-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.html
More file actions
254 lines (231 loc) · 9.12 KB
/
index.html
File metadata and controls
254 lines (231 loc) · 9.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>DevOpsDefender — attested execution for crypto systems</title>
<meta name="description" content="Run verifiable crypto oracles, keepers, bots, and confidential agents on Intel TDX. EasyEnclave provides the measured runtime; DevOpsDefender adds fleet routing, attestation, and terminal access controls.">
<link rel="stylesheet" href="style.css">
</head>
<body>
<header>
<a href="/" class="brand"><span class="mark">dd</span> devopsdefender</a>
<nav>
<a href="#verify">verify</a>
<a href="#runtime">runtime</a>
<a href="#workloads">workloads</a>
<a href="#shell">shell</a>
<a href="#model">model</a>
<a href="https://github.com/devopsdefender/dd" target="_blank">github</a>
</nav>
</header>
<main>
<section class="hero">
<div class="hero-copy">
<p class="eyebrow">Intel TDX · EasyEnclave · GitHub OIDC · Noise</p>
<h1>Attested execution for crypto systems that cannot rely on operator trust.</h1>
<p class="lede">
DevOpsDefender runs protocol oracles, keepers, co-signers, settlement bots,
and confidential coding agents inside measured TDX VMs. The public API
exposes enough evidence for an external verifier to bind code, config,
runtime state, and the agent Noise key before trusting a result.
</p>
<div class="actions">
<a class="btn primary" href="#verify">Read the verification path</a>
<a class="btn" href="https://github.com/devopsdefender/dd" target="_blank">Inspect the code</a>
</div>
</div>
<div class="proof-card" aria-label="Attestation data example">
<div class="proof-head">
<span>GET /health</span>
<span class="ok">verifiable</span>
</div>
<pre>{
"confidential_mode": true,
"taint_reasons": [
"customer_workload_deployed"
],
"noise": {
"quote_b64": "tdx_quote...",
"pubkey_hex": "8f0b...a91e"
},
"deployments": ["btc-usd-oracle"]
}</pre>
</div>
</section>
<section id="verify">
<div class="section-head">
<p class="eyebrow">External verification</p>
<h2>Do not trust the operator. Verify the machine.</h2>
</div>
<div class="flow">
<div class="node">
<span class="num">01</span>
<h3>Fetch public evidence</h3>
<p><code>/health</code> returns the TDX quote, Noise public key, workload list, mode, and taint reasons.</p>
</div>
<div class="edge"></div>
<div class="node">
<span class="num">02</span>
<h3>Verify the TDX quote</h3>
<p>Intel Trust Authority or an equivalent verifier checks the quote signature and measured boot.</p>
</div>
<div class="edge"></div>
<div class="node">
<span class="num">03</span>
<h3>Bind the transport</h3>
<p>The quote report data commits to the agent Noise key, preventing a clean quote from authenticating another endpoint.</p>
</div>
</div>
<pre class="code"><span class="comment"># Evidence is public. No CF Access, no operator session.</span>
curl -fsSL https://<agent>.devopsdefender.com/health \
| jq <span class="str">'{confidential_mode, taint_reasons, noise}'</span>
<span class="comment"># Sealed oracle expectation:</span>
<span class="comment"># confidential_mode == true</span>
<span class="comment"># taint_reasons == ["customer_workload_deployed"]</span></pre>
</section>
<section id="runtime">
<div class="section-head">
<p class="eyebrow">Runtime substrate</p>
<h2>EasyEnclave is the small measured base.</h2>
</div>
<div class="grid two">
<article>
<h3>What EasyEnclave replaces</h3>
<p>
EasyEnclave is a Linux distribution replacement for confidential VMs:
one Rust PID 1, a small Unix socket API, no systemd, no package
manager, and no runtime network stack in the enclave supervisor.
</p>
</article>
<article>
<h3>What DD adds</h3>
<p>
DevOpsDefender layers fleet registration, Cloudflare tunnel routing,
GitHub OIDC authorization, Intel attestation refresh, workload logs,
and shell access controls on top of that measured base.
</p>
</article>
</div>
<div class="stack">
<div><span>protocol client</span><strong>verifies quote + Noise key</strong></div>
<div><span>DD agent</span><strong>routes, reports health, enforces auth</strong></div>
<div><span>EasyEnclave</span><strong>measured PID 1 + workload supervisor</strong></div>
<div><span>Intel TDX</span><strong>memory isolation + signed quote</strong></div>
</div>
</section>
<section id="workloads">
<div class="section-head">
<p class="eyebrow">Workload model</p>
<h2>Release assets in. Attested behavior out.</h2>
</div>
<p>
Workloads are JSON specs, not mutable servers. A crypto oracle can be
pinned to a GitHub release asset and a commit-level workload spec, then
deployed into confidential mode where mutation routes are absent.
</p>
<pre class="code">{
"app_name": "btc-usd-oracle",
"github_release": {
"repo": "example/proof-oracle",
"asset": "oracle-linux-amd64",
"rename": "oracle"
},
"cmd": ["/var/lib/easyenclave/bin/oracle"],
"expose": { "hostname_label": "oracle", "port": 8080 }
}</pre>
<div class="grid three">
<article>
<h3>Oracles</h3>
<p>Publish signed prices, reserves, attestations, or proof status from code whose deployment state is externally checkable.</p>
</article>
<article>
<h3>Keepers</h3>
<p>Run liquidation, settlement, rebalance, or bridge-monitoring jobs with public health and operator-taint evidence.</p>
</article>
<article>
<h3>Confidential agents</h3>
<p>Run Codex, Claude, or custom bots with encrypted terminal history and reconnectable sessions when read-write access is intended.</p>
</article>
</div>
</section>
<section id="shell">
<div class="section-head">
<p class="eyebrow">Operational access</p>
<h2>Terminal access is capability-scoped.</h2>
</div>
<div class="compare">
<div>
<h3>Read-only workload terminals</h3>
<p>
Oracle observers can view workload logs through the xterm interface
without stdin, resize, close, or signal controls. This is for
protocols where visibility is useful and interference is not.
</p>
</div>
<div>
<h3>Read-write PTY sessions</h3>
<p>
Operator shells and confidential coding agents get real PTYs,
reconnectable sessions, encrypted transcript history, and
WezTerm-style notification escape support.
</p>
</div>
</div>
<pre class="code"><span class="comment"># Long-running agent can notify the browser or mobile web shell.</span>
printf <span class="str">'\033]777;notify;%s;%s\033\\'</span> \
<span class="str">'keeper'</span> <span class="str">'settlement window open'</span></pre>
</section>
<section id="model">
<div class="section-head">
<p class="eyebrow">Trust model</p>
<h2>Taint is explicit state, not vibes.</h2>
</div>
<table>
<tr>
<th>State</th>
<th>Verifier meaning</th>
</tr>
<tr>
<td><code>[]</code></td>
<td>Pristine boot. No customer deploy, owner reassignment, arbitrary exec, or shell access has occurred.</td>
</tr>
<tr>
<td><code>customer_workload_deployed</code></td>
<td>Expected sealed-oracle state after the workload is installed. Mutation routes should still be absent.</td>
</tr>
<tr>
<td><code>arbitrary_exec_enabled</code></td>
<td>The node booted with deploy/exec surfaces available. Useful for operators, not a sealed oracle.</td>
</tr>
<tr>
<td><code>interactive_shell_enabled</code></td>
<td>Read-write shell access is enabled. Treat as operator-interactive infrastructure.</td>
</tr>
</table>
<div class="callout">
<strong>Non-goal:</strong> DD does not make a dishonest oracle algorithm
honest. It makes the running code, configuration, transport key, and
operator access state inspectable enough that a protocol can decide
whether to consume the result.
</div>
</section>
<section class="final">
<h2>Build crypto infrastructure that can explain itself to verifiers.</h2>
<p>
The source is open, the runtime is measured, and the public health surface
is designed for machines, not screenshots.
</p>
<div class="actions">
<a class="btn primary" href="https://github.com/devopsdefender/dd" target="_blank">Open the repository</a>
<a class="btn" href="https://github.com/easyenclave/easyenclave" target="_blank">EasyEnclave</a>
<a class="btn" href="https://github.com/satsforcompute/satsforcompute" target="_blank">Sats for Compute</a>
</div>
</section>
</main>
<footer>
<span>devopsdefender</span>
<span>MIT · Intel TDX · EasyEnclave</span>
</footer>
</body>
</html>