@elizaos/project-tee-starter 1.5.5-alpha.10

package/Dockerfile

@@ -0,0 +1,70 @@
+FROM node:23.3.0-slim AS builder
+
+WORKDIR /app
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    build-essential \
+    curl \
+    ffmpeg \
+    g++ \
+    git \
+    make \
+    python3 \
+    unzip && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN npm install -g bun@1.2.5 turbo@2.3.3
+
+RUN ln -s /usr/bin/python3 /usr/bin/python
+
+COPY bunfig.toml index.html package.json postcss.config.js tailwind.config.js tsconfig.json tsconfig.build.json tsup.config.ts vite.config.ts ./
+COPY src ./src
+COPY assets ./assets
+COPY scripts ./scripts
+
+RUN bun install --no-cache
+
+RUN bun run build
+
+FROM node:23.3.0-slim
+
+WORKDIR /app
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    build-essential \
+    curl \
+    ffmpeg \
+    git \
+    make \
+    python3 \
+    unzip && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN npm install -g bun@1.2.5 turbo@2.3.3
+
+COPY --from=builder /app/bunfig.toml ./bunfig.toml
+# Cypress config removed
+COPY --from=builder /app/index.html ./index.html
+COPY --from=builder /app/postcss.config.js ./postcss.config.js
+COPY --from=builder /app/package.json ./
+COPY --from=builder /app/tsconfig.json ./
+COPY --from=builder /app/tsconfig.build.json ./
+COPY --from=builder /app/tsup.config.ts ./
+COPY --from=builder /app/tailwind.config.js ./tailwind.config.js
+COPY --from=builder /app/vite.config.ts ./vite.config.ts
+COPY --from=builder /app/node_modules ./node_modules
+COPY --from=builder /app/dist ./dist
+COPY --from=builder /app/assets ./assets
+COPY --from=builder /app/src ./src
+COPY --from=builder /app/scripts ./scripts
+
+ENV NODE_ENV=production
+
+EXPOSE 3000
+EXPOSE 50000-50100/udp
+
+CMD ["bun", "run", "start"]

package/GUIDE.md

@@ -0,0 +1,296 @@
+# Mr. TEE Project Deployment Guide
+
+## Character Overview
+
+**Mr. TEE** is the TEE Security Drill Sergeant, a battle-hardened character who forges secure, paranoid developers through tough love and cryptographic discipline. He embodies the spirit of Mr. T while preaching the gospel of hardware-based security.
+
+### Core Traits
+
+- **Personality**: No-nonsense drill sergeant with Mr. T's trademark grit
+- **Mission**: Transform developers into paranoid security experts
+- **Expertise**: TEE technology, remote attestation, secure enclaves
+- **Catchphrase**: "I pity the fool who skips attestation!"
+
+## TEE Actions
+
+Mr. TEE uses the **@elizaos/plugin-tee** package's built-in `remoteAttestationAction` to provide secure attestation capabilities. This action allows Mr. TEE to:
+
+- Generate cryptographic proofs of TEE execution
+- Provide attestation quotes with supporting data
+- Verify the secure enclave environment
+
+### Example Attestation Requests
+
+- "Can you provide proof that you're running in a secure environment?"
+- "Generate an attestation report"
+- "I need a TEE attestation with nonce abc123"
+- "Show me your TEE attestation"
+
+## Configuration Steps
+
+### Prerequisites
+
+Before starting deployment, ensure you have:
+
+1. **ElizaOS CLI installed**:
+
+   ```bash
+   npm install -g @elizaos/cli
+   ```
+
+2. **Docker Desktop**:
+
+   - Install Docker Desktop for your OS
+   - Start Docker Desktop
+   - Login to Docker Hub: `docker login`
+
+3. **Phala Cloud Account** (for TEE deployments):
+   - Create account at <https://dashboard.phala.network>
+   - Get your API key from the dashboard
+
+### 1. Environment Variables
+
+Configure the following in your `.env` file:
+
+```bash
+# Required TEE Configuration
+TEE_MODE=PHALA_DSTACK    # Options: PRODUCTION, DOCKER, LOCAL
+TEE_VENDOR=phala          # Options: phala
+WALLET_SECRET_SALT=secret_salt # Options: any string to generate a key in TEE from, default: secret_salt
+
+# Required API Keys
+OPENAI_API_KEY=your_openai_key
+
+# Optional Platform Integrations
+DISCORD_APPLICATION_ID=your_discord_app_id
+DISCORD_API_TOKEN=your_discord_token
+ELEVENLABS_API_KEY=your_elevenlabs_key
+ELEVENLABS_VOICE_ID=your_voice_id
+REDPILL_API_KEY=your_redpill_key
+```
+
+### 2. Deployment Options
+
+#### Local Development (No TEE)
+
+```bash
+# Set TEE_MODE=LOCAL or DOCKER for development
+bun install
+bun run dev
+```
+
+#### Phala Cloud Deployment (Production TEE)
+
+```bash
+# Prerequisites:
+# 1. Install ElizaOS CLI: npm install -g @elizaos/cli
+# 2. Ensure Docker is running and you're logged in via Docker CLI
+# 3. Set TEE_MODE=PRODUCTION in your .env file
+
+# Step 1: Login to Phala Cloud (get API key from Phala Cloud Dashboard)
+elizaos tee phala auth login
+
+# Step 2: Build Docker Image for TEE deployment
+elizaos tee phala docker build
+
+# Step 3: Push Docker image to DockerHub
+elizaos tee phala docker push
+
+# Step 4: Create CVM (Confidential Virtual Machine) instance
+elizaos tee phala cvms create \
+  -n elizaos-tee \
+  -c docker-compose.yaml \
+  --vcpu 2 \
+  --memory 4192 \
+  --disk-size 40 \
+  -e .env
+
+# Step 5: Verify attestation (confirms TEE is running securely)
+elizaos tee phala cvms attestation
+
+# Step 6: (Optional) Upgrade CVM when you update your code
+elizaos tee phala cvms upgrade -c docker-compose.yaml
+```
+
+##### Deployment Parameters Explained
+
+- `-n elizaos-tee`: Name of your CVM instance
+- `-c docker-compose.yaml`: Configuration file
+- `--vcpu 2`: Number of virtual CPUs
+- `--memory 4192`: Memory in MB (4GB)
+- `--disk-size 40`: Storage in GB
+- `-e .env`: Environment file with your secrets
+
+### 3. Platform Integration
+
+Mr. TEE can connect to multiple platforms:
+
+#### Discord
+
+1. Create Discord application at <https://discord.com/developers>
+2. Add bot permissions: Send Messages, Read Message History
+3. Set `DISCORD_APPLICATION_ID` and `DISCORD_API_TOKEN`
+
+#### Voice (ElevenLabs)
+
+1. Get API key from <https://elevenlabs.io>
+2. Choose or clone a voice ID
+3. Set `ELEVENLABS_API_KEY` and `ELEVENLABS_VOICE_ID`
+
+## Testing TEE Functionality
+
+### 1. Verify Environment
+
+Check if Mr. TEE is running in a TEE environment by asking:
+
+- "Are you running in a secure environment?"
+- "Show me proof of your TEE status"
+
+### 2. Request Attestation
+
+Test the attestation functionality:
+
+- "Generate a remote attestation report"
+- "I need attestation for my security audit"
+- "Provide attestation with nonce test123"
+
+### 3. Verify Response
+
+Mr. TEE will provide:
+
+- Attestation quote (cryptographic proof)
+- Supporting data (measurements, certificates)
+- Explanation of the security guarantees
+
+## Security Best Practices
+
+### Mr. TEE's Security Rules
+
+1. **Never expose private keys** - Keep them in the TEE
+2. **Always verify attestation** - Trust but verify
+3. **Use secure channels** - Encrypt all communications
+4. **Audit regularly** - Check for vulnerabilities
+5. **Stay paranoid** - It's not paranoia if they're really after your keys
+6. **Rotate API keys regularly** - Fresh keys, fresh security
+7. **Never commit `.env` files** - Secrets stay secret
+
+### TEE Guarantees
+
+- **Isolated Execution**: Code runs in hardware-protected memory
+- **Memory Encryption**: All data encrypted in RAM
+- **Remote Attestation**: Cryptographic proof of execution environment
+- **Secure Key Storage**: Keys never leave the enclave
+- **Tamper Resistance**: Hardware protection against physical attacks
+
+## Troubleshooting
+
+### Common Issues
+
+#### "I can't deploy my Agent"
+
+- Sign up for a Phala Cloud account at <https://dashboard.phala.network>
+- Add credits to your account for CVM deployments
+- Ensure Docker is running and you're logged in
+
+#### "Docker deployment failed"
+
+- Ensure Docker Desktop is started
+- Check: `docker ps`
+- Make sure to authenticate: `docker login`
+- Check your configuration and try to test docker locally
+
+#### "Authentication failed"
+
+- Verify your Phala API key
+- Re-run: `elizaos tee phala auth login`
+- Check API key from Phala Dashboard
+
+#### "Build failures"
+
+- Check your `.env` configuration
+- Ensure all dependencies are installed: `bun install`
+- Verify Docker is running properly
+
+#### "Attestation failed"
+
+- Check TEE_MODE is set to PRODUCTION if deployed to Phala Cloud
+- Verify network connectivity for attestation services
+- Ensure proper TEE initialization
+- Check CVM logs in Phala Dashboard
+
+#### "Missing API keys"
+
+- All required environment variables must be set
+- Check .env file formatting
+- Restart after configuration changes
+
+### Debug Commands
+
+```bash
+# Check environment
+bun run test
+
+# Verify TEE service
+docker logs [container_name] | grep TEE
+
+# Test attestation locally
+curl http://localhost:3000/health
+```
+
+### Monitoring Your Deployment
+
+- View CVM status: <https://dashboard.phala.network>
+- Check attestation reports regularly
+- Monitor resource usage and adjust if needed
+- Set up alerts for critical events
+
+## Advanced Configuration
+
+### Custom Security Policies
+
+Mr. TEE enforces strict security through his character configuration:
+
+- Paranoid validation of all inputs
+- Aggressive security recommendations
+- No tolerance for weak cryptography
+
+### Multi-TEE Support
+
+The plugin-tee supports multiple TEE vendors:
+
+- **Phala Network**: Cloud-based TEE with easy deployment
+- **Intel TDX**: Hardware-based security for on-premise
+- **Development Mode**: Simulated TEE for testing
+
+### Production Hardening
+
+1. Enable all security features in TEE_MODE
+2. Configure proper attestation verification
+3. Set up monitoring and alerting
+4. Regular security audits
+
+## Resources
+
+### Documentation
+
+- [TEE Plugin Documentation](../plugin-tee/README.md)
+- [ElizaOS Documentation](https://eliza.how)
+- [Character Configuration](./src/character.ts)
+- [Phala Network Docs](https://docs.phala.network)
+
+### Support
+
+- GitHub Issues: Report bugs and feature requests
+- Discord Community: Get help from other developers
+- ElizaOS Forums: Share experiences and best practices
+
+### Next Steps
+
+- Test your agent's TEE capabilities with attestation commands
+- Configure additional platform integrations (Discord, etc.)
+- Implement custom TEE-aware actions
+- Join the ElizaOS community for support
+
+Remember: Mr. TEE doesn't just talk about security—he lives it. Every interaction is an opportunity to strengthen the security posture of developers and systems alike. Stay paranoid, stay secure!
+
+**"I pity the fool who deploys without attestation!"** - Mr. TEE

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Shaw Walters and elizaOS Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,232 @@
+# Project Starter
+
+## 🔐 Overview
+
+The TEE Project Starter provides a secure foundation for building AI agents with Trusted Execution Environment (TEE) capabilities using ElizaOS. It demonstrates best practices for secure agent deployment with hardware-based security through Phala Cloud's confidential computing infrastructure.
+
+### What You Get
+
+- **Mr. TEE Character** - A security-focused AI personality that teaches TEE concepts with tough love
+- **TEE Plugin Integration** - Pre-configured `@elizaos/plugin-tee` for remote attestation and secure operations
+- **Multi-Platform Support** - Discord integration, voice synthesis, and extensible to other platforms
+- **Production-Ready** - Docker configuration optimized for Phala Cloud TEE deployment
+- **Security First** - Built-in paranoid security principles and best practices
+
+## ✨ Key Features
+
+- **TEE Integration** - Uses `@elizaos/plugin-tee` for remote attestation
+- **Mr. TEE Character** - Security-focused personality with tough love approach
+- **Multi-Platform Support** - Discord, voice synthesis, and more
+- **Secure by Design** - Built with paranoid security principles
+- **Docker Ready** - Containerized deployment for TEE environments
+
+## 🚀 Quick Start
+
+### Prerequisites
+
+- Node.js 20+
+- Bun package manager (`npm install -g bun`)
+- Docker Desktop (for TEE deployments)
+- ElizaOS CLI (`npm install -g @elizaos/cli`)
+- API Keys:
+  - **Required**: OpenAI API key
+  - **Optional**: Discord, ElevenLabs, RedPill APIs
+  - **For TEE**: Phala Cloud account and API key
+
+### Installation
+
+```bash
+# Clone and navigate to project
+cd packages/project-tee-starter
+
+# Install dependencies
+bun install
+
+# Copy environment template
+cp .env.example .env
+
+# Configure your .env file
+# Set TEE_MODE, API keys, etc.
+
+# Run in development mode
+bun run dev
+```
+
+## 🛡️ TEE Capabilities
+
+Mr. TEE leverages the `@elizaos/plugin-tee` package's `remoteAttestationAction` to provide:
+
+- **Remote Attestation** - Cryptographic proof of secure execution
+- **TEE Status Verification** - Confirms running in trusted environment
+- **Secure Key Operations** - Keys never leave the enclave
+
+### Example Interactions
+
+Ask Mr. TEE for attestation:
+
+- "Generate a remote attestation report"
+- "Show me proof you're in a secure environment"
+- "I need TEE attestation with nonce xyz123"
+- "Provide attestation for my security audit"
+
+## 🔧 Configuration
+
+### Environment Variables
+
+```bash
+# TEE Configuration
+TEE_MODE=PHALA_DSTACK    # Options: PHALA_DSTACK, TDX_DSTACK, NONE
+TEE_VENDOR=phala          # Options: phala, intel
+
+# Required
+OPENAI_API_KEY=your_key
+
+# Optional Platforms
+MR_TEE_DISCORD_APPLICATION_ID=your_id
+MR_TEE_DISCORD_API_TOKEN=your_token
+ELEVENLABS_API_KEY=your_key
+ELEVENLABS_VOICE_ID=your_voice_id
+```
+
+## 📦 Project Structure
+
+```
+project-tee-starter/
+├── src/
+│   ├── index.ts          # Main entry point
+│   ├── character.ts      # Mr. TEE character definition
+│   └── plugin.ts         # Plugin configuration
+├── __tests__/            # Test suites
+├── assets/               # Character assets
+├── Dockerfile            # Container configuration
+└── docker-compose.tee.yaml # TEE deployment
+```
+
+## 🧪 Testing
+
+ElizaOS employs a dual testing strategy:
+
+1. **Component Tests** (`src/__tests__/*.test.ts`)
+
+   - Run with Bun's native test runner
+   - Fast, isolated tests using mocks
+   - Perfect for TDD and component logic
+
+2. **E2E Tests** (`src/__tests__/e2e/*.e2e.ts`)
+   - Run with ElizaOS custom test runner
+   - Real runtime with actual database (PGLite)
+   - Test complete user scenarios including TEE functionality
+
+### Test Structure
+
+```
+src/
+  __tests__/              # All tests live inside src
+    *.test.ts            # Component tests (use Bun test runner)
+    e2e/                 # E2E tests (use ElizaOS test runner)
+      project-tee-starter.e2e.ts  # E2E test suite with TEE-specific tests
+      README.md          # E2E testing documentation
+  index.ts               # Export tests here: tests: [ProjectTeeStarterTestSuite]
+```
+
+### Running Tests
+
+```bash
+# Run all tests (component + e2e)
+elizaos test
+
+# Component tests only
+elizaos test component
+
+# E2E tests only
+elizaos test e2e
+
+# With specific port for E2E tests
+elizaos test --port 4000
+```
+
+### TEE-Specific Testing
+
+The E2E tests include TEE-specific scenarios:
+
+- TEE service availability checks
+- Attestation action registration
+- Secure memory operations
+- Concurrent secure operations handling
+
+## 🚀 Deployment
+
+### Local Development
+
+```bash
+# Set TEE_MODE=DOCKER or TEE_MODE=LOCAL
+bun run dev
+```
+
+### Docker TEE Deployment
+
+```bash
+# Set TEE_MODE=DOCKER or TEE_MODE=LOCAL since this will not be running in real TEE
+bun run start
+```
+
+### Phala Cloud (Cloud TEE)
+
+```bash
+# Prerequisites:
+# 1. Install the elizaos CLI: npm install -g @elizaos/cli
+# 2. Ensure Docker is running and you're logged in via Docker CLI
+# 3. Set TEE_MODE=PRODUCTION in your .env file
+
+# Step 1: Login to Phala Cloud (get API key from Phala Cloud Dashboard)
+elizaos tee phala auth login
+
+# Step 2: Build Docker Image for TEE deployment [[memory:4308171]]
+elizaos tee phala docker build
+
+# Step 3: Push Docker image to DockerHub
+elizaos tee phala docker push
+
+# Step 4: Create CVM (Confidential Virtual Machine) instance
+elizaos tee phala cvms create -n elizaos-tee -c docker-compose.yaml --vcpu 2 --memory 4192 --disk-size 40 -e .env
+
+# Step 5: Verify attestation (confirms TEE is running securely)
+elizaos tee phala cvms attestation
+
+# Step 6: (Optional) Upgrade CVM when you update your code
+elizaos tee phala cvms upgrade -c docker-compose.yaml
+```
+
+#### Important Notes
+
+- **Docker Requirements**: Ensure Docker Desktop is running and you're authenticated (`docker login`)
+- **API Key**: Get your Phala Cloud API key from the [Phala Dashboard](https://dashboard.phala.network)
+- **TEE_MODE**: Must be set to `PRODUCTION` for real TEE deployment
+- **Resource Allocation**: The example uses 2 vCPUs, 4GB RAM, and 40GB disk - adjust based on your needs
+
+## 🎖️ Mr. TEE's Security Philosophy
+
+1. **Never expose private keys** - Keep them in the TEE
+2. **Always verify attestation** - Trust but verify
+3. **Use secure channels** - Encrypt everything
+4. **Audit regularly** - Constant vigilance
+5. **Stay paranoid** - Security first, always
+
+## 📚 Documentation
+
+- [Deployment Guide](./GUIDE.md) - Detailed setup instructions
+- [TEE Plugin Implementation](./src/plugin.ts) - TEE capabilities
+- [ElizaOS Docs](https://elizaos.github.io/eliza/) - Framework documentation
+- [Phala Cloud Docs](https://docs.phala.network) - Phala Cloud documentation
+
+## 🤝 Contributing
+
+Contributions are welcome! Please ensure all TEE security principles are maintained.
+
+## 📄 License
+
+MIT License - see LICENSE file for details.
+
+---
+
+**"I pity the fool who skips attestation!"** - Mr. TEE

package/dist/character.d.ts

@@ -0,0 +1,2 @@
+import type { Character } from '@elizaos/core';
+export declare const mrTeeCharacter: Character;

package/dist/frontend/index.d.ts

@@ -0,0 +1,21 @@
+import './index.css';
+import React from 'react';
+interface ElizaConfig {
+    agentId: string;
+    apiBase: string;
+}
+declare global {
+    interface Window {
+        ELIZA_CONFIG?: ElizaConfig;
+    }
+}
+export interface AgentPanel {
+    name: string;
+    path: string;
+    component: React.ComponentType<any>;
+    icon?: string;
+    public?: boolean;
+    shortLabel?: string;
+}
+export declare const panels: AgentPanel[];
+export * from './utils';

package/dist/frontend/panels.d.ts

@@ -0,0 +1,5 @@
+import type { Route } from '@elizaos/core';
+/**
+ * Export panel routes for TEE status visualization
+ */
+export declare const panels: Route[];

package/dist/frontend/utils.d.ts

@@ -0,0 +1,2 @@
+import { type ClassValue } from 'clsx';
+export declare function cn(...inputs: ClassValue[]): string;

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+import { type Project, type ProjectAgent } from '@elizaos/core';
+import teeStarterPlugin, { StarterService } from './plugin';
+import { mrTeeCharacter as character } from './character';
+export declare const projectAgent: ProjectAgent;
+declare const project: Project;
+export { character, teeStarterPlugin, StarterService };
+export default project;