microsoft · cjen1-msft · May 16, 2025 · Apr 7, 2025 · Apr 7, 2025 · Apr 7, 2025
@@ -17,6 +17,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 [6.0.2]: https://github.com/microsoft/CCF/releases/tag/ccf-6.0.2
 
+### Added
+
+- Add support for [recovery from locally sealed secrets](https://microsoft.github.io/CCF/main/operations/recovery.html#local-sealing-recovery). (#6966)
+
 ### Changed
 
 - SymCrypt backend is pinned to 1.7.0 until https://github.com/microsoft/SymCrypt-OpenSSL/issues/115 gets shipped (#6995).

@@ -565,3 +565,10 @@ While the contents themselves are encrypted, the table is public so as to be acc
 **Key** Sentinel value 0, represented as a little-endian 64-bit unsigned integer.
 
 **Value** Last signed Merkle root of previous service instance, represented as a hex-encoded string.
+
+``last_recovery_type``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+**Value** The mechanism by which the ledger secret was recovered.
+
+.. doxygenenum:: ccf::RecoveryType
+   :project: CCF
@@ -437,6 +437,10 @@
                   "previous_service_identity_file": {
                     "type": "string",
                     "description": "Path to the previous service certificate (PEM) file"
+                  },
+                  "previous_sealed_ledger_secret_location": {
+                    "type": ["string"],
+                    "description": "Path to the sealed ledger secret folder, the ledger secrets for the recovered service will be unsealed from here instead of reconstructed from recovery shares."
                   }
                 },
                 "required": ["previous_service_identity_file"],
@@ -670,6 +674,10 @@
         "rpc_addresses_file": {
           "type": "string",
           "description": "Path to file in which all RPC addresses (hostnames and ports) will be written to on startup. This option is particularly useful when binding to port 0 and getting auto-assigned a port by the OS. No file is created if this entry is not specified"
+        },
+        "sealed_ledger_secret_location": {
+          "type": "string",
+          "description": "Path to the folder where the node will seal its ledger secrets."
         }
       },
       "description": "This section includes configuration for additional files output by the node",

@@ -113,6 +113,38 @@ Summary Diagram
 
 Once operators have established a recovered crash-fault tolerant public network, the existing members of the consortium :ref:`must vote to accept the recovery of the network and submit their recovery shares <governance/accept_recovery:Accepting Recovery and Submitting Shares>`.
 
+Local Sealing Recovery
+----------------------
+
+SNP provides the `DERIVED_KEY` guest message which derives a key from the CPU's VCEK (or VLEK), TCB version and the guest's measurement and host_data (policy), thus any change to the CPU, measurement or policy, or a rolled-back TCB version, will prevent the key from being reconstructed.
+If configured, the node will unseal the secrets it previously sealed instead of waiting for recovery shares from members after `transition_to_open` is triggered.
+
+If, in config.json, `output_files.sealed_ledger_secret_location` is set, the node will derive a key and seal versioned ledger secrets to that directory.
+This capability is noted in `public:ccf.gov.node.info[node].will_locally_seal_ledger_secrets`, to allow it to be audited.
+
+Then if `command.recover.previous_sealed_ledger_secret_location` is set in the config.json, when the node recovers and receives the `transition_to_open` transaction, the node will try to unseal the latest ledger secret and use that to recover the ledger.
+If this is unsuccessful, it will fall back to waiting for recovery shares.
+Which of these two paths is taken is noted in the `public:ccf.internal.last_recovery_type`.
+
+.. code-block:: bash
+
+    $ cat /path/to/config/file
+      ...
+      "command": {
+        "type": "Recover",
+        ...
+        "recover": {
+          ...
+          "previous_sealed_ledger_secret_location": "/path/to/previous/secret"
+        }
+      }
+      "output_files": {
+        ...
+        "sealed_ledger_secret_location": "/path/to/new/secret"
+      }
+      ...
+    $ cchost --config /path/to/config/file
+
 Notes
 -----
 

@@ -781,6 +781,9 @@
           },
           "status": {
             "$ref": "#/components/schemas/NodeStatus"
+          },
+          "will_locally_seal_ledger_secrets": {
+            "type": "boolean"
           }
         },
         "required": [
@@ -1373,7 +1376,7 @@
   "info": {
     "description": "This API is used to submit and query proposals which affect CCF's public governance tables.",
     "title": "CCF Governance API",
-    "version": "4.7.2"
+    "version": "4.7.3"
   },
   "openapi": "3.0.0",
   "paths": {

@@ -105,6 +105,8 @@ namespace ccf
     std::string service_subject_name = "CN=CCF Service";
     ccf::COSESignaturesConfig cose_signatures;
 
+    std::optional<std::string> sealed_ledger_secret_location;
+
     nlohmann::json service_data = nullptr;
 
     nlohmann::json node_data = nullptr;
@@ -132,6 +134,8 @@ namespace ccf
     {
       std::optional<std::vector<uint8_t>> previous_service_identity =
         std::nullopt;
+      std::optional<std::string> previous_sealed_ledger_secret_location =
+        std::nullopt;
     };
     Recover recover = {};
   };

@@ -160,6 +160,9 @@ namespace ccf
 
     /// ACME configuration
     std::optional<ACME> acme = std::nullopt;
+
+    // Denote whether this node will locally seal the ledger secret
+    bool will_locally_seal_ledger_secrets = false;
   };
 
   DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(
@@ -186,7 +189,8 @@ namespace ccf
   DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(NodeInfoNetwork_v2);
   DECLARE_JSON_REQUIRED_FIELDS(
     NodeInfoNetwork_v2, node_to_node_interface, rpc_interfaces);
-  DECLARE_JSON_OPTIONAL_FIELDS(NodeInfoNetwork_v2, acme);
+  DECLARE_JSON_OPTIONAL_FIELDS(
+    NodeInfoNetwork_v2, acme, will_locally_seal_ledger_secrets);
 
   struct NodeInfoNetwork : public NodeInfoNetwork_v2
   {

@@ -121,7 +121,9 @@ namespace ccf
 
   DECLARE_JSON_TYPE(StartupConfig::Recover);
   DECLARE_JSON_REQUIRED_FIELDS(
-    StartupConfig::Recover, previous_service_identity);
+    StartupConfig::Recover,
+    previous_service_identity,
+    previous_sealed_ledger_secret_location);
 
   DECLARE_JSON_TYPE_WITH_BASE(StartupConfig, CCFConfig);
   DECLARE_JSON_REQUIRED_FIELDS(
@@ -135,5 +137,6 @@ namespace ccf
     node_data,
     start,
     join,
-    recover);
+    recover,
+    sealed_ledger_secret_location);
 }
@@ -154,4 +154,15 @@ namespace files
         ec.message()));
     }
   }
+
+  static void create_directory(const fs::path& dir)
+  {
+    std::error_code ec;
+    fs::create_directory(dir, ec);
+    if (ec && ec != std::errc::file_exists)
+    {
+      throw std::logic_error(fmt::format(
+        "Could not create directory {}: {}", dir.string(), ec.message()));
+    }
+  }
 }
@@ -91,6 +91,8 @@ namespace host
       std::string node_to_node_address_file = "";
       std::string rpc_addresses_file = "";
 
+      std::optional<std::string> sealed_ledger_secret_location = std::nullopt;
+
       bool operator==(const OutputFiles&) const = default;
     };
     OutputFiles output_files = {};
@@ -157,6 +159,8 @@ namespace host
       {
         size_t initial_service_certificate_validity_days = 1;
         std::string previous_service_identity_file;
+        std::optional<std::string> previous_sealed_ledger_secret_location =
+          std::nullopt;
         bool operator==(const Recover&) const = default;
       };
       Recover recover = {};
@@ -175,7 +179,8 @@ namespace host
     node_certificate_file,
     pid_file,
     node_to_node_address_file,
-    rpc_addresses_file);
+    rpc_addresses_file,
+    sealed_ledger_secret_location);
 
   DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(CCHostConfig::Ledger);
   DECLARE_JSON_REQUIRED_FIELDS(CCHostConfig::Ledger);
@@ -214,7 +219,8 @@ namespace host
   DECLARE_JSON_OPTIONAL_FIELDS(
     CCHostConfig::Command::Recover,
     initial_service_certificate_validity_days,
-    previous_service_identity_file);
+    previous_service_identity_file,
+    previous_sealed_ledger_secret_location);
 
   DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(CCHostConfig::Command);
   DECLARE_JSON_REQUIRED_FIELDS(CCHostConfig::Command, type);

@@ -2,6 +2,7 @@
 // Licensed under the Apache 2.0 License.
 
 #include "ccf/crypto/pem.h"
+#include "ccf/crypto/symmetric_key.h"
 #include "ccf/ds/logger.h"
 #include "ccf/ds/logger_level.h"
 #include "ccf/ds/nonstd.h"
@@ -11,6 +12,7 @@
 #include "ccf/pal/attestation.h"
 #include "ccf/pal/attestation_sev_snp.h"
 #include "ccf/pal/platform.h"
+#include "ccf/pal/snp_ioctl.h"
 #include "ccf/service/node_info_network.h"
 #include "ccf/version.h"
 #include "common/configuration.h"
@@ -711,6 +713,16 @@ int main(int argc, char** argv) // NOLINT(bugprone-exception-escape)
     startup_config.startup_host_time =
       ccf::ds::to_x509_time_string(startup_host_time);
 
+    if (config.output_files.sealed_ledger_secret_location.has_value())
+    {
+      CCF_ASSERT_FMT(
+        ccf::pal::platform == ccf::pal::Platform::SNP,
+        "Local sealing is only supported on SEV-SNP platforms");
+      startup_config.network.will_locally_seal_ledger_secrets = true;
+      startup_config.sealed_ledger_secret_location =
+        config.output_files.sealed_ledger_secret_location;
+    }
+
     if (config.command.type == StartType::Start)
     {
       for (auto const& member : config.command.start.members)
@@ -796,6 +808,16 @@ int main(int argc, char** argv) // NOLINT(bugprone-exception-escape)
       }
       LOG_INFO_FMT("Reading previous service identity from {}", idf);
       startup_config.recover.previous_service_identity = files::slurp(idf);
+
+      if (config.command.recover.previous_sealed_ledger_secret_location
+            .has_value())
+      {
+        CCF_ASSERT_FMT(
+          ccf::pal::platform == ccf::pal::Platform::SNP,
+          "Local unsealing is only supported on SEV-SNP platforms");
+        startup_config.recover.previous_sealed_ledger_secret_location =
+          config.command.recover.previous_sealed_ledger_secret_location;
+      }
     }
     else
     {