If you use Docker to run a CyberMiles node, please make sure that you turn on the
priviledged Docker option:
The long story
One of the key technology innovations from the CyberMiles public blockchain is the libENI dynamic extension. It allows application developers to add high performance native functions to the virtual machine without stopping or forking the blockchain. Developers write new functions in native C/C++ code as libENI modules. CyberMiles validators vote and determine whether to include any newly created libENI modules on the blockchain. Once included, those native functions become available to all smart contracts deployed on the CyberMiles public blockchain.
However, a potential issue for libENI is that third party native code could expose the blockchain nodes to attacks or bugs. The burden is on the CyberMiles validators to review third party submitted libENI module source code, and determine whether the code is up to our network safty and performance standards. That requires a high level of technical expertise. That is why CyberMiles validators have so far been reluctant to approve new third party libENI extension modules.
With the CyberMiles v0.1.7-beta software update,
we have added a sandbox for the libENI modules to ensure that the native code would not crash the underlying system.
The sandnox requires the Docker container to run in a
priviledged mode in order to use seccomp (secure computing mode).
For all CyberMiles validators and full node operators (e.g., exchanges), please make sure that you always use the
docker run --privileged command option.