Announcing Apache Teaclave (incubating) 0.3.0

September 30, 2021 · Mingshen Sun

On behalf of the Teaclave community, I am happy to announce the third Apache Incubator release of Teaclave, 0.3.0. Teaclave is a universal secure computing platform, making computation on privacy-sensitive data safe and simple. Apache Teaclave (including the FaaS platform, SGX SDK, and TrustZone SDK) is being used and contributed by developers from many organizations and other open source projects. Please see the powered by page to learn more.

This is the third official Apache Incubator release. In this release, we focus more on bringing WebAssembly into Teaclave. Now, you can run functions written in different languages in Teaclave with the WebAssembly executor. Specifically, we modify WebAssembly Micro Runtime and add it as a new executor in Teaclave.

# Highlights

In this release, we added a new WebAssembly executor which supports to run function in the WebAssembly bytecode. Therefore, in addition to native code and Python scripts, Teaclave can run many other languages which can be compiled in to WebAssembly. This enables a lot of functions of privacy-preseving computation that are not easily rewritten in Rust or Python. Furthermore, because of the ecosystem of WebAssembly, we can even run deep neural network models in the WebAssembly executor.

Teaclave Function Executors

To illustrate the capability of the executor, we also support WebAssembly machine learning models compiled by Apache TVM. Apache TVM is an open source machine learning compiler framework for CPUs, GPUs, and machine learning accelerators. TVM also supports WebAssembly runtime backend. We also introduce a new MNIST inference example to show the usage of the new executor with TVM.

Using the WebAssembly executor for Machine Learning Inference with TVM

# 0.3.0 Release Notes

Here is a list of notable changes in Teaclave version 0.3.0.

Features

  • Add the WebAssembly executor to support functions written in other languages.
  • Examples of running C and Rust with the WebAssembly executor.
  • Support inference tasks with models compiled by TVM.
  • Add the MNIST inference example to demonstrate the ability of using TVM in Teaclave.

Enhancements

  • Add the script to simplify developing with editors with Rust's Language Server Protocol support.
  • Upgrade SGX SDK dependencies, i.e., Intel SGX SDK to version 2.14.100.2, DCAP to version 1.11.100.2.

Bug Fixes

  • Update the SGX SDK used in the runtime dockerfile.
  • Fix Python.h not found when compiling acs_py_enclave.c.
  • Fix building system messed up by untracked Cargo.lock files.
  • Fix dcap building issue.

Docs

# Download

Teaclave 0.3.0 can be downloaded at the download page. Note that it is essential to verify the integrity of the downloaded file using the PGP signature (the .asc file) or a hash (the .sha256 file).

# Documentation

If it is the first time to try Teaclave, we provide a simple but clear tutorial to guide you getting stated with Teaclave by invoking your first function in Teaclave.

Basically, you can build the Teaclave platform using docker with these commands:

$ tar zxvf apache-teaclave-0.3.0-incubating.tar.gz && cd \
  apache-teaclave-0.3.0-incubating
$ # Instructions to verify the source tar: https://teaclave.apache.org/download/#verify-the-integrity-of-the-files

$ docker run --rm -v $(pwd):/teaclave -w /teaclave \
  -it teaclave/teaclave-build-ubuntu-1804-sgx-2.14:latest \
   bash -c ". /root/.cargo/env && \
     . /opt/sgxsdk/environment && \
     mkdir -p build && cd build && \
     cmake -DTEST_MODE=ON -DSGX_SIM_MODE=ON -DGIT_SUBMODULE=OFF .. && \
     make"

Launch all services with docker-compose using simulation mode:

$ (cd docker && docker-compose -f docker-compose-ubuntu-1804-sgx-sim-mode.yml up --build)

And invoke function with a Python client:

$ cd examples/python
$ PYTHONPATH=../../sdk/python python3 builtin_echo.py 'Hello, Teaclave!'
[+] registering user
[+] login
[+] registering function
[+] creating task
[+] approving task
[+] invoking task
[+] getting result
[+] done
[+] function return:  b'Hello, Teaclave!'

If you want to understand the internals of Teaclave, we provide several documents about the design of Teaclave. Also, we extensively document our codebase in each sub directories. At last, API references are automatically generated and uploaded to our homepage.

# Community