Skip to content
/ nixsgx Public

Reproducible Nix packages for TEEs

License

MIT license
10 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

matter-labs/nixsgx

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

133 Commits
.github
.github
 
 
overlays/libTee
overlays/libTee
 
 
packages
packages
 
 
.gitignore
.gitignore
 
 
COPYING
COPYING
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 

Repository files navigation

nixsgx

This repository contains a Nix flake with up-to-date packages for the Intel SGX SDK and gramine.

Hopefully most of the packages will be upstreamed to nixpkgs at some point.

All package builds should be reproducible and therefore can be used to build reproducible enclave images.

Usage

Test enclave

A testing enclave container is provided and can be ran like so:

# Build the dcap (or azure) container variant
nix build .#nixsgx-test-sgx-dcap

# Load image into docker
docker load < result

# Run the enclave, binding the sgx devices
docker run -i --init --rm \
  --device /dev/sgx_enclave \
  --device /dev/sgx_provision \
  nixsgx-test-sgx-dcap:latest

Note: An external aesmd instance can be provided by mounting the socket to the container: -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket

Reference projects

The following projects provide reproducible enclaves using nixsgx:

About

Reproducible Nix packages for TEEs

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

10 stars

Watchers

8 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages