Hi everyone,
Using vetKD, it is possible to achieve end-to-end encryption. I had assumed that AMD SEV would be required to secure private information, but I may be mistaken given what was written below:
The nodes in the blockchain assist a user in recovering their root key, but never see that key or the content of the files.
Is it secure to handle personal information using only vetKD without AMD SEV?
Hello!
Yes, the vet keys are (if used correctly) giving you a much higher level of privacy than SEV SNP. No individual replica has access to the full private key, only the client will be able to access the full private key.
When e2e encrypted in this way, even if a node provider (or some other malicious party that has gained access to the node) breaks through the SEV SNP enclave, they will not be able to decrypt the data.
@NathanosDev
Thanks for your reply.
vetKD is wonderful!
When e2e encrypted in this way, Since smart contracts cannot read the plaintext, can’t they process that data? If not, is a SEV SNP required?
Yes…if you want the smart contract to calculate over the data without the node provider having theoretical access, then SEV SNP will be required.
One alternative is to use vet keys that can issue a decryption key to a trusted party. For enterprise applications, this should be reasonable. In fact, the space could really use a utilized trusted partner like this that takes all the headaches out of providing something like this.
Yes…if you want the smart contract to calculate over the data without the node provider having theoretical access, then SEV SNP will be required.
Thanks for your reply. I understood.
One alternative is to use vet keys that can issue a decryption key to a trusted party. For enterprise applications, this should be reasonable.
I am interested in Enterprise, but I’m not in a rush. Thanks for the alternative.