mirror of
https://github.com/ultravioletrs/cocos.git
synced 2026-06-23 04:10:25 +00:00
Sammy Kerata Oina
906d7877b2
* Implement gRPC server with TLS and mTLS support - Added gRPC server implementation in pkg/server/grpc. - Introduced server configuration options for TLS and mTLS. - Implemented health check service for gRPC. - Created tests for server initialization, startup, and shutdown scenarios. - Added mock server for testing purposes. - Implemented graceful shutdown handling for the server. - Included documentation for the server package. Signed-off-by: SammyOina <sammyoina@gmail.com> * Add TLS and ATLS support to gRPC and HTTP clients; refactor security handling Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor server configuration structure to use Config instead of BaseConfig Signed-off-by: SammyOina <sammyoina@gmail.com> * Fix comments for consistency and clarity in TLS-related code Signed-off-by: SammyOina <sammyoina@gmail.com> * Add comprehensive tests for TLS and ATLS configurations in clients package Signed-off-by: SammyOina <sammyoina@gmail.com> * Refactor file permission constants in client tests to use octal notation Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add tests for HTTP server's TLS configuration and lifecycle management Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive tests for TLS certificate handling and configuration Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Add comprehensive tests for HTTP client configuration and transport Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor AttestationReportSize constant declaration for clarity Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor client configuration structure and update gRPC client implementations - Consolidated client configuration types into a unified structure with BaseConfig. - Introduced AttestedClientConfig and StandardClientConfig for specific use cases. - Updated gRPC client creation functions to utilize new configuration types. - Refactored tests to align with the new configuration structure. - Removed redundant ClientConfiguration interface and related methods. - Simplified TLS configuration loading logic for both standard and attested clients. Signed-off-by: Sammy Oina <sammyoina@gmail.com> * Refactor client configuration structure and TLS handling - Introduced StandardClientConfig to replace BaseConfig, simplifying client configuration. - Updated AttestedClientConfig to embed StandardClientConfig instead of BaseConfig. - Modified ClientConfiguration interface to use Config() method instead of GetBaseConfig(). - Refactored various client tests to accommodate changes in configuration structure. - Added new TLS handling functions to support basic and attested TLS configurations. - Implemented comprehensive tests for TLS loading and configuration validation. - Removed deprecated methods and unnecessary code related to BaseConfig. Signed-off-by: Sammy Oina <sammyoina@gmail.com> --------- Signed-off-by: SammyOina <sammyoina@gmail.com> Signed-off-by: Sammy Oina <sammyoina@gmail.com>
Cocos AI 🥥
Confidential Computing System for AI
Made with ❤️ by Ultraviolet
Guide | Contributing | Website
Introduction 🚀
Cocos AI is a cutting-edge platform designed to enable secure multiparty computation (SMPC) using Confidential Computing and Trusted Execution Environments (TEEs).
It empowers organizations to collaboratively process sensitive data for AI/ML workloads while ensuring:
- 🔒 Data Privacy: Your data stays encrypted and secure throughout the computation.
- 🛡️ Trust and Integrity: Protected by hardware enclaves with robust remote attestation protocols.
- 🤝 Seamless Collaboration: Multiple organizations can work together without exposing sensitive information.
Features 🛠️
Cocos AI provides essential features for secure and efficient collaborative AI/ML:
- 🖥️ TEE Enablement and Monitoring: Secure VM management for deploying and monitoring workloads.
- 🛡️ Hardware Abstraction Layer (HAL): Built on a hardened Linux kernel, secure bootloader, and minimal root filesystem (minimal TCB).
- 🕵️ In-Enclave Agent and Networking Controller: Essential system software for managing secure workloads.
- 🔒 Encrypted Data Transfer: Asynchronous data transfer and secure result delivery.
- 🛠️ API for Platform Manipulation: Programmatic control for managing workloads.
- ✅ Attestation and Verification Tools: Hardware- and software-supported attestation for integrity assurance.
- 🖱️ Command-Line Interface (CLI): A user-friendly CLI for system interaction.
🚀 Quick Start
Clone the Repository and Build Binaries
git clone git@github.com:ultravioletrs/cocos.git
make
This will generate three binaries:
ls build/
# cocos-agent cocos-cli cocos-manager
Deployment Overview:
- Manager: Deploy on the AMD SEV-SNP host to orchestrate workloads.
- Agent: Build into the EOS-based HAL for secure enclave management.
- CLI: Interact with remote agents to control operations.
📚 Documentation
Comprehensive documentation is available at the official documentation page.
For CLI usage details, visit the CLI Documentation.
Documentation is automatically generated from the docs repository. Contributions to documentation are welcome!
🛡️ License
Cocos AI is published under the permissive open-source Apache-2.0 license. Contributions are encouraged and appreciated!
🌐 Links and Resources
- Cocos AI Website
- Official Releases
- Confidential Computing Overview
- Trusted Execution Environments (TEEs)
This work has been partially supported by the ELASTIC project, which received funding from the Smart Networks and Services Joint Undertaking (SNS JU) under the European Union’s Horizon Europe research and innovation programme under Grant Agreement No. 101139067. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union. Neither the European Union nor the granting authority can be held responsible for them.