A brief introduction to Graphene
Graphene is a library OS for unmodified applications. Application binaries/executables/libraries designed for an OS cannot easily run in a different one so Graphene bridges the gap, porting computational software across different Operating Systems. In April of 2019, Golem announced the collaboration with Intel, ITL, and researchers Chia-Che Tsai and Don Porter (Texas A&M University, and the University of North Carolina - respectively).
In September last year the first major release and stable snapshot (v1.0) was released. This week we’re very excited to cover that the Working Group has achieved the second major release of Graphene, v1.1: https://github.com/oscarlab/graphene/releases/tag/v1.1
Who’s behind Graphene?
The Working Group was started and organized by Golem, Intel, UNC, Texas A&M and ITL. However, Graphene library OS has managed to gather an astoundingly talented community. You can find a list of the contributors to the Graphene Project on the maintainers’ section of the Working Group’s website.
If you’re curious specifically on contributions between v1.0 and v1.1, you can filter the contributors on GitHub between the last major release and today. Being an open-source project anyone can technically contribute. For example, there are 23 contributors on GitHub since the last major release. We’re excited to see that there are contributors to graphene GitHub repository that are outside of the official Working Group.
What is Graphene?
The Graphene library OS is a project for running unmodified Linux applications, i.e., native binaries from a standard Linux distribution. Currently, the most popular platform that Graphene ports to is Intel ® Software Guard Extensions (Intel SGX), a novel Intel CPU feature for establishing a trusted execution environment (TEE) on an untrusted host platform. Graphene library OS can run inside the Intel SGX library so that unmodified applications can get the advantages of running inside an enclave.
Intel SGX combined with Graphene offers important features as it allows to carry out a verifiable computation on an untrusted machine.
Graphene offers portability by making applications built for Linux work on other OSes. It has Intel SGX support, creating an execution framework for Intel SGX that enables the unmodified applications to run on it.
There are other applications beyond Golem where Graphene can be used, such as decentralized servers implementations, atomic swaps, distributed exchanges, Minimal Viable Plasma, Hoard, and data streaming, to name a few.
- Notable changes include Graphene Shielded Containers (GSC) which allow for seamless Docker integration where the original Docker image is transformed into a Graphene-enabled Docker image.
- A Protected File System (Protected FS) is now incorporated into Graphene along with other protections such as command-line arguments+variables and inter-process communication.
- A full list of the changelog can be found in the v1.1 release page: https://github.com/oscarlab/graphene/releases/tag/v1.1
For more details, head over to our website.
Curious about Graphene? Read our Essential Guide.
For questions - e-mail us at email@example.com
For bugs - submit an issue at https://github.com/oscarlab/graphene/issues/
Learn More about Intel SGX here.
Building instructions for Graphene are available in the documentation: https://graphene.readthedocs.io/en/latest/building.html