Dominic recently made a great post on the DFINITY reddit!
However, as you have also pointed out, all things being equal, the state remains vulnerable to malicious systems administrators in data centers. For such reasons, the Internet Computer network will also contain “private computation” subnets, which leverage enclave hardware and other systems to prevent even those with physical access to the node hardware from gaining access to the data. On these subnets, upon which canister computation and storage will consume fractionally more cycles (“gas”), if a node machine is stolen or opened, all that will be found on their storage devices is encrypted bytes.
It touches other points such as 51% attacks, costs and decentralization
Thanks for sharing, cool to see an extra level of privacy will be available! I don’t know about others, but generally my concern for a physical attack like this is fairly low. However, when I think about the IC, I’m thinking about it like an even more batteries included AWS or GC - but better.
I think that Dominic outlined the possible use of trusted environments (Intel SGX / ARM TrustZone / AMD SEV) in the near future on Twitter (more info about the keys used for this ecnrypted bytes)
1/ does Dfinity (Internet Computer) allow for some compute to be done off chain, in a privately secured backend that runs closed/propietary code (complex application, doing some computationally heavy lifting). However the API s are open and verifiable. The smart contract that points to the backendruns on chain and is also verifiable and open. I suppose the answer to it is, that Dfinity supports it, since at least thebackendpart is how CeFi exchanges today work ontraditional, first/second generation blockchains. It would be great though to have somone s feedback who’s more familiar with this.
2/ does Dfinity support confidential (on chain) smart contracts? …
What would be amazing is if dfinity sets up a honeypot canister with a bitcoin private key in it, fund it with $100,000 and make it a hacking competition!
