-
Notifications
You must be signed in to change notification settings - Fork 11
Known Issues
Shams Asari edited this page Jan 25, 2023
·
6 revisions
The Gramine enclave runtime is a beta feature and does not offer all the features that the GraalVM runtime does. This includes:
- The persistent encrypted enclave filesystem
- Development on MacOS
- Enclave can only be deployed on Ubuntu 20.04
- Opening network sockets doesn't work. We plan to support opening outbound sockets in the future, but running socket-based servers inside an enclave is probably not the best way to use enclave technology. Please read about Conclave Mail to learn how to send messages to and from an enclave.
- Mail is limited in size by the size of the enclave heap, and the size of a Java array (2 gigabytes).
- Enclaves built using GraalVM runtime do not have a stable measurement, meaning that each time you build your enclave you will end up with a different MRENCLAVE value. Use the Gramine as the runtime to enable reproducible builds. Note, Gramine support is beta.
- Conclave works only in mock mode on new Mac computers with Apple silicon due to the reliance on x64 binaries.