SDK for creating confidential SGX enclaves in Java, Kotlin and Python
Beta feature Gramine as a new enclave runtime, which can be used as an alternative to GraalVM. Using Gramine enables some very nice features which were not possible before, including reproducible builds and native library support. Gramine is currently only available as a beta feature. Have a look at the docs to try it out. Also take a look at the known issues to see what still needs to be added.
Beta feature Much better Python support with Gramine, including a new beta enclave Python API!
For a consistent build environment, the Gradle plugin will use Docker to build the enclave, including on Linux.
Intel SGX SDK has been updated to 2.18. This provides bug fixes, security updates, and other improvements. See the SGX SDK release notes for more details.
EPID attestation protocol has been deprecated. You should use DCAP instead.
For security reasons, the way enclave constraints are evaluated has changed slightly. From now on, if a client sets the security level to INSECURE
, it will not pass for STALE
or SECURE
enclaves. This is to prevent the client from accidentally communicating with a production enclave during development or testing.
This is a small patch release with the following changes:
This is the first release of the Conclave Core SDK to be open source! 🎉 Read our blog post on why did this and what it means for you. Here is a list of the main features in this release: