Brussels / 4 & 5 February 2023


LSKV: Democratising Confidential Computing from the Core

Distributed datastores such as etcd are widespread, particularly in the world of orchestration. They support the core of services like Kubernetes, providing storage for and access to critical data. These orchestration platforms are being increasingly run in the cloud but the core datastores don’t support natively running in confidential environments, despite the critical data they store. The ‘lift-and-shift’ approach leaves changes to be made to fully leverage the confidential computing context, making it unsuitable. On the other hand, native confidential applications can be difficult to build from scratch, hence the development of frameworks such as CCF which provide small-TCB building blocks for distributed services. LSKV, the Ledger-backed Secure Key-Value store, is built on top of CCF and provides a familiar etcd API, being able to seamlessly slot into existing systems. It keeps cloud operators out of the trust boundary and makes governance operations publicly available to audit on a ledger.­­­­­ LSKV aims to democratise confidential computing, lowering the barrier to entry and making it available to the masses.


Photo of Andrew Jeffery Andrew Jeffery