Marblerun makes it easy to deploy, scale, and verify your SGX-based apps on vanilla Kubernetes. Think Istio/Consul/Linkerd for confidential computing. It’s open source, written in Go, and truely cloud native.
All services run in secure enclaves; your data and code are encrypted even at runtime. Between enclaves, data is transmitted via mTLS.
Get cryptographic proof that the topology of your cluster adheres to a Manifest defined in simple JSON.
Marblerun is written in Go and uses standards like gRPC and REST. It scales and secures your apps in any cloud that has Intel SGX - like Azure.
Usability and simplicity (and security of course!) are our guiding principles. Porting and deploying existing distributed Go apps only takes a few simple steps.
Marblerun is open source and builds upon the industry standard Open Enclave and Edgeless RT. In the future, it will also support Graphene.
We give an intro to the concept of confidential computing.
We give intro to the service mesh concept and discuss crucial properties in the context of confidential computing.
We describe how the two fit together and describe the key features and architecture of Marblerun.