walrusTee

Is a secure Rust compiler system that enables privacy-preserving code execution through decentralized storage. The system works by uploading encrypted Rust projects (packaged as tar.gz files) to Walrus decentralized storage, where they receive a unique blob ID. Users can then retrieve these encrypted projects using the blob ID and execute them in an isolated environment, maintaining source code confidentiality throughout the entire process. The system integrates with ROFL (TEEs) on the Oasis Sapphire testnet for confidential computing capabilities, allowing developers to compile and run Rust code without exposing their intellectual property. While currently supporting only Rust, the goal is to expand support to multiple programming languages in the future.

We first use TEEs (Trusted Execution Environments) as secure enclaves provided by Oasis, and therefore we put a Rust compiler inside them for having attestation and to be sure that this is being executed in a secure environment. For providing the Rust projects, we used Walrus for encrypting them, achieving that only the TEE will know the code and it can't be extracted from it