Module blindai.core
Functions
def connect(addr: str, unattested_server_port: int = 9923, attested_server_port: int = 9924, model_management_port: int = 9925, hazmat_manifest_path: Optional[pathlib.Path] = None, hazmat_http_on_unattested_port=False, simulation_mode: bool = False) ‑> BlindAiConnection
-
Connect to a BlindAi server.
Args
addr
:str
- The address of BlindAI server you want to connect to. It can be a domain (such as "example.com" or "localhost") or an IP
unattested_server_port
:int
, optional- The unattested server port number. Defaults to 9923.
attested_server_port
:int
, optional- The attested server port number. Defaults to 9924.
model_management_port
:int
, optional- The model management port. Needs to be specified if the server only accepts model upload/deletion locally. Defaults to 9924.
hazmat_manifest_path
:Optional[pathlib.Path]
, optional- Path to the Manifest.toml which describes which enclave are to be accepted. Defaults to the built-in Manifest.toml provided by Mithril Security as part of the Python package. You can override the default by providing a path to your own Manifest.toml Caution: Changing the manifest can impact the security of the solution.
hazmat_http_on_unattested_port
:bool
, optional- If set to True, the client will request the attestation elements of the server using a plain HTTP connection instead of a more secure HTTPS connection. Defaults to False. Caution: This parameter should never be set to True in production. Using a HTTPS connection is critical to get a graceful degradation in case of a failure of the Intel SGX attestation.
simulation_mode
:bool
, optional- If set to True, BlindAI will work in simulation mode. Caution: In simulation, BlindAI does not provide any security since there is no SGX enclave. This mode SHOULD NEVER be enabled in production. Defaults to False (production mode)
Raises: requests.exceptions.RequestException: If a network or server error occurs ValueError: raised when inputs sanity checks fail IdentityError: raised when the enclave signature does not match the enclave signature expected in the manifest EnclaveHeldDataError: raised when the expected enclave held data does not match the one in the quote QuoteValidationError: raised when the returned quote is invalid (TCB outdated, not signed by the hardware provider…). AttestationError: raised when the attestation is not valid (enclave settings mismatching, debug mode unallowed…)
Returns
BlindAiConnection
- An object representing an active connection to a BlindAi server
Classes
class AttestationError (*args, **kwargs)
-
This exception is raised when the attestation is invalid (enclave settings mismatching, debug mode unallowed…).
Used as master exception for all other sub exceptions on the attestation validation
Ancestors
- builtins.Exception
- builtins.BaseException
class EnclaveHeldDataError (expected: bytes, got: bytes)
-
This exception is raised when the enclave held data expected does not match the one in the quote.
The expected enclave held data in BlindAI is an SHA-256 hash of the enclave certificate to avoid man-in-the-middle attacks
Args
expected_hash
:str
- Enclave held data hash expected
got_hash
:str
- Enclave held data hash obtained from the quote's report
Ancestors
- blindai._dcap_attestation.QuoteValidationError
- builtins.Exception
- builtins.BaseException
class IdentityError (expected: bytes, got: bytes)
-
This exception is raised when the enclave code digest (MRENCLAVE is SGX terminology) does not match the digest provided in the manifest
Args
expected_hash
:str
- hash from manifest
got_hash
:str
- hash obtained from the quote's report
Ancestors
- blindai._dcap_attestation.QuoteValidationError
- builtins.Exception
- builtins.BaseException
class ModelDatumType (value, names=None, *, module=None, qualname=None, type=None, start=1)
-
An enumeration.
Ancestors
- enum.IntEnum
- builtins.int
- enum.Enum
Class variables
var Bool
var F32
var F64
var I16
var I32
var I64
var I8
var U16
var U32
var U64
var U8
class QuoteValidationError (*args, **kwargs)
-
This exception is raised when the returned quote is invalid (TCB outdated, not signed by the hardware provider…).
Used as master exception for all other sub exceptions on the quote validation
Ancestors
- builtins.Exception
- builtins.BaseException
Subclasses
- blindai._dcap_attestation.EnclaveHeldDataError
- blindai._dcap_attestation.IdentityError
class RunModelResponse (output: List[Tensor])
-
RunModelResponse(output: List[blindai.client.Tensor])
Class variables
var output : List[Tensor]
class Tensor (info: Union[TensorInfo, dict], bytes_data: bytes)
-
Tensor class to convert serialized tensors into convenients objects.
Class variables
var bytes_data : bytes
var info : Union[TensorInfo, dict]
Instance variables
var datum_type : ModelDatumType
var shape : tuple
Methods
def as_flat(self) ‑> list
-
Convert the prediction calculated by the server to a flat python list.
def as_numpy(self)
-
Convert the prediction calculated by the server to a numpy array.
def as_torch(self)
-
Convert the prediction calculated by the server to a Torch Tensor.
As torch is heavy it's an optional dependency of the project, and is imported only when needed.
Raises: ImportError if torch isn't installed
class TensorInfo (fact, datum_type, node_name=None)
-
Class variables
var datum_type : ModelDatumType
var fact : List[int]
var node_name : str
class UploadResponse (model_id: str, hash: bytes)
-
UploadResponse(model_id: str, hash: bytes)
Class variables
var hash : bytes
var model_id : str