[woah]

The two blockchain papers are so ridiculous on their face that I find it amazing that the authors were able to work on them at all (Intel funding may have helped in that regard).

The gist of them is that instead of using hard computational work to secure a chain against sybil attacks, they use timeouts enforced by Intel. To get more mining power in proof of work, one has to buy a lot of hashing chips, and feed a lot of power into them. To get more mining power in these "proof of Intel" schemes, one must buy more SGX chips from Intel. The supposed benefit here is that the SGX chips consume much less power than the hashing chips.

That's all well and good, except- both of the schemes in the linked papers have the same security properties as if Intel simply set up a centralized timestamping server. Intel's timestamping server would also perform a lot faster than any of these blockchains.

[vladivstok]

I feel like you've misunderstood the papers, and what the motivation behind them is. The argument isn't that Intel chips are more efficient, it is that these schemes simply don't require continuous computations.

As for the two schemes, you are correct about the first paper that it depends on the timeouts enforced by SGX. However, the second paper makes no such assumptions and doesn't even assume that the enclave is secure; all it relies on is the attestation service (which is remote).

[woah]

As I understand it, the benefit of PoET is that it doesn't require the massive waste of electricity that PoW does.

What I find ridiculous is that they have roughly the same security properties as a timestamping server set up by Intel. Creating a blockchain that depends entirely on one trusted party seems pointless.

[vladivstok]

The timestamps for PoET don't require centralized servers; the timers are local to the platform. RRR goes one step further and doesn't even trust local timers.

[cyphar]

I think you're missing the point being made. GP isn't saying these schemes require a central server.

The point they're making is that PoET assumes that Intel SGX actually provides the properties that Intel claims (namely that they will never produce attestation certificates for code not run in SGX). Thus there is a single party which you are trusting to provide these properties and not attack your system. If you're okay with trusting a single party then the system is equivalent (in terms of security) to having that single trusted party run a server which emits timestamps.

RRR suffers from basically the same problem -- you're trusting Intel to not produce endless fraudulent identities and thus always be chosen as the oldest miner.

[mkj]

Does sgx have its own oscillator or it just depends on the external clock signal for timing?