It's been a while since our last update, as we continue to focus on adding valuable features. In this release, we focused mainly on CLI packaging and scaling our enclave infrastructure.
Enclave Clusters (alpha version)
For a long time, we have been quite conscious of the fact that as the number of clients connecting to an enclave increases, we would have to scale the enclave infrastructure to handle increasing requests. To solve this, we incorporated sticky sessions that helped to bind a client to a specific enclave. This allowed us to have clients communicate with an enclave cluster present behind a load balancer. We ensured there was a mapping of clients and their public keys. The stickiness ensured all the client requests were routed to a particular enclave, one in which the client's authentication occurred. The duration-based cookies ensure that a user's session is valid only for a specific period, after which the client will be forced to reconnect, providing an additional layer of security.
The feature was quickly put to the test when Oblivious, in collaboration with UNHCR, hosted the UN PET Lab's first global virtual Hackathon, where 195 teams from 35 countries, consisting of 325 contestants participated, both in-person and remotely (Separate blog on that soon)!
A simplified diagram of the hackathon architecture is below:
The infrastructure was able to handle the load, which, even though not huge, was significant for us to observe its behavior over an extended period of more than 72 hours. It also gave us insight into multiple things we could improve to handle an even higher number of requests, which we plan to incorporate into our future releases.
Packaging (alpha version)
We have updated our oblv-CLI binaries to package them for all three platforms (macOS, Linux and Windows). This should help with the ease of installation of the CLI on client machines. On macOS, the CLI can be installed using homebrew, and it is packaged as an MSI installer for Windows. For Linux, deb and rpm packages are available. We have tested several Linux distributions with the latest version. You can find the entire list of the tested Linux distributions here, and we are hopeful that this will cover most of the distributions used today. Please let us know if there is any other Linux distribution you would like us to test out!
We also provide the binaries in `.zip` and `.tar.gz` formats if the above packages are incompatible with the Linux distributions. The installation instructions can be found in our dev docs. Other minor fixes and improvements are mentioned in the changelog.
We hope you find this helpful!
If you require additional clarifications or have any thoughts to share, please feel free to reach us at Discord.
If you have any additional feature requests or bugs you would like us to address, please add them here!