A New Breakthrough in Distributed Storage, Powered by Intel SGX
Crust Network implements a decentralized distributed storage protocol utilizing Intel Software Guard Extensions (Intel SGX)
From the beginning stages of data storage and management, the basic idea of “distributed storage” technology was to use multiple servers to share the load, in order to improve the reliability, availability, and access efficiency of the system, and achieve flexible expansion capabilities.
However, many traditional distributed storage solutions use a certain form of “primary node” structure. In this case, the “primary node” will largely determine the availability and scalability of the entire system, as well as the efficiency of read and write access. To solve this problem, a “decentralization” storage architecture represented by the IPFS (InterPlanetary File System) has appeared in the market in recent years. There is no “primary node” in this “decentralized” storage structure, and the client can directly access a specific storage node to avoid performance bottlenecks caused by central nodes.
At the same time, with the rapid evolution and widespread use of cloud systems, some manufacturers have begun using these technologies to build their own distributed storage solutions.
Intel SGX helps Crust build a decentralized distributed storage network
Crust Network is a decentralized storage network, supporting multiple storage layer protocols such as IPFS, and provides storage interfaces to application layers. The Crust protocol allows anyone to connect storage resources to the network anywhere and provide storage services to the network users through the protocol. Crust uses TEE (Trusted Execution Environment) technology to help ensure the confidentiality and completeness of data on distributed storage nodes, as well as data consistency and non-tampering.
The essence of the TEE (Trusted Execution Environment) technology used by Crust network is to use Intel SGX to provide the trusted execution environment, also commonly referred to as an “enclave”, where data and code execution can be isolated and shielded from software, the operating system, VM machine software layers and the cloud service stack. The code and data are protected against viewing and modifications from outside of the TEE, even with privileged root access, and the hardware protection mechanism helps ensure confidentiality and integrity of the data and code. Since the execution logic in the enclave can be verified and tamper-proof, and the data in the enclave cannot be read by processes outside the TEE, the storage service provided by the nodes of the Crust network can provide substantial protection against potential forgery.
Based on Intel SGX technology, nodes in the Crust Network can execute non-interactive storage certification. For example, Intel SGX is working in the “store, report and verify” processes of proof of storage (see figure below).
Today, there are a variety of CPUs equipped with Intel SGX technology which can adapt to the environmental requirements of the Crust protocol for trusted execution of storage nodes. Intel’s 3rd generation Xeon Scalable processors feature Intel SGX, which can support a 1TB Enclave Page Cache, enhancing confidential computing performance using Intel SGX. Storage resources based on the Crust protocol currently exceed 1,000PB, with more than 4,000 nodes distributed globally. The storage resources supported by Crust are expected to reach 5,000PB in the next 1 to 2 years, driven by the rising demands for data storage.