Sammy Kerata Oina
8d082567d7
* Switch to self-contained algorithms as executables Transitioned from using Python scripts to self-contained binary executables for running algorithms, improving modularity and reducing dependencies. This change removes the reliance on a Python environment, as evident by the removal of Python setup and packages from the build configuration. The service now creates temporary executable files for algorithm runs, handling all permissions and cleanup, enhancing security and maintaining clean execution states. A warning is logged if computation fails, aiding in debugging. Additionally, updated manual tests to reflect these changes in the agent's handling of algorithms. Refactors: - Removed Python runtime const since it's no longer needed. - Updated documentation and test commands to reflect the change from .py to .bin for algorithm files. Build config: - Removed Python and pip packages to reduce the build size and complexity. Signed-off-by: SammyOina <sammyoina@gmail.com> * Update agent service.go file with new constants and file permission Signed-off-by: SammyOina <sammyoina@gmail.com> * Refine singular usage of 'algorithm' across modules Standardized terminology throughout the project to refer to 'algorithm' in the singular form rather than plural. Streamlined various documentations, string constants, function names, and variable names to bring cohesiveness and eliminate ambiguity when handling algorithms across README files, CLI interfaces, and internal API representations. Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix state names and indices in state_string.go Signed-off-by: SammyOina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com>
2.2 KiB
Cocos AI
Cocos AI (Confdential Computing System for AI/ML) is a platform for secure multiparty computation (SMPC) based on the Confidential Computing and Trusted Execution Environments (TEEs).
With Cocos AI it becomes possible to run AI/ML workloads on combined datasets from multiple organizations while guaranteeing the privacy and security of the data and the algorithm. Data is always encrypted, protected by hardware secure enclaves (Trusted Execution Environments), attested via secure remote attestation protocols, and invisible to cloud processors or any other 3rd party to which computation is offloaded.
Features
Cocos AI is implementing the following features:
- TEE enablement, deployment and monitoring (secure VM manager)
- HAL for TEEs based on hardened Linux kernel, secure bootloader and custom-tailored embedded rootfs for minimal TCB
- In-enclave agent, netowrking controller and other system software
- Encrypted asynchronous data transfer and result delivery
- API for programmable platform manipulation
- HW and SW supported attestation with verification tools
- CLI for system interaction
Usage
Clone the repo and create binaries:
git clone git@github.com:ultravioletrs/cocos.git
make
This will create 3 binaries:
ls build/
# cocos-agent cocos-cli cocos-manager
- Manager can be deployed on the AMD SEV-SNP host
- Agent can be built into EOS-based HAL
- CLI can be used to communicate to remote Agent.
Documentation
Project documentation is hosted at Cocos AI official docs page.
Documentation is generated from the docs repository.
License
Cocos AI is published under permissive open-source Apache-2.0 license.