Confidential computing enables the always-encrypted and verifiable processing of data - in the cloud and elsewhere.
Developing confidential apps used to require arcane knowledge and significant code changes. With EGo, you can skip that and develop your Go code as usual.
With EGo, you don’t need to refactor your app to run it in a secure enclave. Just use three simple commands to build, sign, and run your code - be it 10 or 100,000 lines of Go with complex dependencies.
Want to scale your confidential app? Marblerun - “the service mesh for confidential computing” - has native support for EGo-based microservices and makes it easy to securely scale confidential apps on Kubernetes.
Want to use Intel® SGX features like sealing or remote attestation? Just import EGo’s enclave library and access everything in a single line of code. For example, get an attestation report for your TLS certificate:
r, err := enclave.GetRemoteReport(sha256.Sum256(cert)[:])
All your data and code are kept inside the secure enclaves at runtime. No need to partition your app.
Start by lifting & shifting your existing Go code without changing a line. Use the EGo runtime library to effortlessly access SGX-specific features.
Marblerun has native support for EGo-based microservices and makes it easy to scale them securely on Kubernetes.
Don’t have SGX-enabled hardware? No problem! EGo apps run in simulation mode on any host. Also, many cloud providers already offer SGX-enabled VMs.
EGo does not try to simulate a full POSIX environment in your enclave. It just loads as much code as necessary for the Go runtime to work well, keeping the trusted computing base (TCB) small.