As part of getting closer to production-ready we need to address the issue of using TensorFlow servers that are not currently intended for malicious environments.

Proposal should address:

• How we can obtain secure channels between MPC players (e.g. gRPC over TLS).

• How each server can have control over what its executing (e.g. operations and graphs), preventing an adversary from e.g. telling it to execute a graph that sends all sensitive data.

• What impact any changes will have on performance.

Suggestions:

1. Custom build of TensorFlow with required modifications.

2. Custom daemon functioning as gRPC proxy for co-located TensorFlow server