@elizaos/plugin-tee 2.0.0-beta.1 → 2.0.3-beta.3

package/README.md

@@ -1,141 +1,83 @@
 # @elizaos/plugin-tee
 
-Trusted Execution Environment (TEE) integration plugin for elizaOS, providing secure key management and remote attestation capabilities.
+Trusted Execution Environment (TEE) integration plugin for elizaOS. Adds secure key derivation and remote attestation to Eliza agents running inside a TEE.
 
-## Features
+## What it does
 
-- 🔐 **Remote Attestation** - Generate verifiable proofs that your agent is running in a secure TEE
-- 🔑 **Key Derivation** - Securely derive Ed25519 (Solana) and ECDSA (EVM) keypairs within the TEE
-- 🛡️ **Vendor Support** - Extensible vendor system (currently supports Phala Network)
-- ⚡ **Type Safe** - Strong typing with TypeScript
+- **Remote attestation** — generates a verifiable TDX quote proving an agent is executing inside a real TEE (Phala Network / dstack).
+- **Key derivation** — deterministically derives Ed25519 (Solana) and ECDSA (EVM) keypairs from a secret salt inside the TEE, with per-derivation attestation.
+- **TEEService** — a runtime service (`ServiceType.TEE`) that other plugins can call to derive keys without going through providers.
 
-## Quick Start
-
-### TypeScript
+## Quick start
 
 ```typescript
 import { teePlugin, TEEService } from "@elizaos/plugin-tee";
-import { AgentRuntime } from "@elizaos/core";
 
-// Register the plugin
 const runtime = new AgentRuntime({
   plugins: [teePlugin],
+  // TEE_MODE defaults to LOCAL; set WALLET_SECRET_SALT for key derivation
 });
 
-// Or use the service directly
-const service = await TEEService.start(runtime);
-const solanaKeys = await service.deriveEd25519Keypair(
-  "salt",
-  "solana",
-  agentId,
-);
-const evmKeys = await service.deriveEcdsaKeypair("salt", "evm", agentId);
+// Access via service
+const svc = runtime.getService<TEEService>(TEEService.serviceType);
+const { keypair, attestation } = await svc.deriveEd25519Keypair("salt", "solana", agentId);
+const { keypair: evmKeypair } = await svc.deriveEcdsaKeypair("salt", "evm", agentId);
 ```
-## Configuration
-
-### Environment Variables
-
-| Variable             | Description                                     | Required | Default |
-| -------------------- | ----------------------------------------------- | -------- | ------- |
-| `TEE_MODE`           | Operation mode: `LOCAL`, `DOCKER`, `PRODUCTION` | Yes      | -       |
-| `WALLET_SECRET_SALT` | Secret salt for deterministic key derivation    | Yes      | -       |
-| `TEE_VENDOR`         | TEE vendor to use                               | No       | `phala` |
-
-### TEE Modes
 
-- **LOCAL**: Development mode using simulator at `localhost:8090`
-- **DOCKER**: Docker development mode using simulator at `host.docker.internal:8090`
-- **PRODUCTION**: Production mode connecting to real TEE infrastructure
-
-## Components
+## Configuration
 
-### Actions
+| Variable | Required | Default | Description |
+|----------|----------|---------|-------------|
+| `TEE_MODE` | no | `LOCAL` | Operation mode: `LOCAL`, `DOCKER`, or `PRODUCTION`. `init` defaults to `LOCAL` when unset and throws only on a present-but-invalid value. |
+| `WALLET_SECRET_SALT` | **yes** | — | Secret salt used as the derivation path for all keypairs. Sensitive — treat as a private key. |
+| `TEE_VENDOR` | no | `PHALA` | TEE vendor. Only `PHALA` is supported. |
 
-| Action               | Description                                                           |
-| -------------------- | --------------------------------------------------------------------- |
-| `REMOTE_ATTESTATION` | Generate and upload a remote attestation quote to prove TEE execution |
+### TEE modes
 
-### Providers
+| Mode | dstack endpoint | Use |
+|------|----------------|-----|
+| `LOCAL` | `http://localhost:8090` | Local simulator |
+| `DOCKER` | `http://host.docker.internal:8090` | Docker simulator |
+| `PRODUCTION` | (TappdClient default) | Real TEE hardware |
 
-| Provider                   | Description                                     |
-| -------------------------- | ----------------------------------------------- |
-| `phala-derive-key`         | Derive Solana and EVM keypairs with attestation |
-| `phala-remote-attestation` | Generate remote attestation quotes              |
+Run the Phala dstack simulator for `LOCAL`/`DOCKER` development: see [Phala dstack docs](https://github.com/Phala-Network/dstack).
 
-### Services
+## Providers registered
 
-| Service      | Description                                    |
-| ------------ | ---------------------------------------------- |
-| `TEEService` | Main service for key derivation and management |
+| Provider | Description |
+|----------|-------------|
+| `phala-derive-key` | Derives Solana public key and EVM address from `WALLET_SECRET_SALT`; injects `solana_public_key` and `evm_address` into agent context. |
+| `phala-remote-attestation` | Generates a TDX quote over the current message payload; injects `quote` and `timestamp`. |
 
-## API Reference
+Both providers are dynamic and gated to `secrets` / `agent_internal` contexts.
 
-### TEEService
+## TEEService API
 
 ```typescript
 class TEEService {
-  // Derive Ed25519 keypair for Solana
-  async deriveEd25519Keypair(
-    path: string,
-    subject: string,
-    agentId: UUID,
-  ): Promise<{ keypair: Keypair; attestation: RemoteAttestationQuote }>;
-
-  // Derive ECDSA keypair for EVM
-  async deriveEcdsaKeypair(
-    path: string,
-    subject: string,
-    agentId: UUID,
-  ): Promise<{
-    keypair: PrivateKeyAccount;
-    attestation: RemoteAttestationQuote;
-  }>;
-
-  // Derive raw key for custom use cases
-  async rawDeriveKey(path: string, subject: string): Promise<DeriveKeyResponse>;
-}
-```
+  static serviceType: ServiceType.TEE;
 
-### Remote Attestation
+  // Derive Ed25519 keypair (Solana)
+  deriveEd25519Keypair(path: string, subject: string, agentId: UUID):
+    Promise<{ keypair: Keypair; attestation: RemoteAttestationQuote }>;
 
-```typescript
-class PhalaRemoteAttestationProvider {
-  // Generate attestation quote
-  async generateAttestation(
-    reportData: string,
-    hashAlgorithm?: TdxQuoteHashAlgorithm,
-  ): Promise<RemoteAttestationQuote>;
+  // Derive ECDSA keypair (EVM)
+  deriveEcdsaKeypair(path: string, subject: string, agentId: UUID):
+    Promise<{ keypair: PrivateKeyAccount; attestation: RemoteAttestationQuote }>;
+
+  // Derive raw key bytes
+  rawDeriveKey(path: string, subject: string): Promise<DeriveKeyResponse>;
 }
 ```
 
-## Directory Structure
+## Enabling the plugin
 
-```
-plugins/plugin-tee/
-├── typescript/           # TypeScript implementation
-│   ├── src/
-│   │   ├── actions/      # Remote attestation action
-│   │   ├── providers/    # Key derivation & attestation providers
-│   │   ├── services/     # TEE service
-│   │   ├── types/        # Type definitions
-│   │   ├── vendors/      # Vendor implementations
-│   │   └── index.ts      # Main entry point
-│   └── __tests__/        # Unit tests
-├── package.json          # NPM manifest
-└── README.md             # This file
-```
+Add `@elizaos/plugin-tee` to your agent character's `plugins` array and set the required environment variables. The plugin is opt-in and not auto-loaded.
 
 ## Development
 
-### Building
-
 ```bash
-bun run build
-bun run test
+bun run --cwd plugins/plugin-tee build          # compile
+bun run --cwd plugins/plugin-tee test           # run tests
+bun run --cwd plugins/plugin-tee format:check   # lint
 ```
-
-### Linting
-
-```bash
-# TypeScript
-bun run format:check

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elizaos/plugin-tee",
-  "version": "2.0.0-beta.1",
+  "version": "2.0.3-beta.3",
   "type": "module",
   "main": "dist/node/index.js",
   "module": "dist/node/index.js",
@@ -14,6 +14,11 @@
     "./package.json": "./package.json",
     ".": {
       "types": "./dist/index.d.ts",
+      "eliza-source": {
+        "types": "./src/index.ts",
+        "import": "./src/index.ts",
+        "default": "./src/index.ts"
+      },
       "node": {
         "types": "./dist/node/index.d.ts",
         "import": "./dist/node/index.js",
@@ -24,16 +29,23 @@
         "default": "./dist/node/index.js"
       },
       "default": "./dist/node/index.js"
+    },
+    "./*.css": "./dist/*.css",
+    "./*": {
+      "types": "./dist/*.d.ts",
+      "import": "./dist/*.js",
+      "default": "./dist/*.js"
     }
   },
   "files": [
+    "registry-entry.json",
     "dist",
     "README.md",
     "LICENSE"
   ],
   "sideEffects": false,
   "dependencies": {
-    "@elizaos/core": "2.0.0-beta.1",
+    "@elizaos/core": "2.0.3-beta.3",
     "@phala/dstack-sdk": "^0.5.7",
     "@solana/web3.js": "1.98.4",
     "viem": "^2.48.8"
@@ -62,7 +74,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "646c632924826e2b75c2304a75ee56959fe4a460",
+  "gitHead": "f54b0f4eaed317d59fa7dbcdce20f4cdb0734420",
   "agentConfig": {
     "pluginType": "elizaos:plugin:1.0.0",
     "pluginParameters": {

package/registry-entry.json

@@ -0,0 +1,53 @@
+{
+  "id": "tee",
+  "name": "Tee",
+  "description": "A plugin for secure key derivation and remote attestation within Trusted Execution Environments (TEE).",
+  "npmName": "@elizaos/plugin-tee",
+  "version": "2.0.0-beta.0",
+  "source": "bundled",
+  "tags": ["crypto", "tee"],
+  "config": {
+    "TEE_MODE": {
+      "type": "string",
+      "required": true,
+      "sensitive": false,
+      "label": "Mode",
+      "help": "Determines the Trusted Execution Environment operation mode (LOCAL, DOCKER, PRODUCTION) and is referenced in error handling to validate provided modes.",
+      "advanced": false
+    },
+    "TEE_VENDOR": {
+      "type": "string",
+      "required": false,
+      "sensitive": false,
+      "default": "PHALA",
+      "label": "Vendor",
+      "help": "Specifies which Trusted Execution Environment vendor to initialize (defaults to PHALA).",
+      "advanced": false
+    },
+    "WALLET_SECRET_SALT": {
+      "type": "secret",
+      "required": true,
+      "sensitive": true,
+      "default": "secret_salt",
+      "label": "Secret Salt",
+      "help": "Secret salt used to deterministically derive Solana and EVM keypairs inside the TEE.",
+      "advanced": false
+    }
+  },
+  "render": {
+    "visible": true,
+    "pinTo": [],
+    "style": "card",
+    "icon": "LockKeyhole",
+    "group": "feature-other",
+    "groupOrder": 12,
+    "actions": ["enable", "configure"]
+  },
+  "resources": {
+    "homepage": "https://github.com/elizaos-plugins/plugin-tee#readme",
+    "repository": "https://github.com/elizaos-plugins/plugin-tee"
+  },
+  "dependsOn": [],
+  "kind": "plugin",
+  "subtype": "other"
+}