cycles-quartz/README.md

## Gramine experiments using MTCS

This is a Dockerfile for replaying the mtcs experiment in gramine, starting from the manifest file from https://github.com/informalsystems/cofi-private/issues/104
The starting point for the Dockerfile is the Gramine-based from Revm Relay hackathon. https://github.com/amiller/gramine-sgx-revm/

The point of this is to emphasize the verification process that can be completed even without SGX, by reproducing the MRENCLAVE and inspecting remote attestation quotes.

## Init the git submodules

This repo references mtcs as a submodule, but the Dockerfile simply copies mtcs from the current directory.
So don't forget to have git apply the submodules when cloning the repo
```bash
git submodule update --init --recursive
```
## Replicating the MRENCLAVE build (no SGX required

The following will build mtcs, then freeze all dependencies from the docker environment into the gramine manifest, and finally display the resulting MRENCLAVE
```bash
docker build . --tag mtcs
docker run mtcs
```

Let's see how long this remains reproducible:
```
     mr_enclave: fa9149158c693b09e83480b48c2e7344c941aadca6d5829834f2af9f2690435e
```

## Execution on an SGX machine

This is tested on a local SGX machine, not Azure

```bash
docker run -it --device /dev/sgx_enclave \
       -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket \
       -v ./data:/workdir/data \
       mtcs bash
is-sgx-available
gramine-sgx ./mtcs
cat mtcs/data/micro-set-offs.out
```
dockerfile for mtcs 2023-09-10 17:21:35 +00:00			`## Gramine experiments using MTCS`

			`This is a Dockerfile for replaying the mtcs experiment in gramine, starting from the manifest file from https://github.com/informalsystems/cofi-private/issues/104`
			`The starting point for the Dockerfile is the Gramine-based from Revm Relay hackathon. https://github.com/amiller/gramine-sgx-revm/`

			`The point of this is to emphasize the verification process that can be completed even without SGX, by reproducing the MRENCLAVE and inspecting remote attestation quotes.`

simplify instruction 2023-09-10 17:34:21 +00:00			`## Init the git submodules`

			`This repo references mtcs as a submodule, but the Dockerfile simply copies mtcs from the current directory.`
			`So don't forget to have git apply the submodules when cloning the repo`
			```bash
			`git submodule update --init --recursive`
			```
			`## Replicating the MRENCLAVE build (no SGX required`
dockerfile for mtcs 2023-09-10 17:21:35 +00:00
			`The following will build mtcs, then freeze all dependencies from the docker environment into the gramine manifest, and finally display the resulting MRENCLAVE`
			```bash
			`docker build . --tag mtcs`
simplify instruction 2023-09-10 17:34:21 +00:00			`docker run mtcs`
dockerfile for mtcs 2023-09-10 17:21:35 +00:00			```

			`Let's see how long this remains reproducible:`
			```
			`mr_enclave: fa9149158c693b09e83480b48c2e7344c941aadca6d5829834f2af9f2690435e`
			```

			`## Execution on an SGX machine`

			`This is tested on a local SGX machine, not Azure`

			```bash
			`docker run -it --device /dev/sgx_enclave \`
			`-v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket \`
			`-v ./data:/workdir/data \`
			`mtcs bash`
			`is-sgx-available`
			`gramine-sgx ./mtcs`
			`cat mtcs/data/micro-set-offs.out`
			```