Installation

Chain ID: swisstronik_1291-1

Swisstronik uses Intel SGX to protect user transactions and smart contract state. Since Intel SGX is a hardware solution, you should have appropriate hardware to run it. On Testnet stage we have tolerant requirements, but closer to mainnet we will significantly increase them to have production-grade security.

System Requirements

For now, you can use any Intel CPU which supports SGX via SPS and EPID remote attestation
32 GB RAM
1 TB SSD

Configure BIOS

Enable SGX
Disable Secure Boot
Disable Hyper Threading
Disable Turbo Mode
Enable CPU AES

Install Intel SGX Driver

wget https://download.01.org/intel-sgx/sgx-linux/2.22/distro/ubuntu22.04-server/sgx_linux_x64_driver_2.11.54c9c4c.bin 
chmod +x sgx_linux_x64_driver_2.11.54c9c4c.bin
sudo ./sgx_linux_x64_driver_2.11.54c9c4c.bin

Install Intel AESM service

echo "deb https://download.01.org/intel-sgx/sgx_repo/ubuntu $(lsb_release -cs) main" | sudo tee -a /etc/apt/sources.list.d/intel-sgx.list >/dev/null
curl -sSL "https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key" | sudo -E apt-key add -
sudo apt update
sudo apt install sgx-aesm-service libsgx-aesm-launch-plugin libsgx-aesm-epid-plugin

Install all required libraries

Enable the Intel SGX APT repository and install required packages to run swisstronikd:

echo "deb https://download.01.org/intel-sgx/sgx_repo/ubuntu $(lsb_release -cs) main" | sudo tee -a /etc/apt/sources.list.d/intel-sgx.list >/dev/null
curl -sSL "https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key" | sudo -E apt-key add -
sudo apt update
sudo apt install sgx-aesm-service libsgx-aesm-launch-plugin libsgx-aesm-epid-plugin

After that, you are ready to run swisstronikd.

Install Dependencies

sudo apt update && sudo apt upgrade -y

sudo apt install libsgx-launch libsgx-urts libsgx-epid libsgx-quote-ex sgx-aesm-service libsgx-aesm-launch-plugin libsgx-aesm-epid-plugin libsgx-quote-ex libsgx-dcap-ql libsnappy1v5

Install Rust

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"

Build and Install sgxs-tools

cargo install sgxs-tools

After the installation completes, run sgx-detect to make sure that everything is set up correctly:

sudo $(which sgx-detect)

Note: If you don't run the sgx-detect tool as root, it might not have the necessary permissions to access the SGX kernel device.

When everything is working correctly, you should receive output similar to the following (some details may vary depending on hardware features):

Detecting SGX, this may take a minute...
✔  SGX instruction set  
  ✔  CPU support  
  ✔  CPU configuration  
  ✔  Enclave attributes  
  ✔  Enclave Page Cache  
  SGX features
      ✔  SGX2  ✔  EXINFO  ✔  ENCLV  ✔  OVERSUB  ✔  KSS    
      Total EPC size: 92.8MiB
✘  Flexible launch control  
  ✔  CPU support  
  ？ CPU configuration  
  ✘  Able to launch production mode enclave
✔  SGX system software  
  ✔  SGX kernel device (/dev/isgx)  
  ✘  libsgx_enclave_common  
  ✔  AESM service  
  ✔  Able to launch enclaves    
    ✔  Debug mode    
    ✘  Production mode    
    ✔  Production mode (Intel whitelisted)

Install Go and Configure Go

if ! [ -x "$(command -v go)" ]; then
  ver="1.21.5"
  cd $HOME
  wget "https://golang.org/dl/go$ver.linux-amd64.tar.gz"
  sudo rm -rf /usr/local/go
  sudo tar -C /usr/local -xzf "go$ver.linux-amd64.tar.gz"
  rm "go$ver.linux-amd64.tar.gz"
  echo "export PATH=$PATH:/usr/local/go/bin:$HOME/go/bin" >> ~/.bash_profile
  source ~/.bash_profile
fi

PreviousSwisstronik NextConfigure Node

Last updated 1 year ago

hashtagSystem Requirements

hashtagConfigure BIOS

hashtagInstall Intel SGX Driver

hashtagInstall Intel AESM service

hashtagInstall all required libraries

hashtagInstall Dependencies

hashtagInstall Rustarrow-up-right

hashtagBuild and Install sgxs-tools

hashtagInstall Go and Configure Go