In this presentation we will introduce Veracruz, a project recently adopted by the Confidential Compute Consortium, exploring how efficient, collaborative computations between mutually distrusting parties can be developed using a mixture of hardware- and software strong isolation mechanisms. Veracruz uses Arm TrustZone, Intel SGX, AWS Nitro Enclaves, or the high-assurance seL4 microvisor, to provide a "neutral ground" within which a collaborative computation takes place, shielded from prying or interference by the host of the computation. The computation itself is realised by a WebAssembly program which sandboxes the computation, means Veracruz programs are portable across different isolation technologies, and allows multi-party computations to be quickly written in high-level programming languages with standard development tools. Potential use-cases for Veracruz include support for privacy-preserving collaborative machine-learning, privacy-preserving surveys, polls, elections, or auctions, and safely delegating computations from weak devices to more powerful devices, amongst many others.
Veracruz began life as a research project within the Security group at Arm Research. However, after reaching maturity, we recently open-sourced the project on Github (see: https://github.com/veracruz-project/veracruz) as a precursor to adoption by the Confidential Compute Consortium, and all development is now done in the open. We are especially interested in attracting collaborators, as we have many ideas for where the project can go next, and are interested in hearing of other ideas and potential use-cases, too.