EGo

EGo logo

GitHub Actions Status GitHub license Go Report Card PkgGoDev Gitter Chat

EGo is a framework for building confidential apps in Go. Confidential apps run in always-encrypted and verifiable enclaves on Intel SGX-enabled hardware. EGo simplifies enclave development by providing two user-friendly tools:

  • ego-go, an adapted Go compiler that builds enclave-compatible executables from a given Go project – while providing the same CLI as the original Go compiler.
  • ego, a CLI tool that handles all enclave-related tasks such as signing and enclave creation.

Building and running a confidential Go app is as easy as:

ego-go build hello.go
ego sign hello
ego run hello

Quick Start

If you are on Ubuntu 18.04 or above and do not want to build EGo from source, you can install the binary release:

wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo apt-key add
sudo add-apt-repository 'deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main'
wget https://github.com/edgelesssys/ego/releases/download/v0.1.0/ego_0.1.0_amd64.deb
sudo apt install ./ego_0.1.0_amd64.deb

Now you are ready to build applications with EGo! To start, check out the samples.

Build and Install

Prerequisite: Edgeless RT is installed and sourced.

mkdir build
cd build
cmake ..
make
make install

Samples

  • helloworld is a minimal example of an enclave application.
  • remote_attestation shows how to do remote attestation in EGo.
  • vault demonstrates how to port a Go application exemplified by Hashicorp Vault.

Documentation

GitHub

https://github.com/edgelesssys/ego