A highly secure MirageOS Taler Exchange
We at robur submitted a proposal (at NLnet for NGI Taler) for developing a high secure MirageOS Taler exchange (MTE). The goal is to minimize the trusted computing base (by using the library operating system MirageOS) - and deploy the resulting unikernel as a virtual machine (Xen/KVM). The result is a system that is smaller and higly secure.
Once that interoperates nicely in the Taler ecosystem, and has been adapted by partners, a subsequent idea is to develop a muen system for deploying MTE on physical hardware, where the host operating system is minimal (and developed in a memory-safe language). Only the storage provider (PostgreSQL) and the network device driver will be (separate) Linux virtual machines (subjects). The main logic will be in the MirageOS unikernel, which is the only system that is able to communicate with the database.
This category is to discuss ideas of applying MirageOS, and also questions about MirageOS - as well as operational aspects.