Project Oak: Meaningful control of data in distributed systems

I think the authors should mention the background story for how this project originated at Google in Google Research (UK). Tried browsing through the Github project page and didn&#x27;t see any obvious references, aside from the committers list.<p>AFAIK, the first time I heard about &quot;Project Oak&quot; was about four or five years ago.<p>This predates Apple&#x27;s Private Cloud Compute.

The lede is a little buried in that README [1]:<p>## Sealed Computing<p>A canonical use of Oak is to build privacy-preserving sealed computing applications.<p>In a sealed computing application, a node (usually a client device) sends data to an enclave application (usually a server), which processes data without the service provider hosting the enclave application being able to see the inputs, outputs, or side effects of the computation.<p>[1]: <a href="https:&#x2F;&#x2F;github.com&#x2F;project-oak&#x2F;oak?tab=readme-ov-file#sealed-computing">https:&#x2F;&#x2F;github.com&#x2F;project-oak&#x2F;oak?tab=readme-ov-file#sealed...</a><p>---<p>Seems like an attempt at a privacy-preserving alternative to running your whole phone OS image on a server?

So, something that can be used to run Tor relays that provably don&#x27;t intentionally misbehave? Or hidden services that the hosting provider has no way to give other people access to?

Some previous discussion:<p><i>2019</i><p><a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=20265625">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=20265625</a>

Nice, seems like a more cost-effective alternative to homomorphic encryption

Based on the headline, I thought this was a reference to Gosling&#x27;s pre-Java language.

I was curious if someone would build something that allows the DCAP datacenter attestation to be exposed to applications, e.g. &quot;prove via intel that the SHA of the software running on the machine is XYZ&quot;

Super cool. I did some reading about Secure Enclaves with I was dreaming up ways to democratize compute; very cool to see a project like this making it a reality.

This reminds me of Spritely Goblins from the Spritely Institute, which has &quot;vats&quot; where you can run code in a distributed manner using object capabilities.

How does this compare with <a href="https:&#x2F;&#x2F;github.com&#x2F;confidential-containers">https:&#x2F;&#x2F;github.com&#x2F;confidential-containers</a>?

How does this relate&#x2F;compare to AWS Nitro Enclaves? It looks like the same concept, except integrated into Intel and AMD CPUs.

Maybe I’m just paranoid, but isn’t the (possibly unwritten) intent of this project to be able to flip the client and server around and run code in your browser and phone? I don’t understand their incentive to work on this unless they can use it to gatekeep “official” youtube clients (for example).

At first I thought this is related to the Oak server: <a href="https:&#x2F;&#x2F;github.com&#x2F;oakserver&#x2F;oak">https:&#x2F;&#x2F;github.com&#x2F;oakserver&#x2F;oak</a>

This seem to be Google&#x27;s response to Apple private cloud compute [1]?<p>[1] <a href="https:&#x2F;&#x2F;security.apple.com&#x2F;blog&#x2F;private-cloud-compute&#x2F;" rel="nofollow">https:&#x2F;&#x2F;security.apple.com&#x2F;blog&#x2F;private-cloud-compute&#x2F;</a>

A bit surprised that it’s written in rust, rather than Go. I suppose rust can take advantage of more low level apis, plus no overhead of garbage collection.<p>edit: love that the community is not silo’d into a proprietary chat platform as well:<p>&gt; We welcome contributors! To join our community, we recommend joining the mailing list.<p>- <a href="https:&#x2F;&#x2F;github.com&#x2F;project-oak&#x2F;oak?tab=readme-ov-file#getting-involved">https:&#x2F;&#x2F;github.com&#x2F;project-oak&#x2F;oak?tab=readme-ov-file#gettin...</a><p>I really wish more open source projects used mailing lists.<p>1) decentralized means of communication<p>2) able to join these communities from any type of environment (ie, corporate hell hole) without much friction. With discord, slack (especially at fortune 500s). It usually involved a whole process of approvals to get the damn thing installed and punch a hole through the firewall to get access to the service.<p>No, using a personal email and device for what I consider contributing from a work aspect (ie, submitting patch to OSS to solve specific problem with project) is not acceptable.