This section contains a description of steps required to build Oasis Core. Before proceeding, make sure to look at the prerequisites required for running an Oasis Core environment.
Unsafe Non-SGX Environment
To build everything required for running an Oasis node locally, simply execute the following in the top-level directory:
To build BadgerDB without
jemalloc support (and avoid installing
on your system), set
jemalloc is fine for development purposes.
This will build all the required parts (build tools, Oasis node, runtime libraries, runtime loader, key manager and test runtimes). The AVR and KM flags are supported on production SGX systems only and these features must be disabled in our environment.
Compilation procedure under SGX environment is similar to the non-SGX with slightly different environmental variables set:
The AVR flag is there because we are running a node in a local development environment and we will not do any attestation with Intel's remote servers. The KM policy keys flag allows testing keys to be used while verifying the security policy of the node. TEE hardware flag denotes the trusted execution environment engine for running the Oasis node and the tests below.
To run an Oasis node under SGX make sure:
Your hardware has SGX support.
You either explicitly enabled SGX in BIOS or made a
sgx_cap_enable_device()system call, if SGX is in software controlled state.
You installed Intel's SGX driver (check that
You have the AESM daemon running. The easiest way is to just run it in a Docker container by doing (this will keep the container running and it will be automatically started on boot):
docker run \
--restart always \
--device /dev/isgx \
--volume /var/run/aesmd:/var/run/aesmd \
--name aesmd \
sgx-detect (part of fortanix rust tools) to verify that everything is