Oasis is excited to announce support for Trusted Domain Extension (TDX) – Intel's newest confidential computing technology – on the testnet for the ROFL framework under development by the Oasis Foundation. 

Until now, ROFL used SGX for its TEE implementation, but with the introduction of TDX, the range of what's possible inside a ROFL application is greatly expanded. TDX is hardware that enhances security and privacy via trusted execution environments (TEEs). TEEs protect sensitive data and applications from unauthorized access, and they're foundational to Oasis Network, including the newly launched Runtime Offchain Logic (ROFL) framework, which makes it possible to create offchain logic that can be easily verifiable onchain. Let's detail what this means. 

How TDX Improves ROFL

In short, TDX differs from SGX in several key respects. 

• First, TDX operates as a virtualization-based confidential computing environment, which results in better performance and fewer memory constraints relative to SGX. 
• Second, TDX allows for the straightforward (lift-and-shift) deployment of legacy applications without requiring changes to the programming model. 
• Last, TDX enhances isolation by executing in a newly introduced processor mode, a notable security upgrade. 

With SGX, moreover, the setup includes per-application enclaves where the enclave runs as part of a broader process like an existing application. It doesn't have its own kernel, which means all the interfaces between the enclave and the host are specified or limited. This setup makes computation inside the enclave more complicated because some interfaces are unavailable. 

SGX also creates performance limitations like how much memory is available even though, with newer CPUs, this has noticeably improved. But with TDX, the real differential is virtual machines where the whole virtual machine is provisioned as this trusted domain. Because each virtual machine gets its own OS kernel, far more (and cooler) things are possible. 

In the current setup, there is a minimal Linux kernel that is locked down for security. ROFL uses deterministic builds because all of that is important for actual security. Taking care of all of these details, this Linux distribution is used inside ROFL TDX virtual machines to make it minimal and secure and ensure this boot process is verifiable. The upshot to this setup is that the developer gets a dedicated virtual machine, and the whole VM can be verified, including what's running inside it.

A final key difference is that TDX architecture is more complex, which brings security implications (i.e., because it is a wider trusted computing base), and there are more possibilities for attacks. This characteristic is present because more software generally means more bugs. SGX is still the standard for security-critical applications, but TDX also uses SGX as part of its function (e.g., handling remote attestation flows). So, really, it's a combined architecture. 

The most important takeaway is this: TDX significantly expands the range of what's possible inside a ROFL application (i.e., AI workloads, intent solvers, etc). 

Get Started With ROFL

Foundational ROFL support has been included in Oasis Core v24.2. The more recent release, v24.3, also includes support for Intel TDX hardware, enabling quote verification and the provisioning of TDX virtual machines, making it possible to use TDX in ROFL apps (on testnet).

A new SDK version will soon make this fully accessible. To get started with ROFL, click here.