Trusted Network Gateway — a transparent gateway that establishes end-to-end encrypted tunnels with remote attestation for confidential computing environments. Zero code changes required.
TNG offers multiple integration modes — pick the one that fits your scenario.
Run with Docker — fastest way to try TNG
docker run -it --rm --privileged --network host --cgroupns=host \
ghcr.io/inclavare-containers/tng:latest \
tng launch --config-content='<your config json>'No installation needed. Just provide a JSON config and TNG handles the rest.
tng exec — zero code changes for existing apps
# Start your existing app through TNG transparently
tng exec --config-file config.json -- ./your-appYour app talks to the backend as usual — TNG intercepts at the network layer and encrypts via remote attestation tunnel.
JavaScript SDK — browser-side encrypted requests
npm install @inclavare-containers/tngimport { TngClient } from '@inclavare-containers/tng';
const client = new TngClient({ config: { /* your config */ } });
const response = await client.fetch('https://your-tee-service/api/data');Runs entirely in the browser via WebAssembly. No server-side proxy needed.
Python SDK — programmatic integration
pip install tng-sdkfrom tng import TngClient
client = TngClient(config={"ingress": {...}, "egress": {...}})
response = client.request("https://your-tee-service/api/data")Supports httpx, requests, and openai as optional backends.
See Installation for Docker, RPM, binary, and SDK options.
- What is TNG?
- How It Works
- Key Features
- Why TNG vs. Other Solutions?
- Installation
- Project Structure
- Documentation
- Contributing
- License
TNG (Trusted Network Gateway) is a transparent gateway tool that brings remote attestation + encrypted tunnel capability to confidential computing, based on the IETF RFC 9334 (RATS) standard.
It enables two parties to automatically verify each other's runtime environment — "who you are and what code you're running" — and establish an end-to-end encrypted channel, without modifying any business code.
graph LR
subgraph ClientEnv [Client Environment]
App[Application]
TNG_In[TNG Ingress]
end
subgraph TrustedEnv ["TEE (TDX / SEV-SNP / CSV)"]
TNG_Eg[TNG Egress]
Service[Business Service]
end
App -- Plain Traffic --> TNG_In
TNG_In -. Remote Attestation + Encrypted Tunnel .-> TNG_Eg
TNG_Eg -- Decrypt & Forward --> Service
style TrustedEnv fill:#ffd700,stroke:#d4af37,stroke-width:2px
linkStyle 1 stroke:#d4af37,stroke-width:2px
-
Deploy a pair of TNG instances — one as Ingress (tunnel entry, on the client side) and one as Egress (tunnel exit, on the server side in a TEE).
Naming note: "Ingress" means traffic entering the tunnel, not "incoming to a server." Think of it as the tunnel's front door — the client-side endpoint where plaintext traffic gets encrypted and sent through the tunnel. Egress is the opposite end where traffic exits the tunnel and reaches the destination service.
-
Remote Attestation — the Ingress verifies the Egress's TEE hardware, software hashes, and runtime configuration via the Attestation Agent (AA) and Attestation Service (AS).
-
Encrypted Tunnel — once verified, an end-to-end encrypted tunnel is established (RA-TLS or OHTTP).
-
Transparent Forwarding — plaintext traffic from the client application is automatically encrypted, forwarded through the tunnel, and decrypted at the server side — all at the network layer.
The entire process is driven by a single JSON config file. No SDK integration, no code changes, no certificate management.
| 🔐 Multiple Protocols | RA-TLS for arbitrary TCP traffic, OHTTP for HTTP message-level encryption |
| 🚫 Zero Intrusiveness | Transparent proxy via netfilter, HTTP proxy, or Socks5 — no business code changes |
| 📦 Flexible Deployment | VM daemon, K8s Sidecar, browser SDK — one binary, many forms |
| 🔀 Bidirectional RA | Unidirectional, bidirectional, or reverse-RA — configurable per your trust model |
| 🦀 Pure Rust | Built-in RA-TLS implemented in Rust for memory safety |
| 🧩 CoCo Ecosystem | Works with guest-components & trustee |
| Aspect | Traditional TLS (PKI) | RA-TLS Libraries | Service Mesh (SPIFFE) | TNG |
|---|---|---|---|---|
| Trust Root | CA-issued X.509 certs | TEE hardware evidence | CA-issued SPIFFE certs | TEE hardware evidence |
| Runtime Verification | No | Manual integration required | No | Built-in, fine-grained |
| Code Changes | App must handle TLS | App must link RA-TLS lib | Infrastructure-level | None |
| Cert Management | Apply, distribute, rotate | Manual | Automated via mesh | Not needed |
| Deployment | Per-app config | Per-app integration | Full mesh infra | Single JSON config |
| Protocol Support | TLS only | TLS variant | TLS only | RA-TLS + OHTTP |
docker run -it --rm --privileged --network host --cgroupns=host \
ghcr.io/inclavare-containers/tng:latest \
tng launch --config-content='<your config json>'sudo rpm -ivh tng-<version>.rpm
sudo tng launch --config-file=/etc/tng/config.jsonDownload the pre-built binary from Releases and run directly.
npm install @inclavare-containers/tngFull SDK docs: tng-wasm/README.md
pip install tng-sdkFull SDK docs: tng-python/README.md
Tip
New to TNG? Start with Core Concepts & Workflow to understand the Ingress/Egress model and remote attestation roles, then check the Configuration Reference for all available fields.
tng/ Core gateway binary (CLI) — the main entry point
rats-cert/ Certificate generation and management library
tng-hook/ LD_PRELOAD hook library (libtng_hook.so) for `tng exec` transparent port interception
tng-wasm/ WebAssembly module + JavaScript SDK for browsers
tng-python/ Python SDK for programmatic integration
tng-testsuite/ Integration and e2e test cases
scripts/ Build, deploy, and CI helper scripts
docs/ Architecture, configuration, scenarios, and developer guides
| Document | Description |
|---|---|
| Core Concepts & Workflow | Ingress/Egress model, RA roles (AA/AS), RATS-TLS & OHTTP protocols |
| Configuration Reference | Complete field-by-field reference with examples |
| Scenario Guides | Real-world deployment topologies with full configs |
| Developer Guide | Build from source (Docker/RPM), run tests, integrate |
| Version Compatibility | Breaking changes and migration notes between versions |
| JavaScript SDK | Browser-side SDK usage and examples |
| Python SDK | Python SDK usage and examples |
Contributions are welcome! Please feel free to submit an Issue or Pull Request.
Before pushing, ensure:
make clippy && cargo fmt --check && cargo buildSee Developer Guide for detailed build and test instructions.