Apache MesaTee

Clone this repo:
  1. 1a671e6 [third-party] Update SGX SDK to resolve DCAP issue (#200) by Yu Ding · 3 weeks ago master
  2. 21cf3bb [attestation] Refactor remote attestation code (#198) by Mingshen Sun · 3 weeks ago
  3. fa7ff61 [third-party] Update sgx-sdk and crates-sgx (#197) by T0day · 3 weeks ago
  4. 3fd4cc0 [third-party] Update rust-sgx-sdk and memchr (#195) by Yu Ding · 3 weeks ago
  5. ffd5d1a [core] Add SgxTrustedServer in RPC (#194) by Mingshen Sun · 4 weeks ago

Teaclave: A Universal Secure Computing Platform

Apache Teaclave (incubating) is an open source universal secure computing platform.

Security: Teaclave adopts multiple security technologies to enable secure computing, in particular, Teaclave uses Intel SGX to serve the most security-sensitive tasks with hardware-based isolation, memory encryption and attestation. Also, Teaclave is built in the Rust programming language to prevent memory-safety issues.

Functionality: Teaclave is provided as a function-as-a-service platform for secure computing. With many useful built-in functions, it supports tasks such as machine learning, private set intersection (PSI), crypto computation, etc. Developers can easily deploy a Python script in the Teaclave's trusted execution environment. More importantly, unlike traditional FaaS, Teaclave supports both general secure computing tasks and flexible multi-party secure computation.

Usability: Teaclave builds its components in containers, therefore, it supports deployment both locally and within cloud infrastructures. Teaclave also provides client SDKs and a command line tool.

Teaclave is originated from Baidu X-Lab (formerly named MesaTEE).

Quick Start

Download and build Teaclave services, examples, SDK, and command line tool.

git clone https://github.com/apache/incubator-teaclave.git
docker run --rm -v$(pwd)/incubator-teaclave:/teaclave -w /teaclave -it teaclave/teaclave-build-ubuntu-1804:latest
mkdir -p build && cd build
cmake -DTEST_MODE=ON .. && make

Start all Teaclave services with Docker Compose and detach into background. Make sure SGX driver and PSW package are properly installed and you have got the SPID and key to connect Intel Attestation Service.

export IAS_SPID=xxx
export IAS_KEY=xxx
(cd docker && docker-compose -f docker-compose-ubuntu-1804.yml up --build --detach)

Try the “quickstart” example.

./release/examples/quickstart echo -e release/examples/enclave_info.toml -m "Hello, World!"

Shutdown all Teaclave services.

(cd docker && docker-compose -f docker-compose-ubuntu-1804.yml down)

Contributing

Teaclave is open source in The Apache Way, we aim to create a project that is maintained and owned by the community. All kinds of contributions are welcome.

Community

Please subscribe our mailing list dev@teaclave.apache.org for development related activities. To subscribe, send an email to dev-subscribe@teaclave.apache.org.