iExec Sconify Image
This document describes the Sconify Image variation for iExec. In particular, this document highlights the differences between the iExec and standard Sconify Image tool. We assume everything not mentioned in this document to be as described in the standard Sconify Image documentation.
Please read the standard Sconify Image documentation before reading this document.
Basic Usage
iExec Sconify Image does not have the command sconify_image
. Instead, it uses the command sconify_iexec
. This command name enables easy identification of the Sconify Image variation.
By default, the standard Sconify Image uploads sessions during the sconification process. In contrast, iExec Sconify image does not. To re-enable this behavior, we may use the --enable-session-upload
option.
Runtime Limitations
The images and binary created with sconify_iexec
can only be executed in iExec environments. Attempts to run in other environments will result in a failure. A binary executed on an SGXv1 CPU must be signed by Intel-approved signer key to be able to run in production mode.
iExec Specific Options
IEXEC OPTIONS:
--enable-session-upload reenables session upload (disabled for IEXEC by
default)