Skip to content

inclavare-containers/TNG

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

712 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

TNG

Build Docker Build RPM Build Python SDK Build WASM SDK CI codecov npm PyPI Go Reference License Rust

中文文档

Trusted Network Gateway — a transparent gateway that establishes end-to-end encrypted tunnels with remote attestation for confidential computing environments. Zero code changes required.

Quick Start

TNG offers multiple integration modes — pick the one that fits your scenario.

Run with Docker — fastest way to try TNG
docker run -it --rm --privileged --network host --cgroupns=host \
  ghcr.io/inclavare-containers/tng:latest \
  tng launch --config-content='<your config json>'

No installation needed. Just provide a JSON config and TNG handles the rest.

tng exec — zero code changes for existing apps
# Start your existing app through TNG transparently
tng exec --config-file config.json -- ./your-app

Your app talks to the backend as usual — TNG intercepts at the network layer and encrypts via remote attestation tunnel.

JavaScript SDK — browser-side encrypted requests
npm install @inclavare-containers/tng
import { TngClient } from '@inclavare-containers/tng';

const client = new TngClient({ config: { /* your config */ } });
const response = await client.fetch('https://your-tee-service/api/data');

Runs entirely in the browser via WebAssembly. No server-side proxy needed.

Python SDK — programmatic integration
pip install tng-sdk
from tng import TngClient

client = TngClient(config={"ingress": {...}, "egress": {...}})
response = client.request("https://your-tee-service/api/data")

Supports httpx, requests, and openai as optional backends.

See Installation for Docker, RPM, binary, and SDK options.


Table of Contents


What is TNG?

TNG (Trusted Network Gateway) is a transparent gateway tool that brings remote attestation + encrypted tunnel capability to confidential computing, based on the IETF RFC 9334 (RATS) standard.

It enables two parties to automatically verify each other's runtime environment — "who you are and what code you're running" — and establish an end-to-end encrypted channel, without modifying any business code.

graph LR
    subgraph ClientEnv [Client Environment]
        App[Application]
        TNG_In[TNG Ingress]
    end

    subgraph TrustedEnv ["TEE (TDX / SEV-SNP / CSV)"]
        TNG_Eg[TNG Egress]
        Service[Business Service]
    end

    App -- Plain Traffic --> TNG_In
    TNG_In -. Remote Attestation + Encrypted Tunnel .-> TNG_Eg
    TNG_Eg -- Decrypt & Forward --> Service

    style TrustedEnv fill:#ffd700,stroke:#d4af37,stroke-width:2px
    linkStyle 1 stroke:#d4af37,stroke-width:2px
Loading

How It Works

  1. Deploy a pair of TNG instances — one as Ingress (tunnel entry, on the client side) and one as Egress (tunnel exit, on the server side in a TEE).

    Naming note: "Ingress" means traffic entering the tunnel, not "incoming to a server." Think of it as the tunnel's front door — the client-side endpoint where plaintext traffic gets encrypted and sent through the tunnel. Egress is the opposite end where traffic exits the tunnel and reaches the destination service.

  2. Remote Attestation — the Ingress verifies the Egress's TEE hardware, software hashes, and runtime configuration via the Attestation Agent (AA) and Attestation Service (AS).

  3. Encrypted Tunnel — once verified, an end-to-end encrypted tunnel is established (RA-TLS or OHTTP).

  4. Transparent Forwarding — plaintext traffic from the client application is automatically encrypted, forwarded through the tunnel, and decrypted at the server side — all at the network layer.

The entire process is driven by a single JSON config file. No SDK integration, no code changes, no certificate management.

Key Features

🔐 Multiple Protocols RA-TLS for arbitrary TCP traffic, OHTTP for HTTP message-level encryption
🚫 Zero Intrusiveness Transparent proxy via netfilter, HTTP proxy, or Socks5 — no business code changes
📦 Flexible Deployment VM daemon, K8s Sidecar, browser SDK — one binary, many forms
🔀 Bidirectional RA Unidirectional, bidirectional, or reverse-RA — configurable per your trust model
🦀 Pure Rust Built-in RA-TLS implemented in Rust for memory safety
🧩 CoCo Ecosystem Works with guest-components & trustee

Why TNG vs. Other Solutions?

Aspect Traditional TLS (PKI) RA-TLS Libraries Service Mesh (SPIFFE) TNG
Trust Root CA-issued X.509 certs TEE hardware evidence CA-issued SPIFFE certs TEE hardware evidence
Runtime Verification No Manual integration required No Built-in, fine-grained
Code Changes App must handle TLS App must link RA-TLS lib Infrastructure-level None
Cert Management Apply, distribute, rotate Manual Automated via mesh Not needed
Deployment Per-app config Per-app integration Full mesh infra Single JSON config
Protocol Support TLS only TLS variant TLS only RA-TLS + OHTTP

Installation

Option 1: Docker (Recommended)

docker run -it --rm --privileged --network host --cgroupns=host \
  ghcr.io/inclavare-containers/tng:latest \
  tng launch --config-content='<your config json>'

Option 2: RPM Package

sudo rpm -ivh tng-<version>.rpm
sudo tng launch --config-file=/etc/tng/config.json

Option 3: Binary

Download the pre-built binary from Releases and run directly.

Option 4: JavaScript SDK (Browser)

npm install @inclavare-containers/tng

Full SDK docs: tng-wasm/README.md

Option 5: Python SDK

pip install tng-sdk

Full SDK docs: tng-python/README.md

Tip

New to TNG? Start with Core Concepts & Workflow to understand the Ingress/Egress model and remote attestation roles, then check the Configuration Reference for all available fields.

Project Structure

tng/             Core gateway binary (CLI) — the main entry point
rats-cert/       Certificate generation and management library
tng-hook/        LD_PRELOAD hook library (libtng_hook.so) for `tng exec` transparent port interception
tng-wasm/        WebAssembly module + JavaScript SDK for browsers
tng-python/      Python SDK for programmatic integration
tng-testsuite/   Integration and e2e test cases
scripts/         Build, deploy, and CI helper scripts
docs/            Architecture, configuration, scenarios, and developer guides

Documentation

Document Description
Core Concepts & Workflow Ingress/Egress model, RA roles (AA/AS), RATS-TLS & OHTTP protocols
Configuration Reference Complete field-by-field reference with examples
Scenario Guides Real-world deployment topologies with full configs
Developer Guide Build from source (Docker/RPM), run tests, integrate
Version Compatibility Breaking changes and migration notes between versions
JavaScript SDK Browser-side SDK usage and examples
Python SDK Python SDK usage and examples

Contributing

Contributions are welcome! Please feel free to submit an Issue or Pull Request.

Before pushing, ensure:

make clippy && cargo fmt --check && cargo build

See Developer Guide for detailed build and test instructions.

License

Apache-2.0

About

Trusted Network Gateway: A tool for establishing secure communication tunnels in confidential computing.

Topics

Resources

License

Stars

18 stars

Watchers

5 watching

Forks

Packages

 
 
 

Contributors