Irene Energy embraces confidential computing to safely deliver electricity.
Irene Energy was aiming high. The tech startup had a breakthrough idea for bringing affordable electricity to remote parts of Africa. Blockchain technologies built on confidential computing were key to that vision, providing end-to-end data security in the cloud.
Nearly one billion people in sub-Saharan Africa have no access to any electricity supply. Installing connections to electrical grids requires significant up-front investment, putting access beyond the reach of many families. Irene Energy, based in France, realized this issue could be solved by creating an easier, cheaper and more flexible back-office infrastructure for energy service providers.
Irene Energy knew that blockchain technologies were the key to building the type of solution it needed. It enlisted Talium — a company with a reputation for delivering successful projects built on blockchain technologies — to help design and deliver the new platform.
A scalable blockchain solution
“Talium helped us evaluate all the blockchain technologies, and Stellar was the best option because of the very low cost per transaction and its support for simple smart contracts,” says Guillaume Marchand, Founder of Irene Energy. “However, since we aim to scale up to hundreds of thousands of users, and each user needs a Stellar ID for their digital wallet on our platform, we also needed a very scalable way to manage user credentials that would be highly secure.”
Stellar authenticates users via public-key cryptography, so Irene Energy’s platform had to be able to look up users’ private keys whenever they submitted a transaction, while ensuring no one could intercept or read the private keys before, during, or after the transaction.
“It’s relatively easy to encrypt data when it’s at rest and even when it’s in transit,” says Julien Brodier, CTO of Talium. “The problem we had to solve was how to protect it during the runtime of the transaction itself, when the private key is stored in memory. At that moment, there’s a risk that someone who has root access to the server could read the decrypted key.” The ability to secure data while it was in use was essential to delivering the confidential computing capabilities the solution required, with end-to-end protection across the data lifecycle.
Protecting confidentiality in the cloud
The company chose to host its solution on the IBM Cloud due to its high level of protection and lack of upfront costs. Unlike many cloud architectures, IBM Cloud bare metal servers can utilize an Intel technology called Software Guard Extensions (SGX). SGX enables confidential computing via the creation of an encrypted “enclave” within the server’s memory, which allows applications to process data without other users of the system being able to read it.
However, developing applications that can take advantage of SGX is complex and time-consuming. To get its platform to market quickly, the company uses IBM Cloud Data Shield, a solution co-developed by IBM and Fortanix that enables Irene Energy to containerize its applications and run them on SGX-enabled bare metal worker nodes within IBM Cloud Kubernetes Service.
“Cloud Data Shield probably accelerated the development of our platform by six months,” says Marchand. “We could get to market much sooner because we didn’t have to build SGX-compatible components from scratch.”
New opportunities arise
Since its founding in 2017, Irene Energy has seen its original vision flourish — and grow. “As the energy industry witnesses the opportunities our platform opens up, we’re seeing significant demand,” says Marchand.
Recent changes in the affordability and availability of electricity are fostering new business opportunities, as well. “We have end users in remote areas in Africa who are buying home systems on a pay-as-you-go model,” says Marchand, “similar to leasing cars in the US or Europe.” This trend, coupled with price drops in solar panels and improvements in batteries, is rapidly expanding access to electricity in larger amounts, enabling customers to run more complex devices and appliances.
Those devices generate more sensitive customer data — data that can provide value to third parties for marketing additional products and services. To comply with stringent privacy standards in Africa, rather than selling customer data to third parties, Irene Energy is looking into leasing that data, while maintaining full ownership of it. Due to the confidential computing capabilities built into its blockchain platform, third parties can see the results of the data processing they pay for, with no visibility into the data itself.
According to François de Chezelles, CEO of Talium: “Initially we were protecting the encryption wallets, transactions, and keys. But now, with the same technology, the use case of Irene Energy has evolved, and we're able to process the accumulated sensitive data while preserving its confidentiality.”