Code for the VP.NET SGX enclave. Contribute to vpdotnet/vpnetd-sgx development by creating an account on GitHub.

VP.NET is built on a foundation of zero-knowledge privacy. By publishing our SGX enclave source code, we enable users to:

  • Verify our no-logging policy through code inspection
  • Confirm that servers cannot access user data or traffic patterns
  • Validate that the code running on our servers matches this public repository
  • refalo@programming.dev
    3·
    1 month ago

    Verify our no-logging policy through code inspection

    Couldn’t a network appliance, iptables or a bpf program still be logging and we’d have no idea?

    Validate that the code running on our servers matches this public repository

    Yes but AFAIK it can’t validate that the code you verified against is the same code actually powering your VPN session right now (could be a dummy box just used for validation), or that some other external hardware or superuser-level code isn’t also listening in. Someone please correct me if I’m wrong.

    • jet@hackertalks.comEnglish
      3·
      1 month ago

      Someone please correct me if I’m wrong.

      You are 100% right. Also - SGX depends on explicit trust of Intel code signing, which is another externality that needs to be in the threat model.

  • _‌_反いじめ戦隊@ani.socialEnglish
    11·
    1 month ago

    Prerequisites
    Linux
    Docker
    Go 1.21 or later
    Intel SGX SDK and PSW
    EGo (Edgeless Go) framework

    Who are they trying to fool? Not one of these requirements are zero-knowledge or ACID enough to validate anything. Might as well give me an analog hourglass, I can validate it’s volume and weight @ ATM.