A review of the Working Groups

General
1

A previous post elaborated on the various working groups contributing to the Marlin protocol. This post aims to share updates to the structure of the working groups and their priorities. It is hoped that posting on the forum as opposed to the blog will make it easier for contributors to follow major updates from other groups on a more regular basis.

Structure

The groups that are currently active include:

  1. Oyster (Oyster | Offchain services powered by TEEs)
  2. Kalypso (Kalypso | The ZK proof marketplace)
  3. Applications (test cases)
  4. Monitoring and visualizations (https://hub.marlin.org)
  5. Orchestrator (dedicated chain/rollup/L3 for Marlin)
  6. Commons (tooling, primarily around TEEs)

The Kalypso group spun out of the Applications group as details of the ZK prover marketplace became clearer. Similarly, as gas prices on Arbitrum seem unviable for Oyster and Kalypso in the long term, the priority for the erstwhile Clusters & Gateways groups (which were to be dissolved after the Marlin Relay merged with Oyster) has turned to figuring a cheap settlement and orchestration solution. It is called the Orchestration group.

Highlights

Notable updates from each group:

  1. Oyster
  1. Kalypso
  1. Applications
  • Reproducible builds works (relevant script)
  • AI models have been benchmarked on Oyster against zkML libraries (sample image)
  • Tested a MEV relay inside Oyster, but with a full node outside the TEE
  1. Gateways
  1. Monitoring and visualizations
  1. Orchestrator
  • A TEE-based node that can log and route requests is already live
  1. Commons
  • Tooling to develop applications on Oyster Serverless
  • Helper tool to easily build enclave images
  • SDK for apps to interact with Kalypso

Integrations that likely benefited from these features:

Current priorities

Based on the information available at this moment, the current priorities of the different groups are mentioned below:

  1. Oyster
  • Subscriptions for periodic requests - Q3
  • Enabling multiple job environments - Q3
  • Ability to update enclave while maintaining IP - Q3
  • File caching for serverless execution - Q3
  • Support for SGX/TDX in smart contracts in addition to Nitro - Q4
  • Faster networking (Tuna image) - Q4
  • Scaling TDX with H100s - Q4
  • Sandboxing support - Q4
  • Verification of certificate extensions for Nitro - Q4
  • Bootstrapping Oyster verifier nodes - Q4
  • Improve local debug process for enclaves - Q4
  • Replicate enclave environment within docker - Q4
  • Implementing the monitoring protocol - Q1 2025
  • Support cross builds with enclave builder - Q1 2025
  • Expand the options of compute tiers on Serverless - Q1 2025
  • Implementing auto scaling - Q2 2025
  • Design of APIs if TDX & Nitro are combined - Q2 2025
  1. Kalypso
  • Design of staking contracts - Q3
  • Symbiotic and possibly Mellow integration - Q3
  • Implementation of monitoring protocol - Q4
  • Update Kalypso to be mechanism agnostic in order to support auctions - Q4
  • Refactoring Kalypso codebase - Q4
  • All-in-one tooling to prepare enclaves given prover/IVS binaries/executables - Q4
  • Add fault tolerance to the matching engine - Q1 2025
  • Auto scaling the matching engine - Q1 2025
  • Elegantly create submarkets when proof generation can be split - Q1 2025
  • Coordination between multiple matching engines - Q2 2025
  1. Applications
  • Implementing the Oyster bridge for Kalypso - Q3
  • Implementing a credits system for Oyster - Q3
  • Deploying Oyster contracts on Monad - Q4
  • Shared instances for easy deployments of decentralized frontends - Q4
  • Module to easily deploy NodeJS and Python apps - Q4
  • Implement the current relay network as an app on Oyster - Q1 2025
  1. Monitoring and visualizations
  • Improve the dashboards for Oyster & Kalypso - Q3/4
  1. Orchestrator
  • Run reth inside Oyster - Q4
  • Figure a secure way to bridge tokens - Q4
  1. Commons
  • Enclave image to verify attestations - Q3
  • Enabling TLS for enclave to enclave communication - Q3
  • Basic storage design for Oyster - Q4
  • TDX related tooling - Q4
  • Integrate Oyster with terraform and other infra management tools - Q4
  • Libraries for programatic deployment of instances/serverless - Q4
  • Simplify setting up secret keys within enclaves - Q4

Some open problems for which no clear solution exists but worth exploring due to their significance:

  • Open architectures for TEEs
  • Using PUFs as a source of entropy
  • Preventing DDoS on decentralized frontends
  • Running a MEV relay inside Oyster with a full node inside the TEE (light client still requires a RPC which adds to latency)
1 Like
2

Sharing some updates on major developments in the past few months:

  • Oyster
    • In place enclave updates while maintaining the same IP
    • Tuna images (code)
    • Control plane hardening (code)
    • Serverless subscriptions (code)
    • Serverless job environments (code)
  • Applications
    • Credits prototypes (code)
    • Reproducible builds using Docker (e.g. docs)
    • Log streaming (code)
    • Oyster.chat, a frontend for ollama based AI chat bot (frontend, secure_proxy, docs)
    • Deployed Naptha nodes within Oyster CVMs so that AI agents can be run securely within CVMs (node_setup)
  • Commons
    • Attestation verification enclave image (code)
    • Secure channels for communication between enclaves (code)
3

As we approach the year end, sharing some latest updates as AI agents gain momentum:

  • Oyster
    • Reproducible builds using Nix (code, docs)
    • Debug mode (code)
    • Bulk transaction sender library (code)
  • Applications
    • Docker based enclave deployment
    • Developed Teefetch enabling verifiable HTTPS communication (github)
    • Deployed Olas agents within Oyster CVMs to showcase agent developers the advantages of running agents within CVMs (enclave, olas agent)
    • Worked with Verida team to deploy its services within Oyster CVM (integration)
    • SP1 Proof generation within enclave (integration, integration_groth)
    • Developed an Eliza plugin which is listed as part of the Eliza plugin repository (plugin)
  • Commons
    • ZK attestation verifier for cheap verification in solidity (code)
    • Serverless tooling (code)
  • Monitoring and Visualization
    • UI for visualizing logs from enclaves
4

Given it’s the start of the year, it’s a good time to revisit priorities for the coming quarters.

  1. Oyster CVMs
  • CLI tool for easy deployments - Q1, Q2
  • Native axum integration with secure channels - Q1
  • KMS implementation for persistent secrets - Q1
  • Native credits integration - Q2
  • TDX prototype - Q2
  • Attestation verification network - Q3
  • TDX base image - Q3
  • TDX attestation verification - Q3
  • Market v2 with TDX support - Q4
  • TDX integration with CLI tooling - Q4
  1. Oyster Serverless
  • Testnet deployment of v2 - Q1
  • Mainnet deployment of v2 - Q2
  • Staking design - Q2
  • Serverless CLI - Q2, Q3
  • Secret store - Q3
  • Staking implementation - Q3
  • Expand supported chains - Q4
  • Expand supported environments - Q4
  1. Applications
  • Deploy applications using a standard enclave image - Q1
  • Initialization parameters - Q1
  • Local development environment - Q2
  • Native credits integration - Q2
  • Support Rena to integrate Oyster CVM - Q2
  • Decentralized frontends managed by contracts - Q3
  1. Monitoring and visualizations
  • Attestation verification UI - Q1
  • Custom indexer for easy deployment to different chains - Q1
  • Serverless UI - Q2, Q3
  • TDX UI - Q3, Q4

Research:

  • GPU TEEs
  • Serverless GPUs
5

The year started well. Lot many integrations were accomplished this past quarter! Sharing some key updates below.

  • Oyster CVMs

    • CLI tool for easy deployments (code, docs)
    • Axum integration with Scallop (code)
    • KMS implementation (code, docs)

  • Oyster Serverless

    • V2 deployment on testnet (docs)

  • Applications

    • Blue enclave images (code, docs)
    • Initialization params (code, docs)
    • Deployed Olas agents within Oyster CVMs to showcase agent developers the advantages of running agents within CVMs (enclave, olas agent)
    • Worked with Verida team to deploy its services within Oyster CVM (integration)
    • Worked with Pryv team to enable private AI assistants (integration)
    • Risc0 (integration)
    • Deployed Chromia chat agent on Oyster CVM (integration)
    • Developed a PoC to showcase how encumbered Twitter agents can act independently (docs)

  • Monitoring and Visualization

    • Attestation verification UI (link, docs)
    • Custom indexer for easy deployment to different chains (code)
7

Below are some of the recent updates:

  • Oyster CVM

    • Ease development by providing automatic setup of domains for enclaves out of the box (docs)
    • Local development environment that simulates enclave Local dev env for enclave testing before deployment (docs, code)
    • Exploring the requirements to expand Oyster marketplace to Solana
    • Enhance security of the attestation process for blue images by using custom PCRs (code)
    • Command in oyster CVM CLI to derive public key of KMS for specific enclave and path that helps external users verify the authenticity of keys derived from KMS. The above is applicable for both normal and contract based KMS (code)
    • Development of contracts for Oyster marketplace for Sui in move (code)
    • Expand support for Oyster CVM to BSC ecosystem thus expanding developer reach to use Oyster CVM enclaves (code)

  • Oyster Serverless

    • Sandbox for Oyster Serverless in frontend where any one can test out serverless functions locally before actually deploying them in production (link)
    • Serverless indexer is updated and redeployed
    • CLI to ease use of Oyster serverless by providing an interface to build, test and deploy serverless functions (code)

  • Applications

    • 3DNS integration to enable contract managed domains which enabled decentralized websites using OysterCVM (code)
    • Twitter agent service example application added to the docs as an example of how to build twitter agents that are completely independent and not controlled by anyone else. (code)
    • Sheethater is a PoC on how AI can be used within enclaves to automate mundane tasks without losing control of personal details with oyster enclaves (link, post)

  • Monitoring and Visualization

    • Expand test suite for the frontend to ensure that errors do not repeat themselves saving time while testing and ensure that the frontend is bug free.

  • Research

    • Investigate the Yocto framework for creating minimal TDX base images with a low attack surface area
    • Explore mkosi to build TDX base images with systemd for a better developer experience for application developers
    • Implement builds using buildx for building enclave components across platforms in a reproducible manner
8

Sharing a couple of updates below:

  • Oyster CVMs

    • Redesign Oyster control plane to support non-evm chains to lay path for supporting chains like Sui and Solana (code)
    • Indexer development for Sui Oyster marketplace to support Control plane in processing the requests from oyster marketplace on Sui (code)
    • Contract development for Sui blockchain for deployment of oyster marketplace on Sui (code)
    • Contract development for Solana blockchain for deployment of oyster marketplace on Solana (code)

  • Oyster Serverless

    • Design of staking mechanism for Oyster serverless and a path to move the bootstrap rewards to Oyster Serverless to bootstrap its adoption (code)
    • Serverless CLI (code)
    • Implementation of serverless staking contracts (code)

  • Applications

    • Enclave based governance platform to enable trustless query of weights from various diverse sources without compromising security (docs)
    • Run Ethereum helios light client in enclave to enable trustless bootstrapping of light clients from known initial checkpoint without trusting random checkpoint to start syncing from (docs)

  • Monitoring and Visualization

    • Frontend for Governance platform using enclaves to enable trustless query of weights from various diverse sources without compromising security
    • Restructuring to support non-evm chains on frontend
    • ETH Proofs monitoring support and integrations (code, link)
    • Revamping monitoring by vastly increasing the conditions supported and streamlining the process of adding more alerts to monitoring

  • EthProofs

    • PoC for EthProofs, i.e generate and submit zkproofs for ethereum mainnet blocks (code)
    • Migrate EthProofs Provers from risc0 to sp1 and use block trace as input for proving block (code)

  • Research

    • TDX prototypes
    • Research on Kubernetes for Oyster CVMs to enable users to use Kubernetes templates to scale and manage their enclave workloads.
9

Sharing a few updates on developments over the past few months:

  • Oyster CVMs

    • Using the redesigned Oyster Control plane architecture to extend support for Sui in Oyster Control plane (code)
    • Porting the Sui and Solana contracts to latest version of oyster marketplace contracts on Arbitrum (code)
    • Encrypted storage experimentation with NFS
    • Sui integration for CLI and demo application done on testnet (code)
    • Building working prototypes for TEEs with EC2 instance attestations in addition to existing support for Nitro Enclaves (code)

  • Monitoring and Visualization

    • Development of the latest simplified deployment flow with blue images in frontend with support for features like initialization parameters and templates for docker-compose to be used for building enclaves with blue images (frontend, forum post)
    • Development of video demos to further improve developer adoption of Oyster CVMs.

  • Governance

    • Enclave based on-chain governance design
    • Rewrite Governance enclaves in rust. Enable voting privacy and resolve replay attacks (code)

  • Research

    • Experiment with EC2 instance attestations as an attestation mechanism in addition to the existing Nitro Enclaves attestations
    • Explore inner workings of Kubernetes and compile design notes for seamless integration of TEEs as a host with expected RBAC policy support for security
10

As the new year begins, here’s what we’re looking forward to:

  • Oyster CVMs

    • Sui mainnet integration with oyster-cvm using nautilus framework and provides a reproducible enclave verification using oyster-cvms natively on Sui.

    • Implement attestation verification in the Oyster SDK for the new EC2 instance attestations for use by consumers of the SDK

    • Update the Scallop protocol to use the new SDKs so connections can be established between enclaves with the new EC2 instance attestation support

    • Develop a new base image with the new EC2 instance attestations support that application enclaves can use as an underlying template

    • Deploy a new KMS for enclaves with the new EC2 instance attestations so they can manage persistent secrets sealed to their measurements

    • Build a Pulumi based project to setup VPCs, subnets, route tables, etc for running the new EC2 instance attestations based enclaves with proper rate limiting and security posture

    • Enable running enclaves with GPU support based on the new EC2 instance attestation infrastructure with GPU-enabled instances as the host

    • Add support in the oyster-cvm CLI tool for deploying enclaves with Nitro attestation support including interfacing with the correct contracts and KMS implementations

  • Oyster Serverless

    • Migrate Oyster serverless executors to enclaves with the new EC2 instance attestations for better performance and compatibility with the broader platform

    • Build Nitro attestation based gateways for more sophisticated state management of jobs directly in the gateways and reduce unnecessary contract interactions

    • Develop x402 enabled endpoints for the Oyster serverless web2 gateways to properly rate limit and charge for the resources used by them to serve compute requests

  • Applications

    • Build an image template for providing a verifiable read-only storage disk to enclaves that store large amounts of data that does not fit in memory

    • Add support for enclaves with writable persistent storage where they can persist their running state and restart themselves without losing important data needed to continue computing where they left off previously

    • Develop generic x402 proxies for payment protection of endpoints in application enclaves that can be dropped in as-is in front of existing applications to give them the ability to charge for the usage and be self sustaining application enclaves

  • Monitoring and Visualization

    • Build a dashboard for starting, stopping, restarting, terminating and performing general management of provisioned enclaves with Nitro attestations.

    • Provide a monitoring implementation for enclaves that helps developers monitor resource usage of the enclaves

    • Enable auto-scaling for enclaves based on resource monitoring data provided by the monitoring subsystem to enable applications to automatically scale up and down to incoming traffic patterns

  • Research

    • Research Kubernetes support for TEEs that automatically provisions enclaves with the correct secrets and transparently enforces Rules Based Access Control policies with respect to the network traffic and data in persistent storage

    • Explore the EIP 8004 specification and how it can be leveraged by applications running on the Oyster platform

    • Participate in the EIP 8004 specification and standardization process to make it compatible with application running on the Oyster platform

    • Prototype general SDKs, tools and integration libraries designed to help applications seamlessly integrate with other EIP 8004 infrastructure

  • Commons

    • Reproducible enclaves using Sui Nautilus powered by Marlin Oyster