Originally developed in 2019 by

Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...

under the name ''Coco'' and later rebranded to Confidential Consortium Framework (CCF), it is an

open-source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use and view the source code, design documents, or content of the product. The open source model is a decentrali ...

framework for developing of a new category of performant

applications Application may refer to: Mathematics and computing * Application software, computer software designed to help the user to perform specific tasks ** Application layer, an abstraction layer that specifies protocols and interface methods used in a ...

that focuses on the optimization of

secure multi-party computation Secure multi-party computation (also known as secure computation, multi-party computation (MPC) or privacy-preserving computation) is a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their ...

and data availability. Intended to accelerate the adoption of blockchain technology by enterprises, CCF can enable a variety of high-scale, confidential, permissioned

distributed ledger A distributed ledger (also called a shared ledger or distributed ledger technology or DLT) is a system whereby replicated, shared, and synchronized digital data is geographically spread (distributed) across many sites, countries, or institutions. I ...

networks that meet key enterprise requirements.

Overview

CCF provides a

multi-party computation Secure multi-party computation (also known as secure computation, multi-party computation (MPC) or privacy-preserving computation) is a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their ...

(MPC) model of programming that prioritizes highly-available data storage and a universally-verifiable data log implemented a ledger abstraction. As a permissioned framework, CCF leverages trust in a

consortium A consortium () is an association of two or more individuals, companies, organizations, or governments (or any combination of these entities) with the objective of participating in a common activity or pooling their resources for achieving a ...

of governing members and in a network of replicated hardware-protected execution environments (also known as

trusted execution environment A trusted execution environment (TEE) is a secure area of a Central processing unit, main processor. It helps the code and data loaded inside it be protected with respect to Information security#Confidentiality, confidentiality and integrity. Data ...

s EEssuch as

Intel Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer compo ...

Software Guard Extensions Intel Software Guard Extensions (SGX) is a set of instruction codes implementing trusted execution environment that are built into some Intel central processing units (CPUs). They allow user-level and operating system code to define protected priv ...

GX)to achieve high throughput, low latency, strong integrity, and strong confidentiality for application data and code executing on the ledger. CCF embeds consensus protocols with

Byzantine The Byzantine Empire, also known as the Eastern Roman Empire, was the continuation of the Roman Empire centred on Constantinople during late antiquity and the Middle Ages. Having survived the events that caused the fall of the Western Roman E ...

and crashes

fault tolerant Fault tolerance is the ability of a system to maintain proper operation despite failures or faults in one or more of its components. This capability is essential for high-availability, mission-critical, or even life-critical systems. Fault t ...

configurations. All configurations support strong service integrity based on the ledger contents. Even if some replicas are corrupt or their keys are compromised, they can be blamed based on their signed evidence of malicious activity recorded in the ledger. CCF supports transparent, programmable governance where the power of the consortium members is tunable and their activity is similarly recorded in the ledger for full

auditability An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon." Auditing al ...

. The framework is designed and built on a 6-point foundation of: * Governance: transparent, programmable consortium-style proposal and voting based governance that supports enterprise operating models. * Service Integrity: Hardware-backed integrity for application logic and data. * Confidentiality and Privacy: All transactions are confidential by default. * Performance: Database-like throughput, low latency, deterministic commits. * Efficiency: Minimal execution overhead compared to traditional solutions. * Resiliency: High availability and secure disaster recovery.

Appearances

F.O.S.D.E.M.

The Confidential Consortium Framework was presented at the Free and Open Source Software Developers' European Meeting,

FOSDEM Free and Open source Software Developers' European Meeting (FOSDEM) is an annual software engineering conference. It is non-commercial and volunteer-organized with a focus on free and open-source software. Initiated in 2000, it is usually held d ...

2020 in

Brussels Brussels, officially the Brussels-Capital Region, (All text and all but one graphic show the English name as Brussels-Capital Region.) is a Communities, regions and language areas of Belgium#Regions, region of Belgium comprising #Municipalit ...

Belgium Belgium, officially the Kingdom of Belgium, is a country in Northwestern Europe. Situated in a coastal lowland region known as the Low Countries, it is bordered by the Netherlands to the north, Germany to the east, Luxembourg to the southeas ...

. The CCF

source code In computing, source code, or simply code or source, is a plain text computer program written in a programming language. A programmer writes the human readable source code to control the behavior of a computer. Since a computer, at base, only ...

is licensed under Apache 2.0 License and available on

GitHub GitHub () is a Proprietary software, proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GitHub itself provides access control, bug trackin ...

. It runs on

Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...

and, according to Microsoft, it is primarily developed and tested on

Ubuntu Ubuntu ( ) is a Linux distribution based on Debian and composed primarily of free and open-source software. Developed by the British company Canonical (company), Canonical and a community of contributors under a Meritocracy, meritocratic gover ...

18.04.

References

External links

Confidential Consortium Framework - Microsoft Research
Blockchains C++ libraries Distributed computing Python (programming language) libraries Free and open-source software Microsoft free software Microsoft Research Software using the Apache license 2019 software Linux-only free software {{Microsoft-software-stub

Overview

Appearances

F.O.S.D.E.M.

See also

References

Further reading

External links