You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Create a BLS private key on enclave startup, if it doesn't exist yet.
Store encrypted on hard drive in case of application restart.
Sealing BLS key with mrenclave is the only way to guarantee confidentiality of key. This means an application update will result in a new key, unless we implement update mechanisms such as the ones discussed here.
The text was updated successfully, but these errors were encountered:
Discussing with @metachris we came to the conclusion that the BLS key can be provided by the enclave owner, it is not a secret that must be kept within the enclave. It can be passed to the enclave via environment variable BUILDER_SECRET_KEY
Create a BLS private key on enclave startup, if it doesn't exist yet.
Store encrypted on hard drive in case of application restart.
Sealing BLS key with mrenclave is the only way to guarantee confidentiality of key. This means an application update will result in a new key, unless we implement update mechanisms such as the ones discussed here.
The text was updated successfully, but these errors were encountered: