Skip to main content

Confidential inputs

Generators who participate in Markets that support confidential inputs require use of TEEs. The steps below assume working knowledge will help you get started with running a Generator for such Markets.

  1. Download the Generator Enclave: Obtain the Enclave Image File (EIF) shared by the Market Creator.

  2. Provision an instance: At the moment, only AWS Nitro Enclaves are supported. If you wish to use your own AWS account, you may use the native setup else you may rent an Oyster instance.

    Deploy an instance of marlin/oyster/worker-salmon-amd64 on EC2.

    Note: You can also go with marlin/oyster/worker-salmon-arm64 but ensure that your prover-executable is compatible with it. This would have to be communicated by the Market Creator.

    AWS image

    Ensure that Nitro Enclave is enabled

    AWS image

  3. Register with the Proof Marketplace: If you are not already registered, register with the Kalypso proof marketplace. You can register using the kalypso-sdk or the Marlin Hub user interface.

    Ensure that you have setup kalypso-sdk before proceeding.

    Update the Instance's IP

    Update the IP address of the Generator instance you are about to connect in your configuration file.

    /kalypso-tutorials/contracts/arb-sepolia.json
    {
        "generatorEnclave": {
            "url": "http://ip_of_generator:5000",
            "utilityUrl": "http://ip_of_generator:1500"
        }
    }

    Register the Generator

    Use the following API to register.

    /kalypso-tutorial/index.ts
    // Ensure that the SDK setup has been completed

    const declaredCompute = 100;
    const generatorMetadata = "0xff00abcd00ff";

    let tx = await kalypso.Generator().register(rewardAddress, declaredCompute, generatorMetadata);
    let receipt = await tx.wait();
    console.log("Registration Transaction: ", receipt?.hash);

    • rewardAddress: This is the address where the rewards for running the Generator and completing Tasks will be sent. It should be a valid Ethereum address.

    • declaredCompute: This parameter represents the declared compute capacity of the Generator. It is specified as an integer.

    • generatorMetadata: This is a string representing metadata associated with the Generator. It is typically a hexadecimal string that contains additional information about the Generator.

  4. Stake: Before joining a Market, it is advised that Generators check the minimum stake set by the Market Creator for that Market. Otherwise, no Tasks in the Market will be assigned to the Generator. Generators can always increase or reduce the amount of stake to have multiple Tasks assigned to them concurrently.

    Ensure that you have setup the kalypso-sdk before proceeding.

    /kalypso-tutorial/index.ts
        // Ensure that the SDK setup has been completed

        let tx: ContractTransactionResponse;
        let receipt: ContractTransactionReceipt | null;
        let currentStake = await kalypso.Generator().getStake();

        const stakeFor = await wallet.getAddress();

        if (new BigNumber(currentStake.toString()).lt(amountToStake)) {
            tx = await kalypso.Generator().stake(stakeFor, amountToStake);
            receipt = await tx.wait();
            console.log("Stake Transaction: ", receipt?.hash);
        }

        return "Done";
    • stakeFor: The address from which you want to stake.
    • amountToStake: Number of tokens to stake.

  5. Join the Marketplace: After staking, you need to join the marketplace. If the Generator has already joined the Marketplace before (and is for instance, recovering from a node reboot), only the ECIES encryption key has to be updated as per the instructions here.

    Ensure that you have setup the kalypso-sdk before proceeding.

    /kalypso-tutorial/index.ts
    // Ensure the existing SDK setup is completed

    let tx: ContractTransactionResponse;
    let receipt: ContractTransactionReceipt | null;

    let attestation = await kalypso.Generator().GeneratorEnclaveConnector().getAttestation();

    const enclaveSignature = await kalypso
        .Generator()
        .GeneratorEnclaveConnector()
        .getAttestationSignature(attestation.attestation_document.toString(), await wallet.getAddress());

    tx = await kalypso
        .Generator()
        .joinMarketPlace(
            marketId,
            computeAllocatedPerRequest,
            proofGenerationCost,
            proposedTimeInBlocks,
            attestation.attestation_document,
            enclaveSignature
        );

    receipt = await tx.wait();
    console.log("Joined Market Place Transaction: ", receipt?.hash);

    Steps:

    1. Get Attestation:

      let attestation = await kalypso.Generator().GeneratorEnclaveConnector().getAttestation();

      This line retrieves an attestation from the GeneratorEnclaveConnector. The attestation serves as proof of the generator's secure environment.

    2. Generate Attestation Signature:

      const enclaveSignature = await kalypso.Generator().GeneratorEnclaveConnector().getAttestationSignature(attestation.attestation_document.toString(), await wallet.getAddress());

      This line generates a signature for the attestation document using the generator's wallet address. The signature is used to verify the authenticity of the attestation.

    3. Join Marketplace:

      tx = await kalypso.Generator().joinMarketPlace(marketId, computeAllocatedPerRequest, proofGenerationCost, proposedTimeInBlocks, attestation.attestation_document, enclaveSignature);

      This line joins the generator to the marketplace using the specified parameters:

      • marketId: The ID of the market to join.
      • computeAllocatedPerRequest: The compute power allocated per request. It is referred to as ComputePerProof in the architectural design section.
      • proofGenerationCost: The cost for generating a proof. It is referred to as PricePerProof in the architectural design section.
      • proposedTimeInBlocks: The proposed time in blocks for proof generation. It is referred to as MaxProofTime in the architectural design section.
      • attestation.attestation_document: The attestation document obtained earlier.
      • enclaveSignature: The attestation signature generated earlier.

  6. Start the Prover: Begin running the prover to start receiving Tasks.

    /kalypso-tutorial/index.ts
        const data1 = await kalypso.Generator().GeneratorEnclaveConnector().startListener();
        console.log(JSON.stringify(data1, null, 4));

        const data2 = await kalypso.Generator().GeneratorEnclaveConnector().startProgram(programName);
        console.log(JSON.stringify(data2, null, 4));
        return "Done";

    Steps to Start Listener and Program on Kalypso Generator

    1. Start Listener:

      • Initialize the listener on the GeneratorEnclaveConnector.
      • Log the response data for verification.

    2. Start Program: