This is the Sapphire ParaTime, an Oasis Protocol Foundation official ParaTime for the Oasis Network built using the Oasis SDK. It's chock-full of Oasis.
- The code has not yet been audited.
The non-SGX variant is a regular ELF binary that can be used by Oasis nodes without SGX support to operate as client nodes.
This allows (non-SGX) Oasis nodes to interact with the Sapphire ParaTime (e.g. perform non-confidential queries and validate transactions they send out) but they cannot participate in the execution of Sapphire ParaTime's transactions and they cannot see its confidential state.
Ensure you have Rust and rustup installed on your system. For more details, see Oasis Core's Development Setup Prerequisites documentation, the Rust section.
The version of the Rust toolchain we use for the Sapphire ParaTime is specified in the rust-toolchain.toml file.
The rustup-installed versions of cargo, rustc and other tools will
automatically detect this file and use the appropriate version of the Rust
toolchain when invoked from the Sapphire ParaTime
git checkout directory.
If rust toolchain is not installed on your device, you can install it like this:
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source "$HOME/.cargo/env"To install the appropriate version of the Rust toolchain, make sure you are in an Sapphire ParaTime git checkout directory and run:
rustup showThis will automatically install the appropriate Rust toolchain (if not present) and output something similar to:
...
active toolchain
----------------
nightly-nightly-2022-02-16-x86_64-unknown-linux-gnu (overridden by '...')
rustc 1.60.0-nightly (09cb29c64 2022-02-15)
Add the Fortanix SGX tools by running:
cargo install --locked fortanix-sgx-tools sgxs-toolsMock SGX allows a developer to run the Sapphire ParaTime binary without performing the attestation and requiring actual SGX hardware. While you can't connect to a production Mainnet or Testnet with such a setup, it is useful for testing Sapphire locally and/or testing dApps that require Sapphire-specific features, for example in the CI environments.
To build the unsafe, mock SGX binary of the Sapphire ParaTime for Localnet checkout the appropriate version and run:
export OASIS_UNSAFE_SKIP_AVR_VERIFY=1 OASIS_UNSAFE_ALLOW_DEBUG_ENCLAVES=1 OASIS_UNSAFE_USE_LOCALNET_CHAINID=1
cargo build --release --locked --features debug-mock-sgxThe resulting ELF binary is located at target/release/sapphire-paratime.
NOTE: The mock SGX binary is dynamically linked so it may not be portable between machines with different versions of shared libraries.
To build the SGX binary of the Sapphire ParaTime, checkout the appropriate version and run:
cargo build --release --target x86_64-fortanix-unknown-sgx --locked
cargo elf2sgxs --releaseThe resulting SGX binary is located at
target/x86_64-fortanix-unknown-sgx/release/sapphire-paratime.sgxs.
NOTE: The SGX binary is always statically linked so it doesn't exhibit the portability issues the ELF binary has.
The sapphire-localnet Docker container can be launched with a locally built
debug build of the Sapphire paratime. The Makefile contains commands to build
and then bind-mount the executable into the container.
make debugThis can be very useful when debugging or testing new features against Ethereum compatible RPC clients.