@elizaos/plugin-tee 0.1.7-alpha.1 → 0.1.7

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Shaw Walters, aka Moon aka @lalalune
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -1,16 +1,50 @@
-# Plugin TEE
+# @elizaos/plugin-tee
 
-A plugin for handling Trusted Execution Environment (TEE) operations.
+A plugin for handling Trusted Execution Environment (TEE) operations, providing secure key derivation and remote attestation capabilities.
 
-## Providers
+## Overview
 
-This plugin includes several providers for handling different TEE-related operations.
+This plugin provides functionality to:
+- Generate secure keys within a TEE environment
+- Derive Ed25519 keypairs for Solana
+- Derive ECDSA keypairs for Ethereum
+- Generate remote attestation quotes
+- Manage wallet interactions with TEE-derived keys
 
-### DeriveKeyProvider
+## Installation
+
+```bash
+npm install @elizaos/plugin-tee
+```
 
-The `DeriveKeyProvider` allows for secure key derivation within a TEE environment. It supports deriving keys for both Solana (Ed25519) and Ethereum (ECDSA) chains.
+## Configuration
 
-#### Usage
+The plugin requires the following environment variables:
+
+```env
+TEE_MODE=LOCAL|DOCKER|PRODUCTION
+WALLET_SECRET_SALT=your_secret_salt  # Required for single agent deployments
+DSTACK_SIMULATOR_ENDPOINT=your-endpoint-url  # Optional, for simulator purposes
+```
+
+## Usage
+
+Import and register the plugin in your Eliza configuration:
+
+```typescript
+import { teePlugin } from "@elizaos/plugin-tee";
+
+export default {
+  plugins: [teePlugin],
+  // ... other configuration
+};
+```
+
+## Features
+
+### DeriveKeyProvider
+
+The `DeriveKeyProvider` allows for secure key derivation within a TEE environment:
 
 ```typescript
 import { DeriveKeyProvider } from "@elizaos/plugin-tee";
@@ -19,59 +53,52 @@ import { DeriveKeyProvider } from "@elizaos/plugin-tee";
 const provider = new DeriveKeyProvider();
 
 // Derive a raw key
-try {
-    const rawKey = await provider.rawDeriveKey(
-        "/path/to/derive",
-        "subject-identifier"
-    );
-    // rawKey is a DeriveKeyResponse that can be used for further processing
-    // to get the uint8Array do the following
-    const rawKeyArray = rawKey.asUint8Array();
-} catch (error) {
-    console.error("Raw key derivation failed:", error);
-}
+const rawKey = await provider.rawDeriveKey(
+    "/path/to/derive",
+    "subject-identifier"
+);
+// rawKey is a DeriveKeyResponse that can be used for further processing
+const rawKeyArray = rawKey.asUint8Array();
 
 // Derive a Solana keypair (Ed25519)
-try {
-    const solanaKeypair = await provider.deriveEd25519Keypair(
-        "/path/to/derive",
-        "subject-identifier"
-    );
-    // solanaKeypair can now be used for Solana operations
-} catch (error) {
-    console.error("Solana key derivation failed:", error);
-}
+const solanaKeypair = await provider.deriveEd25519Keypair(
+    "/path/to/derive",
+    "subject-identifier"
+);
 
 // Derive an Ethereum keypair (ECDSA)
-try {
-    const evmKeypair = await provider.deriveEcdsaKeypair(
-        "/path/to/derive",
-        "subject-identifier"
-    );
-    // evmKeypair can now be used for Ethereum operations
-} catch (error) {
-    console.error("EVM key derivation failed:", error);
-}
+const evmKeypair = await provider.deriveEcdsaKeypair(
+    "/path/to/derive",
+    "subject-identifier"
+);
 ```
 
 ### RemoteAttestationProvider
 
-The `RemoteAttestationProvider` allows for generating a remote attestation within a TEE environment.
-
-#### Usage
+The `RemoteAttestationProvider` generates remote attestations within a TEE environment:
 
 ```typescript
+import { RemoteAttestationProvider } from "@elizaos/plugin-tee";
+
 const provider = new RemoteAttestationProvider();
+const attestation = await provider.generateAttestation("your-report-data");
+```
 
-try {
-    const attestation = await provider.generateAttestation("your-report-data");
-    console.log("Attestation:", attestation);
-} catch (error) {
-    console.error("Failed to generate attestation:", error);
-}
+## Development
+
+### Building
+
+```bash
+npm run build
 ```
 
-### Configuration
+### Testing
+
+```bash
+npm run test
+```
+
+## Local Development
 
 To get a TEE simulator for local testing, use the following commands:
 
@@ -81,9 +108,115 @@ docker pull phalanetwork/tappd-simulator:latest
 docker run --rm -p 8090:8090 phalanetwork/tappd-simulator:latest
 ```
 
-When using the provider through the runtime environment, ensure the following settings are configured:
+## Dependencies
 
-```env
-DSTACK_SIMULATOR_ENDPOINT="your-endpoint-url" # Optional, for simulator purposes if testing on mac or windows
-WALLET_SECRET_SALT=your-secret-salt // Required to single agent deployments
+- `@phala/dstack-sdk`: Core TEE functionality
+- `@solana/web3.js`: Solana blockchain interaction
+- `viem`: Ethereum interaction library
+- Other standard dependencies listed in package.json
+
+## API Reference
+
+### Providers
+
+- `deriveKeyProvider`: Manages secure key derivation within TEE
+- `remoteAttestationProvider`: Handles generation of remote attestation quotes
+- `walletProvider`: Manages wallet interactions with TEE-derived keys
+
+### Types
+
+```typescript
+enum TEEMode {
+    OFF = "OFF",
+    LOCAL = "LOCAL",           // For local development with simulator
+    DOCKER = "DOCKER",         // For docker development with simulator
+    PRODUCTION = "PRODUCTION"  // For production without simulator
+}
+
+interface RemoteAttestationQuote {
+    quote: string;
+    timestamp: number;
+}
 ```
+
+## Future Enhancements
+
+1. **Key Management**
+   - Advanced key derivation schemes
+   - Multi-party computation support
+   - Key rotation automation
+   - Backup and recovery systems
+   - Hardware security module integration
+   - Custom derivation paths
+
+2. **Remote Attestation**
+   - Enhanced quote verification
+   - Multiple TEE provider support
+   - Automated attestation renewal
+   - Policy management system
+   - Compliance reporting
+   - Audit trail generation
+
+3. **Security Features**
+   - Memory encryption improvements
+   - Side-channel protection
+   - Secure state management
+   - Access control systems
+   - Threat detection
+   - Security monitoring
+
+4. **Chain Integration**
+   - Multi-chain support expansion
+   - Cross-chain attestation
+   - Chain-specific optimizations
+   - Custom signing schemes
+   - Transaction privacy
+   - Bridge security
+
+5. **Developer Tools**
+   - Enhanced debugging capabilities
+   - Testing framework
+   - Simulation environment
+   - Documentation generator
+   - Performance profiling
+   - Integration templates
+
+6. **Performance Optimization**
+   - Parallel processing
+   - Caching mechanisms
+   - Resource management
+   - Latency reduction
+   - Throughput improvements
+   - Load balancing
+
+We welcome community feedback and contributions to help prioritize these enhancements.
+
+## Contributing
+
+Contributions are welcome! Please see the [CONTRIBUTING.md](CONTRIBUTING.md) file for more information.
+
+## Credits
+
+This plugin integrates with and builds upon several key technologies:
+
+- [Phala Network](https://phala.network/): Confidential smart contract platform
+- [@phala/dstack-sdk](https://www.npmjs.com/package/@phala/dstack-sdk): Core TEE functionality
+- [@solana/web3.js](https://www.npmjs.com/package/@solana/web3.js): Solana blockchain interaction
+- [viem](https://www.npmjs.com/package/viem): Ethereum interaction library
+- [Intel SGX](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html): Trusted Execution Environment technology
+
+Special thanks to:
+- The Phala Network team for their TEE infrastructure
+- The Intel SGX team for TEE technology
+- The dStack SDK maintainers
+- The Eliza community for their contributions and feedback
+
+For more information about TEE capabilities:
+- [Phala Documentation](https://docs.phala.network/)
+- [Intel SGX Documentation](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/documentation.html)
+- [TEE Security Best Practices](https://docs.phala.network/developers/phat-contract/security-notes)
+- [dStack SDK Reference](https://docs.phala.network/developers/dstack-sdk)
+
+## License
+
+This plugin is part of the Eliza project. See the main project repository for license information.