Verification from source code
The privatemode-proxy uses remote attestation to verify the Privatemode deployment before using it. This includes comparing cryptographic hashes of the deployment's code with reference values. You can reproduce these reference values from the public source code. This proves the security properties of Privatemode.
This is an optional workflow to build trust in Privatemode. You can securely use Privatemode without performing these steps.
Step 0: Build trust in Contrast
Privatemode uses Contrast, a tool to run confidential container deployments on Kubernetes. The Contrast Coordinator as well as the application containers of Privatemode run in confidential computing environments (CCEs). The Coordinator verifies the remote attestation statements of the application containers according to policies defined in the manifest. The privatemode-proxy verifies the remote attestation statement of the Coordinator and checks that it enforces the expected manifest. Thus, the privatemode-proxy effectively verifies the whole Privatemode deployment.
To trust Privatemode, you need to trust Contrast first. Contrast is open source and you can reproducibly build it. Check out the documentation and the source code to learn more.
The manifest contains
- reference values to verify the hardware-rooted attestation statement of the Coordinator
- and hashes of the policies that define the identities of the Pods that run the application containers.
The policies are generated from a Kubernetes deployment configuration. The deployment configuration of Privatemode is part of the public source code, so you can reproduce the manifest as explained in the following steps.
Step 1: Build container images to reproduce the image hashes from the source code
First, build all container images from source that are part of Privatemode's Trusted Computing Base (TCB) to obtain their hashes.
-
Ensure your system meets the prerequisites:
- Linux operating system (x86-64 architecture)
- Nix
- To install Nix, we recommend the Determinate Systems Nix installer.
-
Clone the source code repository:
git clone https://github.com/edgelesssys/privatemode-public
cd privatemode-public -
Build the container images:
scripts/calculate-image-digests.sh
The script builds the container images and writes their hashes to a file named hashes-$host.json, where $host is the hostname of your machine.
Step 2: Inspect the Kubernetes deployment configuration
The repository contains the file deployment.yaml that defines the Kubernetes deployment configuration of Privatemode.
Verify that all images referenced in the configuration are pinned to the hashes you obtained in step 1.
Step 3: Generate the Contrast manifest
Run the following script to generate the manifest from the deployment configuration:
scripts/generate-manifest.sh
This creates the files manifest.json and coordinator-policy.hash.
Step 4: Compare the generated manifest with the manifest enforced by the privatemode-proxy
To establish trust in the privatemode-proxy, you can compare its digest to the value you obtained in step 1. You can get the digest with the following command:
docker inspect -f '{{.RepoDigests}}' ghcr.io/edgelesssys/privatemode/privatemode-proxy
Then open the manifests folder under the proxy's workspace directory.
Verify that the latest entry in log.txt contains the Coordinator policy hash you obtained in step 3.
Verify that the manifest file referenced in that log entry matches the one you generated in step 3.
Conclusion
You have now verified Privatemode's trust chain from the deployment's source code up to the privatemode-proxy's remote attestation verification. This is the cryptographic proof of Privatemode's security claims.