Releases: sentient-agi/Sentient-Enclaves-Framework
v0.17.0 - Enclaves remote debugging and logs streaming via Enclave's Init System (aggregated logs redirection to VSock).
v0.17.0 - Enclaves remote debugging and logs streaming via Enclave's Init System (aggregated logs redirection to VSock).
Enclaves remote debugging and logs streaming via **Enclave's Init System** (aggregated logs redirection to VSock).
`Initctl` listening on VSock for redirected logs streaming and output it to stdout and/or output it to file on host.
Added logs aggregation, redirection and streaming for enclave's remote debugging and logging thorugh VSock.
This will improve logs aggregation, especially in enclave's production mode (without debug console),
for remote debugging of enclaves and apps in enclaves, for use in monitoring and log aggregation systems,
to understand exact places where issues/bugs appeared, to reveal and fix them fast.
Full Changelog: v0.16.0...v0.17.0
v0.16.0 - Modular RA Web-Server.
v0.16.0 - Modular RA Web-Server.
- Proper error handling and structural logging with tracing for RA Web-Server.
- Changing configuration file format for RA Web-Server from TOML to YAML.
Full Changelog: v0.15.0...v0.16.0
v0.15.0 - Proper error handling and structural logging with tracing for PF-Proxies.
v0.15.0 - Proper error handling and structural logging with tracing for PF-Proxies.
Full Changelog: v0.14.0...v0.15.0
v0.14.0 - Dynamic buffers set via configuration for Pipeline SLC.
v0.14.0 - Dynamic buffers set via configuration for Pipeline SLC.
Dynamic buffers set via configuration for Pipeline SLC
(this unbound it from system stack size and increase performance for transferring
and caching really huge files with a small trade-off on heap allocations)
- Change configuration from TOML to YAML format for Pipeline SLC.
- Cats ASCII Art Easter Eggs update.
Full Changelog: v0.13.0...v0.14.0
v0.13.0 - Proper error handling and structural logging with tracing for Pipeline SLC.
v0.13.0 - Proper error handling and structural logging with tracing for Pipeline SLC.
Full Changelog: v0.12.0...v0.13.0
v0.12.0 - Enclave Engine initial implementation.
v0.12.0 - Enclave Engine initial implementation.
Initial codebase publishing for Enclave's Engine, a provisioning service for enclaves (based on KVM/QEMU and AWS Nitro Enclaves backends).
What's Changed
Full Changelog: v0.11.0...v0.12.0
Contributors
Assets 2
v0.11.0 - Documentation and papers
v0.11.0 - Documentation and papers for:
- Multi-hop encryption/re-encryption and delegated decryption scheme.
- Vision document about future changes and applicability of the Enclaves Framework.
- Features document about core features and advantages of the Enclaves Framework.
- UMA, Discrete, Coherent memory architectures for CVMs and future Enclaves Engine.
Full Changelog: v0.10.0...v0.11.0
v0.10.0 - recursive directory transfer implementation for Pipeline SLC.
v0.10.0 - recursive directory transfer implementation for Pipeline SLC.
Old tech debt closed in one of the most earlier components - Pipeline Secure Local Channel implementation:
- Added recursive directory transfer implementation (through
Pipeline SLCVSockbinary protocol) with reporducibility of directory tree structure. - Added new updated comprehensive
README.mdandCLI-REFERENCE.mdwith exhaustive documentation and CLI reference guide forPipeline Secure Local Channelimplmentation, covering new feature of recursive directory transfer implementation from/to enclave.
Previously directory transfers been done by Bash script and Pipeline SLC CLI tool:
Full Changelog: v0.9.0...v0.10.0
v0.9.0 - New version of Enclaves Framework, which includes new Enclave's Init System, written in Rust, and covering all crates and Enclaves Framework components with exhaustive comprehensive documentation.
v0.9.0 - New version of Enclaves Framework, which includes new Enclave's Init System, written in Rust, and covering all crates and Enclaves Framework components with exhaustive comprehensive documentation.
The Enclave Init System is a minimal, production-ready init system (PID 1) designed to run inside secure enclaves. It provides process supervision, automatic service restarts, service dependency management, comprehensive logging, dual-protocol control interfaces (Unix socket and VSOCK), and system-wide process management capabilities.
Key Characteristics and Features:
- Minimal footprint: Small binary size optimized for enclave environments
- Reliable: Written in Rust with comprehensive error handling
- Non-crashing: All errors are logged but never crash the init system
- Service supervision: Automatic process monitoring and restart policies
- Dependency management: Systemd-style service dependencies with startup ordering
- Runtime control: Manage services without restarting the enclave
- Dual protocol support: Control via Unix socket (local) or VSOCK (remote)
- Process management: List, monitor, and control all system processes
- Enable/Disable: Dynamic service activation control
- Persistent logging: Per-service log files with automatic rotation
- Configurable: YAML-based configuration for all aspects of the system
- Flexible: Configuration file path configurable via CLI and environment
- Remote management: Control enclave services from host via VSOCK
What's Changed
- New Enclave's Init System, written in Rust, for services and processes management in the enclave (from inside the enclave and also from host through VSock) and for managing enclave state.
- Covering all crates and Enclaves Framework components with exhaustive comprehensive documentation.
Full Changelog: v0.8.2...v0.9.0
v0.8.2 - New version of Enclaves Framework, which includes NATS Server as enclave's service bus (internal and external) and integration of RA Web-Server and FS-Monitor.
v0.8.2 - New version of Enclaves Framework, which includes NATS Server as enclave's service bus (internal and external) and integration of RA Web-Server and FS-Monitor.
New version of Enclaves Framework, which includes NATS Server as enclave's service bus, for integration of services inside enclave (and outside of enclave, via enclave's network proxy and external NATS servers, with support of NATS clusterization for cross-enclave integration), mainly for integration of RA Web-Server and FS-Monitor for now.
It also includes NATS KV JetStream buckets (and NATS JetStream objetcts storage/buckets) as persistency layer for services, RA Web-Server and FS-Monitor at the moment.
FS-Monitor act as a CoW FS metadata layer (missing part of enclave's ramdisk FS) and data provider for RA Web-Server to generate customized attestation documents per file in a granular way, to attest every corner of enclave's initramfs/ramdisk in enclave's runtime, and cover any run-time FS changes with enclave's attestation.
What's Changed
- Introduction of NATS Server as enclave's service bus
- Integration of services inside enclave and outside of enclave (cross-enclave integration) in a SOA manner (or in an actor based model)
- Integration of RA Web-Server and FS-Monitor, as a CoW FS metadata layer data provider for RA Web-Server
- NATS KV JetStream buckets (and NATS JetStream objetcts storage/buckets) as persistency layer for services in enclave
- Customized attestation documents per file in a granular way, to cover whole enclave's initramfs/ramdisk for any run-time FS changes with enclave's attestation
Full Changelog: v0.8.1...v0.8.2