Persisting Mutable Storage Inside The "T"EE

This vulnerability is critical as it exposes TEEs to rollback attacks, which are particularly threatening to applications dealing with cryptocurrencies like Bitcoin. The core issue stems from the lack of internal persistent mutable storage within TEEs, forcing reliance on external storage solutions that must be protected against such attacks. A novel solution proposed to address this challenge involves creating auditable, persistent mutable storage using multiple TEEs. This approach leverages the ephemeral nature of TEE RAM to create a resilient array through strategic distribution and erasure coding, which ensures data recovery despite potential failures. It utilizes the encryption capabilities inherent to TEEs for securing data both at rest and in transit, reinforcing data integrity and confidentiality. The technical implementation of this proposed storage solution is detailed, redefining conventional storage device terminology to suit the context of cryptocurrency applications and networked TEEs. The discussion includes an examination of sector sizes and the alignment challenges with Transmission Control Protocol (TCP) standards, suggesting an optimal sector size that balances efficiency with cryptographic requirements. Furthermore, a refined disk interface is introduced to mitigate the RAID5 write hole phenomenon. Through provisional write commands and a rigorous commit/rollback protocol, the proposal ensures consistency and integrity across the array, even in scenarios involving partial updates or system crashes. This method not only addresses the atomicity of write operations but also enhances the reliability of the storage array under adverse conditions. Additionally, the use of XOR-based erasure coding presents a performance-optimized solution for parity calculation and recovery, extending support beyond traditional two-parity schemes and leveraging unpatented approaches based on Reed Solomon codes and Galois Field mathematics. The auditability of the storage configuration is highlighted as a key advantage, where the simplicity of the storage TEE programs allows for thorough scrutiny to ensure adherence to operational protocols without unauthorized rollbacks. This auditing process is crucial for verifying the integrity and proper functioning of the entire storage array, thereby increasing confidence in its capability to securely manage and store sensitive information. Furthermore, the debate around the optimal management of storage devices and ensuring data integrity and security introduces a TEE-based solution emphasizing resilience against device failure. This approach reduces operational complexity by running signer code with ephemeral keys across storage devices. The storage TEE program, devoid of private key management responsibilities, validates requests from an authorized main program concerning reading, writing, optionally copying, and securely erasing sectors. This model guarantees high availability and security, enabling stateless operation with respect to private keys and facilitating easy updates and maintenance. Lastly, the integration of LUKSv2, comprising dm-crypt and dm-integrity, is discussed as an effective equivalent to an AE scheme. However, the complexity of ensuring atomicity of updates poses challenges, notably the "log on a log" problem associated with having a logged layer atop another. ZFS is presented as an exemplary solution, utilizing a single atomicity logging layer for addressing the RAID5 write hole and ensuring transactional filesystem operations, including cryptography-quality checksums and encryption. This consolidation simplifies the architecture, reducing redundancy and enhancing efficiency by treating the entire disk as a log. The discussion underscores the importance of collapsing log layers into one to avoid multiple writes and ensure efficient, secure data management and storage.