Conclave 1.1: Writing Confidential Computing Apps Just Got a Whole Lot Easier

We’re excited to announce the release of Conclave 1.1, the latest version of our platform that allows fast, simple development of Confidential Computing applications in Java, Kotlin or JavaScript. With this release we have really focused on developer experience, ensuring that we have a good range of sample projects covering a diverse set of applications including machine learning, as well as making big improvements to testing and debugging workflows through use of our improved ‘mock’ mode.

Furthermore, Conclave 1.1 has been tested on the latest 3rd Gen Intel Xeon Scalable processors, allowing for up to 512GB of encrypted memory per CPU.

Before we look at the new features, let’s recap some of the details of Confidential Computing and Conclave.

What problems are we solving?

When it comes to hosting a solution in the cloud, who do your customers trust with their sensitive data? Do they trust you as a software vendor? Do they trust the cloud service provider hosting the application? Do they need to trust that other customers will not get access to their data, or gain a competitive advantage through unauthorized use of that data?

Well the good news is that with Confidential Computing, they do not need to worry about anyone using their data for any purpose other than what the customers approve and authorize.

The way this is achieved is via the use of a hardware-based Trusted Execution Environment (TEE) such as Intel SGX that isolates the code and memory used to process confidential data from the rest of the application. The software vendor can cryptographically prove that when a customer sends data to the application it can only be accessed inside an up-to-date secure TEE executing code that has been approved by the customer themselves.

Now, this sounds simple but in reality there are a lot of things to consider. How does the customer know the data is being processed by a real hardware TEE? How do they know what code is running inside the TEE? What happens if a vulnerability is found in the TEE implementation? How does the software vendor separate the business logic from the sensitive data processing?

There are lots of Confidential Computing domain-specific concepts to understand when solving these problems. Does that mean you need to be an expert in these concepts before you can implement and deploy your Confidential Computing application?

No! Not when using Conclave!

Conclave hides all of this complexity from the developer. You just develop a Java application as normal, making sure to keep your data contained within the ‘enclave’ part of your application. Conclave makes it really easy for the software vendor and the vendor’s customers to check that the enclave is running in an Intel SGX TEE and that the code running inside the enclave is exactly as expected.

As soon as the data leaves the customer environment it is encrypted in transit, at rest and most importantly, in use.

Let’s take a look at those new features in Conclave 1.1 then. We have made a number of improvements that make it easier for developers to get started, develop and test their Conclave applications.

Mock Mode

Firstly, we’ve completely redesigned they way ‘mock’ enclaves work. Conclave 1.0 included a special way of building your enclaves named ‘mock mode.’ This special mode allows you to build and run your enclaves without ever leaving a Java environment. However, with Conclave 1.0 you needed to write code specifically to take advantage of ‘mock mode.’

With Conclave 1.1, ‘mock mode’ has now been fully integrated into the SDK, meaning you can switch between your production build and your mock build with a simple build parameter.

One of the challenges when working with Intel SGX is in testing for scenarios that relate to the state of SGX itself. If a vulnerability is found within SGX, Intel quickly sends down an update to the Trusted Execution Environment. This causes all the encryption keys used by enclaves to be rotated, meaning that any secrets encrypted with the latest version of SGX cannot be read by the potentially vulnerable older version.

But how can a Conclave user test that this is indeed the case?

Well, with the new mock mode, Conclave makes it really easy to simulate changes to the SGX environment including version upgrades and downgrades, allowing tests to be written that check everything works correctly when this happens in a real SGX environment.

R3’s Sneha Damle has written a great blog on the latest mock features in Conclave 1.1.

Samples

Check out our new samples repository! Here you’ll find some great new samples including:

• A sample showing how to use the Tribuo Java machine learning library in a Conclave enclave providing tools for classification, regression, clustering and model development
• A sample Event Manager which gives a demonstration of how to host multi-party computations

In addition, you’ll find the CorDapp sample that is bundled with the Conclave SDK has been revamped to show how to integrate Corda network identities with Conclave.

Documentation

We’ve made loads of improvements to the Conclave documentation, ensuring it is accurate, easy to follow and generally really useful. The API documentation has also been given a facelift.

What else?

In addition to all the above, we’ve made loads of small improvements and fixes to make the developer experience better than ever. We hope you’ll agree that our hard work really does make it easy for you to write Confidential Computing applications.

Why don’t you try it out for yourself today?