npm - @elizaos/plugin-tee - Versions diffs - 0.1.7-alpha.2 → 0.1.8-alpha.1 - Mend

@elizaos/plugin-tee 0.1.7-alpha.2 → 0.1.8-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md CHANGED Viewed

@@ -1,16 +1,51 @@
-# Plugin TEE
+# @elizaos/plugin-tee
-A plugin for handling Trusted Execution Environment (TEE) operations.
+A plugin for handling Trusted Execution Environment (TEE) operations, providing secure key derivation and remote attestation capabilities.
-## Providers
+## Overview
-This plugin includes several providers for handling different TEE-related operations.
+This plugin provides functionality to:
-### DeriveKeyProvider
+- Generate secure keys within a TEE environment
+- Derive Ed25519 keypairs for Solana
+- Derive ECDSA keypairs for Ethereum
+- Generate remote attestation quotes
+- Manage wallet interactions with TEE-derived keys
+## Installation
+```bash
+npm install @elizaos/plugin-tee
+```
-The `DeriveKeyProvider` allows for secure key derivation within a TEE environment. It supports deriving keys for both Solana (Ed25519) and Ethereum (ECDSA) chains.
+## Configuration
+The plugin requires the following environment variables:
+```env
+TEE_MODE=LOCAL|DOCKER|PRODUCTION
+WALLET_SECRET_SALT=your_secret_salt  # Required for single agent deployments
+DSTACK_SIMULATOR_ENDPOINT=your-endpoint-url  # Optional, for simulator purposes
+```
-#### Usage
+## Usage
+Import and register the plugin in your Eliza configuration:
+```typescript
+import { teePlugin } from "@elizaos/plugin-tee";
+export default {
+    plugins: [teePlugin],
+    // ... other configuration
+};
+```
+## Features
+### DeriveKeyProvider
+The `DeriveKeyProvider` allows for secure key derivation within a TEE environment:
 ```typescript
 import { DeriveKeyProvider } from "@elizaos/plugin-tee";
@@ -19,59 +54,52 @@ import { DeriveKeyProvider } from "@elizaos/plugin-tee";
 const provider = new DeriveKeyProvider();
 // Derive a raw key
-try {
-    const rawKey = await provider.rawDeriveKey(
-        "/path/to/derive",
-        "subject-identifier"
-    );
-    // rawKey is a DeriveKeyResponse that can be used for further processing
-    // to get the uint8Array do the following
-    const rawKeyArray = rawKey.asUint8Array();
-} catch (error) {
-    console.error("Raw key derivation failed:", error);
-}
+const rawKey = await provider.rawDeriveKey(
+    "/path/to/derive",
+    "subject-identifier"
+);
+// rawKey is a DeriveKeyResponse that can be used for further processing
+const rawKeyArray = rawKey.asUint8Array();
 // Derive a Solana keypair (Ed25519)
-try {
-    const solanaKeypair = await provider.deriveEd25519Keypair(
-        "/path/to/derive",
-        "subject-identifier"
-    );
-    // solanaKeypair can now be used for Solana operations
-} catch (error) {
-    console.error("Solana key derivation failed:", error);
-}
+const solanaKeypair = await provider.deriveEd25519Keypair(
+    "/path/to/derive",
+    "subject-identifier"
+);
 // Derive an Ethereum keypair (ECDSA)
-try {
-    const evmKeypair = await provider.deriveEcdsaKeypair(
-        "/path/to/derive",
-        "subject-identifier"
-    );
-    // evmKeypair can now be used for Ethereum operations
-} catch (error) {
-    console.error("EVM key derivation failed:", error);
-}
+const evmKeypair = await provider.deriveEcdsaKeypair(
+    "/path/to/derive",
+    "subject-identifier"
+);
 ```
 ### RemoteAttestationProvider
-The `RemoteAttestationProvider` allows for generating a remote attestation within a TEE environment.
-#### Usage
+The `RemoteAttestationProvider` generates remote attestations within a TEE environment:
 ```typescript
+import { RemoteAttestationProvider } from "@elizaos/plugin-tee";
 const provider = new RemoteAttestationProvider();
+const attestation = await provider.generateAttestation("your-report-data");
+```
-try {
-    const attestation = await provider.generateAttestation("your-report-data");
-    console.log("Attestation:", attestation);
-} catch (error) {
-    console.error("Failed to generate attestation:", error);
-}
+## Development
+### Building
+```bash
+npm run build
+```
+### Testing
+```bash
+npm run test
 ```
-### Configuration
+## Local Development
 To get a TEE simulator for local testing, use the following commands:
@@ -81,9 +109,122 @@ docker pull phalanetwork/tappd-simulator:latest
 docker run --rm -p 8090:8090 phalanetwork/tappd-simulator:latest
 ```
-When using the provider through the runtime environment, ensure the following settings are configured:
+## Dependencies
-```env
-DSTACK_SIMULATOR_ENDPOINT="your-endpoint-url" # Optional, for simulator purposes if testing on mac or windows
-WALLET_SECRET_SALT=your-secret-salt // Required to single agent deployments
+- `@phala/dstack-sdk`: Core TEE functionality
+- `@solana/web3.js`: Solana blockchain interaction
+- `viem`: Ethereum interaction library
+- Other standard dependencies listed in package.json
+## API Reference
+### Providers
+- `deriveKeyProvider`: Manages secure key derivation within TEE
+- `remoteAttestationProvider`: Handles generation of remote attestation quotes
+- `walletProvider`: Manages wallet interactions with TEE-derived keys
+### Types
+```typescript
+enum TEEMode {
+    OFF = "OFF",
+    LOCAL = "LOCAL", // For local development with simulator
+    DOCKER = "DOCKER", // For docker development with simulator
+    PRODUCTION = "PRODUCTION", // For production without simulator
+}
+interface RemoteAttestationQuote {
+    quote: string;
+    timestamp: number;
+}
 ```
+## Future Enhancements
+1. **Key Management**
+    - Advanced key derivation schemes
+    - Multi-party computation support
+    - Key rotation automation
+    - Backup and recovery systems
+    - Hardware security module integration
+    - Custom derivation paths
+2. **Remote Attestation**
+    - Enhanced quote verification
+    - Multiple TEE provider support
+    - Automated attestation renewal
+    - Policy management system
+    - Compliance reporting
+    - Audit trail generation
+3. **Security Features**
+    - Memory encryption improvements
+    - Side-channel protection
+    - Secure state management
+    - Access control systems
+    - Threat detection
+    - Security monitoring
+4. **Chain Integration**
+    - Multi-chain support expansion
+    - Cross-chain attestation
+    - Chain-specific optimizations
+    - Custom signing schemes
+    - Transaction privacy
+    - Bridge security
+5. **Developer Tools**
+    - Enhanced debugging capabilities
+    - Testing framework
+    - Simulation environment
+    - Documentation generator
+    - Performance profiling
+    - Integration templates
+6. **Performance Optimization**
+    - Parallel processing
+    - Caching mechanisms
+    - Resource management
+    - Latency reduction
+    - Throughput improvements
+    - Load balancing
+We welcome community feedback and contributions to help prioritize these enhancements.
+## Contributing
+Contributions are welcome! Please see the [CONTRIBUTING.md](CONTRIBUTING.md) file for more information.
+## Credits
+This plugin integrates with and builds upon several key technologies:
+- [Phala Network](https://phala.network/): Confidential smart contract platform
+- [@phala/dstack-sdk](https://www.npmjs.com/package/@phala/dstack-sdk): Core TEE functionality
+- [@solana/web3.js](https://www.npmjs.com/package/@solana/web3.js): Solana blockchain interaction
+- [viem](https://www.npmjs.com/package/viem): Ethereum interaction library
+- [Intel SGX](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/overview.html): Trusted Execution Environment technology
+Special thanks to:
+- The Phala Network team for their TEE infrastructure
+- The Intel SGX team for TEE technology
+- The dStack SDK maintainers
+- The Eliza community for their contributions and feedback
+For more information about TEE capabilities:
+- [Phala Documentation](https://docs.phala.network/)
+- [Intel SGX Documentation](https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/documentation.html)
+- [TEE Security Best Practices](https://docs.phala.network/developers/phat-contract/security-notes)
+- [dStack SDK Reference](https://docs.phala.network/developers/dstack-sdk)
+## License
+This plugin is part of the Eliza project. See the main project repository for license information.

package/package.json CHANGED Viewed

@@ -1,29 +1,41 @@
 {
-  "name": "@elizaos/plugin-tee",
-  "version": "0.1.7-alpha.2",
-  "main": "dist/index.js",
-  "type": "module",
-  "types": "dist/index.d.ts",
-  "dependencies": {
-    "@elizaos/core": "0.1.7-alpha.2",
-    "@phala/dstack-sdk": "0.1.6",
-    "@solana/spl-token": "0.4.9",
-    "@solana/web3.js": "1.95.8",
-    "bignumber": "1.1.0",
-    "bignumber.js": "9.1.2",
-    "bs58": "6.0.0",
-    "node-cache": "5.1.2",
-    "pumpdotfun-sdk": "1.3.2",
-    "tsup": "8.3.5",
-    "viem": "2.21.53"
-  },
-  "scripts": {
-    "build": "tsup --format esm --dts",
-    "dev": "tsup --format esm --dts --watch",
-    "lint": "eslint --fix  --cache ."
-  },
-  "peerDependencies": {
-    "whatwg-url": "7.1.0"
-  },
-  "gitHead": "256e6634696074cdb38f3f79bc383fed04376688"
+    "name": "@elizaos/plugin-tee",
+    "version": "0.1.8-alpha.1",
+    "type": "module",
+    "main": "dist/index.js",
+    "module": "dist/index.js",
+    "types": "dist/index.d.ts",
+    "exports": {
+        "./package.json": "./package.json",
+        ".": {
+            "import": {
+                "@elizaos/source": "./src/index.ts",
+                "types": "./dist/index.d.ts",
+                "default": "./dist/index.js"
+            }
+        }
+    },
+    "files": [
+        "dist"
+    ],
+    "dependencies": {
+        "@elizaos/core": "0.1.8-alpha.1",
+        "@phala/dstack-sdk": "0.1.7",
+        "@solana/spl-token": "0.4.9",
+        "@solana/web3.js": "1.95.8",
+        "bignumber.js": "9.1.2",
+        "bs58": "6.0.0",
+        "node-cache": "5.1.2",
+        "pumpdotfun-sdk": "1.3.2",
+        "tsup": "8.3.5"
+    },
+    "scripts": {
+        "build": "tsup --format esm --dts",
+        "dev": "tsup --format esm --dts --watch",
+        "lint": "eslint --fix  --cache ."
+    },
+    "peerDependencies": {
+        "whatwg-url": "7.1.0"
+    },
+    "gitHead": "d5f2924d866c21b54543637b694695bd1f410621"
 }

package/dist/index.d.ts DELETED Viewed

@@ -1,41 +0,0 @@
-import { Plugin } from '@elizaos/core';
-import { Keypair } from '@solana/web3.js';
-import { DeriveKeyResponse } from '@phala/dstack-sdk';
-import { PrivateKeyAccount } from 'viem';
-declare enum TEEMode {
-    OFF = "OFF",
-    LOCAL = "LOCAL",// For local development with simulator
-    DOCKER = "DOCKER",// For docker development with simulator
-    PRODUCTION = "PRODUCTION"
-}
-interface RemoteAttestationQuote {
-    quote: string;
-    timestamp: number;
-}
-declare class DeriveKeyProvider {
-    private client;
-    private raProvider;
-    constructor(teeMode?: string);
-    private generateDeriveKeyAttestation;
-    rawDeriveKey(path: string, subject: string): Promise<DeriveKeyResponse>;
-    deriveEd25519Keypair(path: string, subject: string, agentId: string): Promise<{
-        keypair: Keypair;
-        attestation: RemoteAttestationQuote;
-    }>;
-    deriveEcdsaKeypair(path: string, subject: string, agentId: string): Promise<{
-        keypair: PrivateKeyAccount;
-        attestation: RemoteAttestationQuote;
-    }>;
-}
-declare class RemoteAttestationProvider {
-    private client;
-    constructor(teeMode?: string);
-    generateAttestation(reportData: string): Promise<RemoteAttestationQuote>;
-}
-declare const teePlugin: Plugin;
-export { DeriveKeyProvider, RemoteAttestationProvider, type RemoteAttestationQuote, TEEMode, teePlugin };

package/dist/index.js DELETED Viewed

@@ -1,265 +0,0 @@
-// src/providers/remoteAttestationProvider.ts
-import { TappdClient } from "@phala/dstack-sdk";
-// src/types/tee.ts
-var TEEMode = /* @__PURE__ */ ((TEEMode2) => {
-  TEEMode2["OFF"] = "OFF";
-  TEEMode2["LOCAL"] = "LOCAL";
-  TEEMode2["DOCKER"] = "DOCKER";
-  TEEMode2["PRODUCTION"] = "PRODUCTION";
-  return TEEMode2;
-})(TEEMode || {});
-// src/providers/remoteAttestationProvider.ts
-var RemoteAttestationProvider = class {
-  client;
-  constructor(teeMode) {
-    let endpoint;
-    switch (teeMode) {
-      case "LOCAL" /* LOCAL */:
-        endpoint = "http://localhost:8090";
-        console.log(
-          "TEE: Connecting to local simulator at localhost:8090"
-        );
-        break;
-      case "DOCKER" /* DOCKER */:
-        endpoint = "http://host.docker.internal:8090";
-        console.log(
-          "TEE: Connecting to simulator via Docker at host.docker.internal:8090"
-        );
-        break;
-      case "PRODUCTION" /* PRODUCTION */:
-        endpoint = void 0;
-        console.log(
-          "TEE: Running in production mode without simulator"
-        );
-        break;
-      default:
-        throw new Error(
-          `Invalid TEE_MODE: ${teeMode}. Must be one of: LOCAL, DOCKER, PRODUCTION`
-        );
-    }
-    this.client = endpoint ? new TappdClient(endpoint) : new TappdClient();
-  }
-  async generateAttestation(reportData) {
-    try {
-      console.log("Generating attestation for: ", reportData);
-      const tdxQuote = await this.client.tdxQuote(reportData);
-      const rtmrs = tdxQuote.replayRtmrs();
-      console.log(
-        `rtmr0: ${rtmrs[0]}
-rtmr1: ${rtmrs[1]}
-rtmr2: ${rtmrs[2]}
-rtmr3: ${rtmrs[3]}f`
-      );
-      const quote = {
-        quote: tdxQuote.quote,
-        timestamp: Date.now()
-      };
-      console.log("Remote attestation quote: ", quote);
-      return quote;
-    } catch (error) {
-      console.error("Error generating remote attestation:", error);
-      throw new Error(
-        `Failed to generate TDX Quote: ${error instanceof Error ? error.message : "Unknown error"}`
-      );
-    }
-  }
-};
-var remoteAttestationProvider = {
-  get: async (runtime, _message, _state) => {
-    const teeMode = runtime.getSetting("TEE_MODE");
-    const provider = new RemoteAttestationProvider(teeMode);
-    const agentId = runtime.agentId;
-    try {
-      console.log("Generating attestation for: ", agentId);
-      const attestation = await provider.generateAttestation(agentId);
-      return `Your Agent's remote attestation is: ${JSON.stringify(attestation)}`;
-    } catch (error) {
-      console.error("Error in remote attestation provider:", error);
-      throw new Error(
-        `Failed to generate TDX Quote: ${error instanceof Error ? error.message : "Unknown error"}`
-      );
-    }
-  }
-};
-// src/providers/deriveKeyProvider.ts
-import { Keypair } from "@solana/web3.js";
-import crypto from "crypto";
-import { TappdClient as TappdClient2 } from "@phala/dstack-sdk";
-import { privateKeyToAccount } from "viem/accounts";
-import { keccak256 } from "viem";
-var DeriveKeyProvider = class {
-  client;
-  raProvider;
-  constructor(teeMode) {
-    let endpoint;
-    switch (teeMode) {
-      case "LOCAL" /* LOCAL */:
-        endpoint = "http://localhost:8090";
-        console.log(
-          "TEE: Connecting to local simulator at localhost:8090"
-        );
-        break;
-      case "DOCKER" /* DOCKER */:
-        endpoint = "http://host.docker.internal:8090";
-        console.log(
-          "TEE: Connecting to simulator via Docker at host.docker.internal:8090"
-        );
-        break;
-      case "PRODUCTION" /* PRODUCTION */:
-        endpoint = void 0;
-        console.log(
-          "TEE: Running in production mode without simulator"
-        );
-        break;
-      default:
-        throw new Error(
-          `Invalid TEE_MODE: ${teeMode}. Must be one of: LOCAL, DOCKER, PRODUCTION`
-        );
-    }
-    this.client = endpoint ? new TappdClient2(endpoint) : new TappdClient2();
-    this.raProvider = new RemoteAttestationProvider(teeMode);
-  }
-  async generateDeriveKeyAttestation(agentId, publicKey) {
-    const deriveKeyData = {
-      agentId,
-      publicKey
-    };
-    const reportdata = JSON.stringify(deriveKeyData);
-    console.log("Generating Remote Attestation Quote for Derive Key...");
-    const quote = await this.raProvider.generateAttestation(reportdata);
-    console.log("Remote Attestation Quote generated successfully!");
-    return quote;
-  }
-  async rawDeriveKey(path, subject) {
-    try {
-      if (!path || !subject) {
-        console.error(
-          "Path and Subject are required for key derivation"
-        );
-      }
-      console.log("Deriving Raw Key in TEE...");
-      const derivedKey = await this.client.deriveKey(path, subject);
-      console.log("Raw Key Derived Successfully!");
-      return derivedKey;
-    } catch (error) {
-      console.error("Error deriving raw key:", error);
-      throw error;
-    }
-  }
-  async deriveEd25519Keypair(path, subject, agentId) {
-    try {
-      if (!path || !subject) {
-        console.error(
-          "Path and Subject are required for key derivation"
-        );
-      }
-      console.log("Deriving Key in TEE...");
-      const derivedKey = await this.client.deriveKey(path, subject);
-      const uint8ArrayDerivedKey = derivedKey.asUint8Array();
-      const hash = crypto.createHash("sha256");
-      hash.update(uint8ArrayDerivedKey);
-      const seed = hash.digest();
-      const seedArray = new Uint8Array(seed);
-      const keypair = Keypair.fromSeed(seedArray.slice(0, 32));
-      const attestation = await this.generateDeriveKeyAttestation(
-        agentId,
-        keypair.publicKey.toBase58()
-      );
-      console.log("Key Derived Successfully!");
-      return { keypair, attestation };
-    } catch (error) {
-      console.error("Error deriving key:", error);
-      throw error;
-    }
-  }
-  async deriveEcdsaKeypair(path, subject, agentId) {
-    try {
-      if (!path || !subject) {
-        console.error(
-          "Path and Subject are required for key derivation"
-        );
-      }
-      console.log("Deriving ECDSA Key in TEE...");
-      const deriveKeyResponse = await this.client.deriveKey(path, subject);
-      const hex = keccak256(deriveKeyResponse.asUint8Array());
-      const keypair = privateKeyToAccount(hex);
-      const attestation = await this.generateDeriveKeyAttestation(
-        agentId,
-        keypair.address
-      );
-      console.log("ECDSA Key Derived Successfully!");
-      return { keypair, attestation };
-    } catch (error) {
-      console.error("Error deriving ecdsa key:", error);
-      throw error;
-    }
-  }
-};
-var deriveKeyProvider = {
-  get: async (runtime, _message, _state) => {
-    const teeMode = runtime.getSetting("TEE_MODE");
-    const provider = new DeriveKeyProvider(teeMode);
-    const agentId = runtime.agentId;
-    try {
-      if (!runtime.getSetting("WALLET_SECRET_SALT")) {
-        console.error(
-          "Wallet secret salt is not configured in settings"
-        );
-        return "";
-      }
-      try {
-        const secretSalt = runtime.getSetting("WALLET_SECRET_SALT") || "secret_salt";
-        const solanaKeypair = await provider.deriveEd25519Keypair(
-          "/",
-          secretSalt,
-          agentId
-        );
-        const evmKeypair = await provider.deriveEcdsaKeypair(
-          "/",
-          secretSalt,
-          agentId
-        );
-        return JSON.stringify({
-          solana: solanaKeypair.keypair.publicKey,
-          evm: evmKeypair.keypair.address
-        });
-      } catch (error) {
-        console.error("Error creating PublicKey:", error);
-        return "";
-      }
-    } catch (error) {
-      console.error("Error in derive key provider:", error.message);
-      return `Failed to fetch derive key information: ${error instanceof Error ? error.message : "Unknown error"}`;
-    }
-  }
-};
-// src/index.ts
-var teePlugin = {
-  name: "tee",
-  description: "TEE plugin with actions to generate remote attestations and derive keys",
-  actions: [
-    /* custom actions */
-  ],
-  evaluators: [
-    /* custom evaluators */
-  ],
-  providers: [
-    /* custom providers */
-    remoteAttestationProvider,
-    deriveKeyProvider
-  ],
-  services: [
-    /* custom services */
-  ]
-};
-export {
-  DeriveKeyProvider,
-  RemoteAttestationProvider,
-  TEEMode,
-  teePlugin
-};
-//# sourceMappingURL=index.js.map

package/dist/index.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/providers/remoteAttestationProvider.ts","../src/types/tee.ts","../src/providers/deriveKeyProvider.ts","../src/index.ts"],"sourcesContent":["import { IAgentRuntime, Memory, Provider, State } from \"@elizaos/core\";\nimport { TdxQuoteResponse, TappdClient } from \"@phala/dstack-sdk\";\nimport { RemoteAttestationQuote, TEEMode } from \"../types/tee\";\n\nclass RemoteAttestationProvider {\n private client: TappdClient;\n\n constructor(teeMode?: string) {\n let endpoint: string | undefined;\n\n // Both LOCAL and DOCKER modes use the simulator, just with different endpoints\n switch (teeMode) {\n case TEEMode.LOCAL:\n endpoint = \"http://localhost:8090\";\n console.log(\n \"TEE: Connecting to local simulator at localhost:8090\"\n );\n break;\n case TEEMode.DOCKER:\n endpoint = \"http://host.docker.internal:8090\";\n console.log(\n \"TEE: Connecting to simulator via Docker at host.docker.internal:8090\"\n );\n break;\n case TEEMode.PRODUCTION:\n endpoint = undefined;\n console.log(\n \"TEE: Running in production mode without simulator\"\n );\n break;\n default:\n throw new Error(\n `Invalid TEE_MODE: ${teeMode}. Must be one of: LOCAL, DOCKER, PRODUCTION`\n );\n }\n\n this.client = endpoint ? new TappdClient(endpoint) : new TappdClient();\n }\n\n async generateAttestation(\n reportData: string\n ): Promise<RemoteAttestationQuote> {\n try {\n console.log(\"Generating attestation for: \", reportData);\n const tdxQuote: TdxQuoteResponse =\n await this.client.tdxQuote(reportData);\n const rtmrs = tdxQuote.replayRtmrs();\n console.log(\n `rtmr0: ${rtmrs[0]}\\nrtmr1: ${rtmrs[1]}\\nrtmr2: ${rtmrs[2]}\\nrtmr3: ${rtmrs[3]}f`\n );\n const quote: RemoteAttestationQuote = {\n quote: tdxQuote.quote,\n timestamp: Date.now(),\n };\n console.log(\"Remote attestation quote: \", quote);\n return quote;\n } catch (error) {\n console.error(\"Error generating remote attestation:\", error);\n throw new Error(\n `Failed to generate TDX Quote: ${\n error instanceof Error ? error.message : \"Unknown error\"\n }`\n );\n }\n }\n}\n\n// Keep the original provider for backwards compatibility\nconst remoteAttestationProvider: Provider = {\n get: async (runtime: IAgentRuntime, _message: Memory, _state?: State) => {\n const teeMode = runtime.getSetting(\"TEE_MODE\");\n const provider = new RemoteAttestationProvider(teeMode);\n const agentId = runtime.agentId;\n\n try {\n console.log(\"Generating attestation for: \", agentId);\n const attestation = await provider.generateAttestation(agentId);\n return `Your Agent's remote attestation is: ${JSON.stringify(attestation)}`;\n } catch (error) {\n console.error(\"Error in remote attestation provider:\", error);\n throw new Error(\n `Failed to generate TDX Quote: ${\n error instanceof Error ? error.message : \"Unknown error\"\n }`\n );\n }\n },\n};\n\nexport { remoteAttestationProvider, RemoteAttestationProvider };\n","export enum TEEMode {\n OFF = \"OFF\",\n LOCAL = \"LOCAL\", // For local development with simulator\n DOCKER = \"DOCKER\", // For docker development with simulator\n PRODUCTION = \"PRODUCTION\" // For production without simulator\n}\n\nexport interface RemoteAttestationQuote {\n quote: string;\n timestamp: number;\n}","import { IAgentRuntime, Memory, Provider, State } from \"@elizaos/core\";\nimport { Keypair } from \"@solana/web3.js\";\nimport crypto from \"crypto\";\nimport { DeriveKeyResponse, TappdClient } from \"@phala/dstack-sdk\";\nimport { privateKeyToAccount } from \"viem/accounts\";\nimport { PrivateKeyAccount, keccak256 } from \"viem\";\nimport { RemoteAttestationProvider } from \"./remoteAttestationProvider\";\nimport { TEEMode, RemoteAttestationQuote } from \"../types/tee\";\n\ninterface DeriveKeyAttestationData {\n agentId: string;\n publicKey: string;\n}\n\nclass DeriveKeyProvider {\n private client: TappdClient;\n private raProvider: RemoteAttestationProvider;\n\n constructor(teeMode?: string) {\n let endpoint: string | undefined;\n\n // Both LOCAL and DOCKER modes use the simulator, just with different endpoints\n switch (teeMode) {\n case TEEMode.LOCAL:\n endpoint = \"http://localhost:8090\";\n console.log(\n \"TEE: Connecting to local simulator at localhost:8090\"\n );\n break;\n case TEEMode.DOCKER:\n endpoint = \"http://host.docker.internal:8090\";\n console.log(\n \"TEE: Connecting to simulator via Docker at host.docker.internal:8090\"\n );\n break;\n case TEEMode.PRODUCTION:\n endpoint = undefined;\n console.log(\n \"TEE: Running in production mode without simulator\"\n );\n break;\n default:\n throw new Error(\n `Invalid TEE_MODE: ${teeMode}. Must be one of: LOCAL, DOCKER, PRODUCTION`\n );\n }\n\n this.client = endpoint ? new TappdClient(endpoint) : new TappdClient();\n this.raProvider = new RemoteAttestationProvider(teeMode);\n }\n\n private async generateDeriveKeyAttestation(\n agentId: string,\n publicKey: string\n ): Promise<RemoteAttestationQuote> {\n const deriveKeyData: DeriveKeyAttestationData = {\n agentId,\n publicKey,\n };\n const reportdata = JSON.stringify(deriveKeyData);\n console.log(\"Generating Remote Attestation Quote for Derive Key...\");\n const quote = await this.raProvider.generateAttestation(reportdata);\n console.log(\"Remote Attestation Quote generated successfully!\");\n return quote;\n }\n\n async rawDeriveKey(\n path: string,\n subject: string\n ): Promise<DeriveKeyResponse> {\n try {\n if (!path || !subject) {\n console.error(\n \"Path and Subject are required for key derivation\"\n );\n }\n\n console.log(\"Deriving Raw Key in TEE...\");\n const derivedKey = await this.client.deriveKey(path, subject);\n\n console.log(\"Raw Key Derived Successfully!\");\n return derivedKey;\n } catch (error) {\n console.error(\"Error deriving raw key:\", error);\n throw error;\n }\n }\n\n async deriveEd25519Keypair(\n path: string,\n subject: string,\n agentId: string\n ): Promise<{ keypair: Keypair; attestation: RemoteAttestationQuote }> {\n try {\n if (!path || !subject) {\n console.error(\n \"Path and Subject are required for key derivation\"\n );\n }\n\n console.log(\"Deriving Key in TEE...\");\n const derivedKey = await this.client.deriveKey(path, subject);\n const uint8ArrayDerivedKey = derivedKey.asUint8Array();\n\n const hash = crypto.createHash(\"sha256\");\n hash.update(uint8ArrayDerivedKey);\n const seed = hash.digest();\n const seedArray = new Uint8Array(seed);\n const keypair = Keypair.fromSeed(seedArray.slice(0, 32));\n\n // Generate an attestation for the derived key data for public to verify\n const attestation = await this.generateDeriveKeyAttestation(\n agentId,\n keypair.publicKey.toBase58()\n );\n console.log(\"Key Derived Successfully!\");\n\n return { keypair, attestation };\n } catch (error) {\n console.error(\"Error deriving key:\", error);\n throw error;\n }\n }\n\n async deriveEcdsaKeypair(\n path: string,\n subject: string,\n agentId: string\n ): Promise<{\n keypair: PrivateKeyAccount;\n attestation: RemoteAttestationQuote;\n }> {\n try {\n if (!path || !subject) {\n console.error(\n \"Path and Subject are required for key derivation\"\n );\n }\n\n console.log(\"Deriving ECDSA Key in TEE...\");\n const deriveKeyResponse: DeriveKeyResponse =\n await this.client.deriveKey(path, subject);\n const hex = keccak256(deriveKeyResponse.asUint8Array());\n const keypair: PrivateKeyAccount = privateKeyToAccount(hex);\n\n // Generate an attestation for the derived key data for public to verify\n const attestation = await this.generateDeriveKeyAttestation(\n agentId,\n keypair.address\n );\n console.log(\"ECDSA Key Derived Successfully!\");\n\n return { keypair, attestation };\n } catch (error) {\n console.error(\"Error deriving ecdsa key:\", error);\n throw error;\n }\n }\n}\n\nconst deriveKeyProvider: Provider = {\n get: async (runtime: IAgentRuntime, _message?: Memory, _state?: State) => {\n const teeMode = runtime.getSetting(\"TEE_MODE\");\n const provider = new DeriveKeyProvider(teeMode);\n const agentId = runtime.agentId;\n try {\n // Validate wallet configuration\n if (!runtime.getSetting(\"WALLET_SECRET_SALT\")) {\n console.error(\n \"Wallet secret salt is not configured in settings\"\n );\n return \"\";\n }\n\n try {\n const secretSalt =\n runtime.getSetting(\"WALLET_SECRET_SALT\") || \"secret_salt\";\n const solanaKeypair = await provider.deriveEd25519Keypair(\n \"/\",\n secretSalt,\n agentId\n );\n const evmKeypair = await provider.deriveEcdsaKeypair(\n \"/\",\n secretSalt,\n agentId\n );\n return JSON.stringify({\n solana: solanaKeypair.keypair.publicKey,\n evm: evmKeypair.keypair.address,\n });\n } catch (error) {\n console.error(\"Error creating PublicKey:\", error);\n return \"\";\n }\n } catch (error) {\n console.error(\"Error in derive key provider:\", error.message);\n return `Failed to fetch derive key information: ${error instanceof Error ? error.message : \"Unknown error\"}`;\n }\n },\n};\n\nexport { deriveKeyProvider, DeriveKeyProvider };\n","import { Plugin } from \"@elizaos/core\";\nimport { remoteAttestationProvider } from \"./providers/remoteAttestationProvider\";\nimport { deriveKeyProvider } from \"./providers/deriveKeyProvider\";\n\nexport { DeriveKeyProvider } from \"./providers/deriveKeyProvider\";\nexport { RemoteAttestationProvider } from \"./providers/remoteAttestationProvider\";\nexport { RemoteAttestationQuote, TEEMode } from \"./types/tee\";\n\nexport const teePlugin: Plugin = {\n name: \"tee\",\n description:\n \"TEE plugin with actions to generate remote attestations and derive keys\",\n actions: [\n /* custom actions */\n ],\n evaluators: [\n /* custom evaluators */\n ],\n providers: [\n /* custom providers */\n remoteAttestationProvider,\n deriveKeyProvider,\n ],\n services: [\n /* custom services */\n ],\n};\n"],"mappings":";AACA,SAA2B,mBAAmB;;;ACDvC,IAAK,UAAL,kBAAKA,aAAL;AACH,EAAAA,SAAA,SAAM;AACN,EAAAA,SAAA,WAAQ;AACR,EAAAA,SAAA,YAAS;AACT,EAAAA,SAAA,gBAAa;AAJL,SAAAA;AAAA,GAAA;;;ADIZ,IAAM,4BAAN,MAAgC;AAAA,EACpB;AAAA,EAER,YAAY,SAAkB;AAC1B,QAAI;AAGJ,YAAQ,SAAS;AAAA,MACb;AACI,mBAAW;AACX,gBAAQ;AAAA,UACJ;AAAA,QACJ;AACA;AAAA,MACJ;AACI,mBAAW;AACX,gBAAQ;AAAA,UACJ;AAAA,QACJ;AACA;AAAA,MACJ;AACI,mBAAW;AACX,gBAAQ;AAAA,UACJ;AAAA,QACJ;AACA;AAAA,MACJ;AACI,cAAM,IAAI;AAAA,UACN,qBAAqB,OAAO;AAAA,QAChC;AAAA,IACR;AAEA,SAAK,SAAS,WAAW,IAAI,YAAY,QAAQ,IAAI,IAAI,YAAY;AAAA,EACzE;AAAA,EAEA,MAAM,oBACF,YAC+B;AAC/B,QAAI;AACA,cAAQ,IAAI,gCAAgC,UAAU;AACtD,YAAM,WACF,MAAM,KAAK,OAAO,SAAS,UAAU;AACzC,YAAM,QAAQ,SAAS,YAAY;AACnC,cAAQ;AAAA,QACJ,UAAU,MAAM,CAAC,CAAC;AAAA,SAAY,MAAM,CAAC,CAAC;AAAA,SAAY,MAAM,CAAC,CAAC;AAAA,SAAY,MAAM,CAAC,CAAC;AAAA,MAClF;AACA,YAAM,QAAgC;AAAA,QAClC,OAAO,SAAS;AAAA,QAChB,WAAW,KAAK,IAAI;AAAA,MACxB;AACA,cAAQ,IAAI,8BAA8B,KAAK;AAC/C,aAAO;AAAA,IACX,SAAS,OAAO;AACZ,cAAQ,MAAM,wCAAwC,KAAK;AAC3D,YAAM,IAAI;AAAA,QACN,iCACI,iBAAiB,QAAQ,MAAM,UAAU,eAC7C;AAAA,MACJ;AAAA,IACJ;AAAA,EACJ;AACJ;AAGA,IAAM,4BAAsC;AAAA,EACxC,KAAK,OAAO,SAAwB,UAAkB,WAAmB;AACrE,UAAM,UAAU,QAAQ,WAAW,UAAU;AAC7C,UAAM,WAAW,IAAI,0BAA0B,OAAO;AACtD,UAAM,UAAU,QAAQ;AAExB,QAAI;AACA,cAAQ,IAAI,gCAAgC,OAAO;AACnD,YAAM,cAAc,MAAM,SAAS,oBAAoB,OAAO;AAC9D,aAAO,uCAAuC,KAAK,UAAU,WAAW,CAAC;AAAA,IAC7E,SAAS,OAAO;AACZ,cAAQ,MAAM,yCAAyC,KAAK;AAC5D,YAAM,IAAI;AAAA,QACN,iCACI,iBAAiB,QAAQ,MAAM,UAAU,eAC7C;AAAA,MACJ;AAAA,IACJ;AAAA,EACJ;AACJ;;;AEtFA,SAAS,eAAe;AACxB,OAAO,YAAY;AACnB,SAA4B,eAAAC,oBAAmB;AAC/C,SAAS,2BAA2B;AACpC,SAA4B,iBAAiB;AAS7C,IAAM,oBAAN,MAAwB;AAAA,EACZ;AAAA,EACA;AAAA,EAER,YAAY,SAAkB;AAC1B,QAAI;AAGJ,YAAQ,SAAS;AAAA,MACb;AACI,mBAAW;AACX,gBAAQ;AAAA,UACJ;AAAA,QACJ;AACA;AAAA,MACJ;AACI,mBAAW;AACX,gBAAQ;AAAA,UACJ;AAAA,QACJ;AACA;AAAA,MACJ;AACI,mBAAW;AACX,gBAAQ;AAAA,UACJ;AAAA,QACJ;AACA;AAAA,MACJ;AACI,cAAM,IAAI;AAAA,UACN,qBAAqB,OAAO;AAAA,QAChC;AAAA,IACR;AAEA,SAAK,SAAS,WAAW,IAAIC,aAAY,QAAQ,IAAI,IAAIA,aAAY;AACrE,SAAK,aAAa,IAAI,0BAA0B,OAAO;AAAA,EAC3D;AAAA,EAEA,MAAc,6BACV,SACA,WAC+B;AAC/B,UAAM,gBAA0C;AAAA,MAC5C;AAAA,MACA;AAAA,IACJ;AACA,UAAM,aAAa,KAAK,UAAU,aAAa;AAC/C,YAAQ,IAAI,uDAAuD;AACnE,UAAM,QAAQ,MAAM,KAAK,WAAW,oBAAoB,UAAU;AAClE,YAAQ,IAAI,kDAAkD;AAC9D,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,aACF,MACA,SAC0B;AAC1B,QAAI;AACA,UAAI,CAAC,QAAQ,CAAC,SAAS;AACnB,gBAAQ;AAAA,UACJ;AAAA,QACJ;AAAA,MACJ;AAEA,cAAQ,IAAI,4BAA4B;AACxC,YAAM,aAAa,MAAM,KAAK,OAAO,UAAU,MAAM,OAAO;AAE5D,cAAQ,IAAI,+BAA+B;AAC3C,aAAO;AAAA,IACX,SAAS,OAAO;AACZ,cAAQ,MAAM,2BAA2B,KAAK;AAC9C,YAAM;AAAA,IACV;AAAA,EACJ;AAAA,EAEA,MAAM,qBACF,MACA,SACA,SACkE;AAClE,QAAI;AACA,UAAI,CAAC,QAAQ,CAAC,SAAS;AACnB,gBAAQ;AAAA,UACJ;AAAA,QACJ;AAAA,MACJ;AAEA,cAAQ,IAAI,wBAAwB;AACpC,YAAM,aAAa,MAAM,KAAK,OAAO,UAAU,MAAM,OAAO;AAC5D,YAAM,uBAAuB,WAAW,aAAa;AAErD,YAAM,OAAO,OAAO,WAAW,QAAQ;AACvC,WAAK,OAAO,oBAAoB;AAChC,YAAM,OAAO,KAAK,OAAO;AACzB,YAAM,YAAY,IAAI,WAAW,IAAI;AACrC,YAAM,UAAU,QAAQ,SAAS,UAAU,MAAM,GAAG,EAAE,CAAC;AAGvD,YAAM,cAAc,MAAM,KAAK;AAAA,QAC3B;AAAA,QACA,QAAQ,UAAU,SAAS;AAAA,MAC/B;AACA,cAAQ,IAAI,2BAA2B;AAEvC,aAAO,EAAE,SAAS,YAAY;AAAA,IAClC,SAAS,OAAO;AACZ,cAAQ,MAAM,uBAAuB,KAAK;AAC1C,YAAM;AAAA,IACV;AAAA,EACJ;AAAA,EAEA,MAAM,mBACF,MACA,SACA,SAID;AACC,QAAI;AACA,UAAI,CAAC,QAAQ,CAAC,SAAS;AACnB,gBAAQ;AAAA,UACJ;AAAA,QACJ;AAAA,MACJ;AAEA,cAAQ,IAAI,8BAA8B;AAC1C,YAAM,oBACF,MAAM,KAAK,OAAO,UAAU,MAAM,OAAO;AAC7C,YAAM,MAAM,UAAU,kBAAkB,aAAa,CAAC;AACtD,YAAM,UAA6B,oBAAoB,GAAG;AAG1D,YAAM,cAAc,MAAM,KAAK;AAAA,QAC3B;AAAA,QACA,QAAQ;AAAA,MACZ;AACA,cAAQ,IAAI,iCAAiC;AAE7C,aAAO,EAAE,SAAS,YAAY;AAAA,IAClC,SAAS,OAAO;AACZ,cAAQ,MAAM,6BAA6B,KAAK;AAChD,YAAM;AAAA,IACV;AAAA,EACJ;AACJ;AAEA,IAAM,oBAA8B;AAAA,EAChC,KAAK,OAAO,SAAwB,UAAmB,WAAmB;AACtE,UAAM,UAAU,QAAQ,WAAW,UAAU;AAC7C,UAAM,WAAW,IAAI,kBAAkB,OAAO;AAC9C,UAAM,UAAU,QAAQ;AACxB,QAAI;AAEA,UAAI,CAAC,QAAQ,WAAW,oBAAoB,GAAG;AAC3C,gBAAQ;AAAA,UACJ;AAAA,QACJ;AACA,eAAO;AAAA,MACX;AAEA,UAAI;AACA,cAAM,aACF,QAAQ,WAAW,oBAAoB,KAAK;AAChD,cAAM,gBAAgB,MAAM,SAAS;AAAA,UACjC;AAAA,UACA;AAAA,UACA;AAAA,QACJ;AACA,cAAM,aAAa,MAAM,SAAS;AAAA,UAC9B;AAAA,UACA;AAAA,UACA;AAAA,QACJ;AACA,eAAO,KAAK,UAAU;AAAA,UAClB,QAAQ,cAAc,QAAQ;AAAA,UAC9B,KAAK,WAAW,QAAQ;AAAA,QAC5B,CAAC;AAAA,MACL,SAAS,OAAO;AACZ,gBAAQ,MAAM,6BAA6B,KAAK;AAChD,eAAO;AAAA,MACX;AAAA,IACJ,SAAS,OAAO;AACZ,cAAQ,MAAM,iCAAiC,MAAM,OAAO;AAC5D,aAAO,2CAA2C,iBAAiB,QAAQ,MAAM,UAAU,eAAe;AAAA,IAC9G;AAAA,EACJ;AACJ;;;AChMO,IAAM,YAAoB;AAAA,EAC7B,MAAM;AAAA,EACN,aACI;AAAA,EACJ,SAAS;AAAA;AAAA,EAET;AAAA,EACA,YAAY;AAAA;AAAA,EAEZ;AAAA,EACA,WAAW;AAAA;AAAA,IAEP;AAAA,IACA;AAAA,EACJ;AAAA,EACA,UAAU;AAAA;AAAA,EAEV;AACJ;","names":["TEEMode","TappdClient","TappdClient"]}

package/tsup.config.ts DELETED Viewed

@@ -1,28 +0,0 @@
-import { defineConfig } from "tsup";
-export default defineConfig({
-    entry: ["src/index.ts"],
-    outDir: "dist",
-    sourcemap: true,
-    clean: true,
-    format: ["esm"], // Ensure you're targeting CommonJS
-    external: [
-        "dotenv", // Externalize dotenv to prevent bundling
-        "fs", // Externalize fs to use Node.js built-in module
-        "path", // Externalize other built-ins if necessary
-        "@reflink/reflink",
-        "@node-llama-cpp",
-        "https",
-        "http",
-        "agentkeepalive",
-        // Add other modules you want to externalize
-        "@phala/dstack-sdk",
-        "safe-buffer",
-        "base-x",
-        "bs58",
-        "borsh",
-        "@solana/buffer-layout",
-        "stream",
-        "buffer",
-    ],
-});