README.md

Phala Blockchain

Phala Network is a blockchain-based confidential computing cloud. This repo includes:

• node/: the main blockchain built on Substrate
• standalone/phost/: the bridge relayer to connect the blockchain and pRuntime
• standalone/pruntime/: the contract execution kernel running inside TEE enclave

Overview

The blockchain is the central compoent of the system. It records commands (confidential contract invocation), serve as the pRuntime registray, runs the native token and on-chain governance modules.

pHost (runtime-bridge) is the bridge relayer. It connects the blockchain and pRuntime. It passes the block data from the chain to pRuntime and passes pRuntime side effects back to the chain. A multi-client version of the runtime bridge is being developed here.

pRuntime (Phala Network Secure Enclave Runtime) is a runtime to execute confidential smart contracts, based on confidential computing.

Related repos:

• phala-wiki: The technical documentations.
• apps-ng: The fontend, with the UI of the Phase Wallet and the Phala confidential contract api sdk. (Will be upgraded to apps-nng soon.)
• phala-docker: The production dockerfiles, including the blockchain, phost, and pRuntime.

File structure

.
├── LICENSE
├── README.md
├── pallets
│   └── phala                 Phala pallet
├── ring                      Patched ring with wasm support
├── scripts
│   ├── console.sh            Helper script to build & run the blockchain
│   └── init.sh
└───standalone
    ├── node                  Blockchain node
    ├── phost                 pHost, the bridge relayer
    ├── pruntime              pRuntime, the Secure Encalve kernel
    └── runtime               Phala Substrate Runtime

Docker build

Plase refer to phala-docker.

Native Build

Dependencies

Expand

• Rust

  curl https://sh.rustup.rs -sSf | sh

• Substrate dependecies:

  git submodule init
  git submodule update
  sh ./scripts/init.sh

• LLVM 10

  wget https://apt.llvm.org/llvm.sh
  chmod +x llvm.sh
  ./llvm.sh 10

Build the blockchain and bridge

Make sure you have Rust and LLVM-10 installed.

Note for Mac users: you also need llvm and binutils from Homebrew or MacPort, and to add their binaries to your $PATH

cargo build --release

The build script enforces LLVM-10 or newer is used. LLVM-10 is needed because of the wasm port of rust crypto library, ring. We have to compile the C code into wasm while keeping the compatibility with the current rustc.

Run

1. Launch two local dev nodes Alice and Bob:

   ./scripts/console.sh start alice
   ./scripts/console.sh start bob

   • The datadir is at $HOME/tmp/(alice|bob)
   • Can be purged by ./scripts/console.sh purge
   • The WebUI can connect to Alice at port 9944.

2. Compile & launch pRuntime

   cd standalone/pruntime
   git submodule init
   git submodule update

   Read docs/sgx.md, Install SDK section, to determine how to install the Intel SGX PSW & SDK. If not using Docker, you may need the following final steps:

   sudo mkdir /opt/intel
   sudo ln -s /opt/sgxsdk /opt/intel/sgxsdk

   Run make (SGX_MODE=SW make for simulation mode if you don't have the hardware).

   Apply for Remote Attestation API keys at Intel IAS service. The SPID must be linkable. Then put the hex key in plain text files (spid.txt and key.txt) and put them into bin/.

   Finally, run pRuntime:

   cd bin/
   ./app

3. Run pHost (node and pRuntime required):

   ./target/release/phost

4. Use the WebUI

   Clone the Web UI for Phala Network repository and read its documentation to build and run the WebUI.

Run with tmuxp

You can launch the full stack (semi-automatically) by:

tmuxp load ./scripts/tmuxp/three-nodes.yaml

Or a 4-node testnet-poc4 setup:

CHAIN=poc4 tmuxp load ./scripts/tmuxp/four-nodes.yaml

tmuxp is a convinient tool that can bring up a tmux session with the preconfigured commands running in panes. To play with tmuxp, it also need a tmux installed.