enclaver
vault
enclaver | vault | |
---|---|---|
8 | 1 | |
119 | 158 | |
2.6% | 0.0% | |
8.1 | 10.0 | |
3 months ago | over 1 year ago | |
Rust | PLpgSQL | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
enclaver
-
PostgreSQL Encryption: The Available Options
If you're looking for the best way to take a container and run it with Nitro, I work on https://github.com/edgebitio/enclaver
Works great with Kubernetes as a DaemonSet or straight on a VM.
-
Ask HN: What Are You Working on This Year?
Building a tool for running secure enclaves called Enclaver (https://github.com/edgebitio/enclaver). There is a big opportunity for keeping data encrypted while running code against it within enclaves.
And a more secure software supply chain is possible with device attestation and cryptographic measurements of software.
-
My company open sourced our tool to mix pods with secure enclaves into a regular EKS cluster
Check out the code on GitHub: https://github.com/edgebitio/enclaver
-
Supabase secrets management available in beta
I'm building the "in-use" part of this right now...what if you could encrypt your data with an encryption key (at-rest), _but also_ to a set of code that is allowed to decrypt it (in-use). If that code is identified cryptographically, its identity can't be spoofed or stolen.
We're exploring secure enclaves as the protected runtime env and the code attestation generation: https://github.com/edgebitio/enclaver
- Enclaver - run code in secure enclaves so it can't be observed by any human (like your iPhone enclave, but on AWS servers instead)
- Show HN: Enclaver – create and run secure enclaves
-
What’s the coolest thing you did this year?
I have been building out an open source project called Enclaver, which allows you to wrap sensitive workloads inside of a secure enclave (the same as your iPhone, but on servers). It's intended for anything you don't want observed, like JWT signers, encryption/decryption, partner integrations using highly privileged API keys, etc.
-
The Security Design of the AWS Nitro System
I found the side channel protection and CPU/L1 isolation between customers to be particularly interesting.
Very cool to see the physical hardware interconnects for resetting the system. Also the PCI bus as one of the isolating boundaries.
I have built an open source project for managing Nitro Enclaves (https://github.com/edgebitio/enclaver), so it is cool to see how these build on this foundation to provide even more protection.
vault
-
Supabase secrets management available in beta
yes - it's open source here: https://github.com/supabase/vault
This wraps pgsodium (https://github.com/michelp/pgsodium), which wraps libsodium (https://doc.libsodium.org/).
> I'm using Postgresql for a service and I'd love to use this feature. Maybe I should just use supabase as my backend...
We'll try to get the other big clouds to adopt some of these extensions we're developing (including pg_graphql). Vault is still in beta, but once it's stable I think it's a no-brainer for them. it can work with secure-enclaves, so it ties in nicely with their other offerings (read: more economically interesting for them)
What are some alternatives?
salty - Simple Saltstack-like deployment system in 1k lines of Python
pgsodium - Modern cryptography for PostgreSQL using libsodium.
terraform-provider-proxmoxve - Terraform provider for ProxMox Virtual Environment
libsodium-signcryption - Signcryption using libsodium.
bevy - A refreshingly simple data-driven game engine built in Rust
postgrest-js - Isomorphic JavaScript client for PostgREST.
VW_Flash - Flashing tools for VW AG control units over UDS. Compression, encryption, RSA bypass, and checksums are supported for Simos18.1/6/10, DQ250-MQB, DQ381-MQB, and Haldex4Motion-Gen5-MQB.