key-provider-build: pin transitive deps for reproducible mr_enclave#672
Open
barakeinav1 wants to merge 1 commit intoDstack-TEE:masterfrom
Open
key-provider-build: pin transitive deps for reproducible mr_enclave#672barakeinav1 wants to merge 1 commit intoDstack-TEE:masterfrom
barakeinav1 wants to merge 1 commit intoDstack-TEE:masterfrom
Conversation
barakeinav1
force-pushed
the
reproducible-key-provider-build
branch
2 times, most recently
from
64012c6 to
34aa8ac
Compare
The upstream Dockerfile pins gramine (by digest), git, build-essential, Rust major-minor, and the upstream key-provider source commit. It does not pin transitive apt deps, the Rust patch version, or the rustup-init installer script. Each is a drift channel that silently changes the bytes hashed into the Gramine manifest's trusted_files list, which changes mr_enclave — breaking any attestation flow that pins to a specific expected value. In practice, builds done weeks apart on the same Dockerfile already diverge today: a rebuild produced 98f735d1… instead of the expected 6b5ed02e… because Ubuntu shipped a libcurl3-gnutls security update between the two build dates (7.81.0-1ubuntu1.23 → 1ubuntu1.24). This change parameterizes and pins all three drift channels: 1. APT_SNAPSHOT build-arg routes apt at https://snapshot.ubuntu.com/ so all transitive deps resolve to whatever Ubuntu had on the named date. Default = 20260423T000000Z. Each consumer overrides to match their expected mr_enclave: docker build --build-arg APT_SNAPSHOT=YYYYMMDDT000000Z ... 2. RUST_TOOLCHAIN build-arg with default 1.85.1 (was --default-toolchain 1.85, which resolves to whatever 1.85.x is current at install time). 3. RUSTUP_VERSION + RUSTUP_INIT_SHA256 build-args replace the live `curl https://sh.rustup.rs | sh` invocation with a pinned download from static.rust-lang.org's archive, verified against a sha256. Verified: with APT_SNAPSHOT=20260423T000000Z, the build reproduces the canonical mr_enclave 6b5ed02e549a1c30aaa8e3171a045f1f449b0017353ef595e78e39c348c98d01 that consumers (e.g. NEAR's MPC TDX nodes) currently expect.
barakeinav1
force-pushed
the
reproducible-key-provider-build
branch
from
34aa8ac to
864a988
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Two independent builds of
Dockerfile.key-providerfrom the same commit weeks apart produced differentmr_enclavevalues, traced to an unpinnedlibcurl3-gnutlsapt update. The current Dockerfile pins gramine, git, build-essential, Rust major-minor, and the upstream source commit, but transitive apt deps, the Rust patch version, and the rustup-init script can all drift between builds.What
Parameterize and pin three drift channels via build-args, plumbed through
docker-compose.yamlso they're overridable as env vars (no file edits needed):APT_SNAPSHOT20260423T000000Zlibcurl3-gnutlsshifting…ubuntu1.23 → …ubuntu1.24produced a differentmr_enclaveRUST_TOOLCHAIN1.85.11.85resolves to whatever 1.85.x is current at install timeRUSTUP_VERSION+RUSTUP_INIT_SHA2561.28.2/20a06e64…curl https://sh.rustup.rs | shOnly
APT_SNAPSHOThas demonstrated drift today; the other two are forward-looking pins (universally correct, no per-consumer choice baked in).To override any of these at build time, set the env var(s) before invoking
./run.sh, e.g.APT_SNAPSHOT=20260501T000000Z RUST_TOOLCHAIN=1.86.0 ./run.sh.The defaults reproduce a known-canonical build but are intentionally unopinionated — feel free to bump them. Each downstream consumer that pins to a specific
mr_enclaveoverrides via env vars at build time.Verified
docker-compose buildpath with an env-var override works end-to-end:APT_SNAPSHOTreproduces their pinnedmr_enclave = 6b5ed02e…. Other consumers with different canonical dates can override.Notes for maintainers
ARGlines at the top of each Dockerfile section, also overridable via env vars or--build-arg.RUSTUP_VERSION, the matchingRUSTUP_INIT_SHA256is published at:snapshot.ubuntu.comto be reachable. If that's a problem for any consumer's network, they fork and overrideAPT_SNAPSHOTto point at a private mirror via the same env-var mechanism.Out of scope
key-provider-build/README.mddocumenting the env-var knobs (no README exists today; happy to add as a follow-up if useful).MoeMahhouk/gramine-sealing-key-providerto a maintainer-controlled mirror (e.g. underDstack-TEE/,Phala-Network/, or a fork) so a future force-push or repo deletion can't break builds. Currentlygit cloneof an upstream commit hash.