SGX MVP Installation Guide¶
Prerequisites¶
Before installing the Nautilus MVP, ensure your system meets the following requirements:
System Requirements¶
- Ubuntu 20.04
- Intel CPU with SGX support
- Support for DCAP attestation (e.g. Azure)
Required Software¶
-
Python Environment
- Python 3.8
- Python development packages
-
Gramine
Follow the instructions in the Gramine Installation Guide under "Install Gramine packages" and Prepare a signing key.
-
Rust Environment
-
General Dependencies
-
Install Azure DCAP Attestation dependancies
wget -qO- https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add sudo add-apt-repository "deb [arch=amd64] https://packages.microsoft.com/ubuntu/`lsb_release -rs`/prod `lsb_release -cs` main" sudo apt install az-dcap-client sudo apt update sudo apt-get install pkg-config sudo apt install sgx-aesm-service libsgx-aesm-ecdsa-plugin libsgx-aesm-quote-ex-plugin
The AESM service should be up and running. To confirm that, use:
Setup Azure DCAP:
export AZDCAP_COLLATERAL_VERSION=v4 export AZDCAP_DEBUG_LOG_LEVEL=Info export RA_TLS_ALLOW_DEBUG_ENCLAVE_INSECURE=1 export RA_TLS_ALLOW_OUTDATED_TCB_INSECURE=1 export RA_TLS_ALLOW_HW_CONFIG_NEEDED=1 export RA_TLS_ALLOW_SW_HARDENING_NEEDED=1
Make sure to always restart the
aesmd.service
after updating the configuration:
Verification Steps¶
-
Check Python Version
-
Verify Rust installation
-
Check SGX compatibility (Gramine)
SGX Setup¶
Ensure you have a Gramine signing key
-
Manifest Configuration
Check the paths in
sgx-mvp.manifest.template
and modify if necessary. -
Build Instructions
-
Run NTLS MVP