Minimal, reproducible, Linux-based, rust-booted, remotely-attestable, Secure Enclave example images
Go to file
Lance Vick 58d68a43d5
2024-02-17 08:54:51 -08:00
src stagex refactor 2024-02-17 08:42:39 -08:00
.dockerignore initial busybox/linux building 2022-06-24 02:02:51 -07:00
.gitignore port c init to rust 2022-10-06 12:30:07 -07:00
Containerfile whitespace 2024-02-17 08:54:51 -08:00
Makefile stagex refactor 2024-02-17 08:42:39 -08:00 stagex refactor 2024-02-17 08:42:39 -08:00



A minimal, immutable, and deterministic Linux unikernel build system targeting various Trusted Execution Environments for use cases that require high security and accountability.

This is intended as a reference repository which could serve as a boilerplate to build your own hardened and immutable operating system images for high security applications.


Platform Target Status Verified boot Method
AWS Nitro Enclaves aws booting Nitro attestation API
GCP Confidential Compute gcp research vTPM 2.0 attestation
Azure Confidential VMs azure research vTPM 2.0 attestation
Generic/Qemu generic research vTPM 2.0 attestation


  • Immutability
    • Root filesystem is a CPIO filesystem extracted to a RamFS at boot
  • Minimalism
    • < 5MB footprint
    • Nothing is included but a kernel and your target binary by default
    • Sample "hello world" included as a default reference
    • Debug builds include busybox init shim and drop to a shell
  • Determinism
    • Multiple people can build artifacts and get identical hashes
    • Allows one to prove distributed artifacts correspond to published sources
  • Hardening
    • No TCP/IP network support
      • Favor using a virtual socket or physical interface to a gateway system
    • Most unessesary kernel features are disabled at compile time
    • Follow Kernel Self Protection Project recommendations



  • 10GB+ free RAM
  • Docker 20+
  • GNU Make