Enarx is an application deployment system enabling applications to run within Trusted Execution Environments (TEEs) without rewriting for particular platforms or SDKs. It handles attestation and delivery into a run-time “Keep” based on WebAssembly, offering developers a wide range of language choices for implementation. Enarx is CPU-architecture independent, enabling the same application code to be deployed across multiple targets, abstracting issues such as cross-compilation and differing attestation mechanisms between hardware vendors. Work is currently underway on AMD SEV and Intel SGX.
- Projects & code (links to github projects external to this wiki)
- cipherpipe - Cipherpipe is a wrapper around libc to add the IPPROTO_TLS socket protocol.
- demo - A demonstration of running encrypted code in an SEV VM
- flagset - Rust data types and a macro for generating enumeration-based bit flags
- frenetic - A library for stackful coroutines with no OS dependencies.
- ketuvim - A Safe Rust API for KVM
- sev - A Safe Rust API for managing AMD SEV
- sevctl - A CLI utility for managing AMD SEV
- tlssock - A library exposing TLS/DTLS sockets using the POSIX networking APIs
IRC: #enarx on freenode.