacenter and gaining physical access to the nodes running in my racks? It might sound like a far fetched scenario, but i’m eager to understand the underlying mechanics of how secrecy is ensured with the way orthogonal persistence is implemented.
This is a good point. And this is also a tough problem. I think to compete with the large service providers. persisted data would need to be encrypted so if someone got access to the canister all they would get is encrypted data.
Well Dominic did mention multiple times they will be using SEV-ES so this bodes well for confidential computation and data at rest capabilities that would prevent even someone with physical access to the hardware to snoop on the data.
SEV-ES gives some guarantees that the machine is running the intended code and that the machine operator or anyone with physical access can’t peek at the contents of the encrypted VM. In theory it gives you both Integrity and Confidentiality.
Different users may feel more or less confident in the degree of protection from SEV features. (There have been quite a few CPU vulnerabilities in recent years.) Even aside from CPU flaws, this will need a lot of new software from Dfinity that may have bugs, and that has no track record.
But apparently Dom feels confident it will prevent data leaks.
The thing that confuses me is this: if Dfinity trust that SEV protects against malicious DCs, why do they need the expensive consensus mechanism? You could just run the code on any one machine, and if you trust SEV then you have a guarantee that the code is executed correctly.
Dom seems to be taking the position that SEV can be trusted for confidentiality but not for integrity, which is hard to understand. If you don’t control the software that sees the plaintext state, how do you know it keeps it confidential?