Evolve Network
  • 🙋Introduction
    • What is Evolve Network?
      • Mission
      • Key Features
    • High-Level Overview
  • 👨‍🏫Core Concepts
    • Decentralized Compute
    • LLMs
    • Agents & Agent Flows
  • 🧩Agents Platform
    • Agents Flow
      • Agent Studio
      • Agents Hub
      • Using the Platform Locally
      • Using the Platform on Web App
    • Tools
    • Memory
    • Publishing Agent Flows
      • Public
      • Private (Local)
      • NFTs
  • 🗂️Data Management
    • Data Hub Overview
    • Data Studio
    • Built-in Data Scraper
    • Vector Databases
      • How It Works
  • 🖥️Node
    • Node Runner
    • Quick Start Guide
      • System Tray App
      • GPU Allocation and Sharing
      • Local Web App
    • The Node App
      • Architecture
    • Incentives
      • Best Practices
  • 🌐Network Architecture
    • Decentralized Network
    • Blockchain
    • Native Explorer
  • 🕵️‍♂️Tokenomics
    • Token Utility
    • Buying and Selling Tokens
    • Payments and Incentives
      • Pricing for Platform Usage
      • EVOLVE Token Emissions
    • Governance (DAO)
      • Proposal Creation
      • Voting Mechanism
      • Token-based Governance Participation
  • 🧑‍🍳Dev SDK
    • Agentflow Endpoints
    • Integration Guidelines for Third-party Services
  • 🛡️Security and Privacy
    • End-to-End Encryption
    • Trusted Execution Environment (TEE)
    • API / OAuth Management
    • Data Handling Policies
  • 🗣️Community Network
    • Roadmap
    • FAQs
    • Forum & Socials
Powered by GitBook
On this page
  • Overview
  • Encryption Process
  • Secure Data Handling
  • Memory and API Keys:
  • Private Requests:
  • Configuration and Setup
  • Node Runner Requirements:
  • Agent Configuration:
  1. Security and Privacy

End-to-End Encryption

End-to-End Encryption for Distributed Agents

We strive to ensure the highest level of privacy and security through end-to-end encryption of scripts orchestrated by the Agents Flow platform when distributed to node workers in the peer-to-peer network. Here's an outline of the encryption mechanism and the process to ensure that all private data, including agent configurations, memory context, and API keys, remain secure.

Overview

End-to-End Encryption: All scripts and configurations related to agents are encrypted before they leave the WebApp and are only decrypted in the Trusted Execution Environment (TEE) on the node runner's machine.

Peer-to-Peer Network: The distribution of encrypted scripts occurs over a decentralized peer-to-peer network with information executed on only targeted nodes in the network and no one else.

Trusted Execution Environment (TEE): Decryption and execution of scripts happen exclusively within the TEE on node runner machines, ensuring that sensitive data is never exposed to the node runner.

Encryption Process

  1. Script Encryption:

    • When an agent is configured and initiated in the Evolve WebApp, the agent's scripts, configuration files, and any associated data (memory content, API keys, etc.) are encrypted using a robust encryption algorithm (AES-256).

    • Encryption keys are generated for each session and are not stored on any server or transmitted over the network.

  2. Distribution to Node Workers:

    • The encrypted scripts and configuration files are distributed to node workers through the peer-to-peer network.

    • Each node worker receives only the encrypted payload and does not have access to the encryption keys.

Decryption and Execution

  1. Trusted Execution Environment (TEE):

    • The node runner's machine must support TEE (e.g., Intel SGX, AMD SEV) to participate in executing agents.

    • The TEE securely receives the encrypted scripts to run and decrypts them and configuration files within its protected memory space.

    • The decrypted content is never exposed outside the TEE, ensuring that the node runner cannot access sensitive data.

  2. Execution of Scripts:

    • Once decrypted within the TEE, the scripts are executed as per the agent's configuration.

    • Any data generated during execution (e.g., responses from API calls, modifications to memory) remains within the TEE and is encrypted before being sent back to the WebApp or other agents in the workflow.

Secure Data Handling

Memory and API Keys:

  • Agents can be configured to store and retrieve data from memory. This data, along with API keys, is encrypted before storage.

  • During execution, the TEE handles decryption and encryption, ensuring that the data is never exposed in plaintext.

Private Requests:

  • Any private requests made by agents, including those involving API keys, are encrypted before transmission.

  • Responses are also encrypted and handled within the TEE, maintaining the confidentiality of the data throughout its lifecycle.

Configuration and Setup

Node Runner Requirements:

  • Machines acting as node runners must support TEE and have the necessary software to participate in the Evolve Network.

  • The node runner software is configured to automatically manage encryption keys and ensure secure communication with the TEE.

Agent Configuration:

  • Users configure agents via the Evolve WebApp, specifying the required scripts, data, and API keys.

  • Before distribution, the WebApp handles encryption, ensuring that all data transmitted to node workers is secure.

The end-to-end encryption mechanism ensures that all scripts and sensitive data related to agents are securely handled throughout their lifecycle.

PreviousIntegration Guidelines for Third-party ServicesNextTrusted Execution Environment (TEE)

Last updated 11 months ago

🛡️