feat: support TEE logging and support running eliza in Intel SGX

.env.example

@@ -270,6 +270,8 @@ ZEROG_FLOW_ADDRESS=
 TEE_MODE=OFF                    # LOCAL | DOCKER | PRODUCTION
 WALLET_SECRET_SALT=             # ONLY define if you want to use TEE Plugin, otherwise it will throw errors
 
+ENABLE_TEE_LOG=false            # Set to true to enable TEE logging, only available when running eliza in TEE
+
 # Galadriel Configuration
 GALADRIEL_API_KEY=gal-*         # Get from https://dashboard.galadriel.com/
 

.gitignore

@@ -1,57 +1,61 @@
-node_modules
-/out
-
-.env
-.env.production
-.env.local
-.env_main
-concatenated-output.ts
-embedding-cache.json
-packages/plugin-buttplug/intiface-engine
-
-.idea
-.DS_Store
-
-dist/
-# Allow models directory but ignore model files
-models/*.gguf
-
-cookies.json
-
-db.sqlite
-searches/
-tweets/
-
-*.gguf
-*.onnx
-*.wav
-*.mp3
-
-logs/
-
-test-report.json
-content_cache/
-test_data/
-tokencache/
-tweetcache/
-twitter_cookies.json
-timeline_cache.json
-
-*.sqlite
-
-characters/
-
-packages/core/src/providers/cache
-packages/core/src/providers/cache/*
-cache/*
-packages/plugin-coinbase/src/plugins/transactions.csv
-
-tsup.config.bundled_*.mjs
-
-.turbo
-.cursorrules
-
-coverage
-.eslintcache
-
-agent/content
+node_modules
+/out
+
+.env
+.env.production
+.env.local
+.env_main
+concatenated-output.ts
+embedding-cache.json
+packages/plugin-buttplug/intiface-engine
+
+.idea
+.DS_Store
+
+dist/
+# Allow models directory but ignore model files
+models/*.gguf
+
+cookies.json
+
+db.sqlite
+searches/
+tweets/
+
+*.gguf
+*.onnx
+*.wav
+*.mp3
+
+logs/
+
+test-report.json
+content_cache/
+test_data/
+tokencache/
+tweetcache/
+twitter_cookies.json
+timeline_cache.json
+
+*.sqlite
+
+characters/
+
+packages/core/src/providers/cache
+packages/core/src/providers/cache/*
+cache/*
+packages/plugin-coinbase/src/plugins/transactions.csv
+
+tsup.config.bundled_*.mjs
+
+.turbo
+.cursorrules
+
+coverage
+.eslintcache
+
+agent/content
+
+eliza.manifest
+eliza.manifest.sgx
+eliza.sig

Makefile

@@ -0,0 +1,59 @@
+# Copyright (C) 2024 Gramine contributors
+# SPDX-License-Identifier: BSD-3-Clause
+
+THIS_DIR := $(dir $(lastword $(MAKEFILE_LIST)))
+NODEJS_DIR ?= /usr/bin
+
+ARCH_LIBDIR ?= /lib/$(shell $(CC) -dumpmachine)
+
+ifeq ($(DEBUG),1)
+GRAMINE_LOG_LEVEL = debug
+else
+GRAMINE_LOG_LEVEL = error
+endif
+
+.PHONY: all
+all: eliza.manifest
+ifeq ($(SGX),1)
+all: eliza.manifest.sgx eliza.sig
+endif
+
+.PHONY: eliza.manifest
+eliza.manifest: eliza.manifest.template
+	gramine-manifest \
+		-Dlog_level=$(GRAMINE_LOG_LEVEL) \
+		-Darch_libdir=$(ARCH_LIBDIR) \
+		-Dnodejs_dir=$(NODEJS_DIR) \
+		$< >$@
+
+# Make on Ubuntu <= 20.04 doesn't support "Rules with Grouped Targets" (`&:`),
+# for details on this workaround see
+# https://github.com/gramineproject/gramine/blob/e8735ea06c/CI-Examples/helloworld/Makefile
+eliza.manifest.sgx eliza.sig: sgx_sign
+	@:
+
+.INTERMEDIATE: sgx_sign
+sgx_sign: eliza.manifest
+	gramine-sgx-sign \
+		--manifest $< \
+		--output $<.sgx
+
+ifeq ($(SGX),)
+GRAMINE = gramine-direct
+else
+GRAMINE = gramine-sgx
+endif
+
+# Start the default character:
+# SGX=1 make start
+# Start a specific character by passing arguments:
+# SGX=1 make start -- --character "character/your_character_file.json"
+.PHONY: start
+start: all
+	$(GRAMINE) ./eliza --loader ts-node/esm src/index.ts --isRoot $(filter-out $@,$(MAKECMDGOALS))
+.PHONY: clean
+clean:
+	$(RM) *.manifest *.manifest.sgx *.sig
+
+.PHONY: distclean
+distclean: clean

agent/package.json

@@ -49,8 +49,10 @@
     "@elizaos/plugin-solana": "workspace:*",
     "@elizaos/plugin-starknet": "workspace:*",
     "@elizaos/plugin-ton": "workspace:*",
+    "@elizaos/plugin-sgx": "workspace:*",
     "@elizaos/plugin-sui": "workspace:*",
     "@elizaos/plugin-tee": "workspace:*",
+    "@elizaos/plugin-tee-log": "workspace:*",
     "@elizaos/plugin-multiversx": "workspace:*",
     "@elizaos/plugin-near": "workspace:*",
     "@elizaos/plugin-zksync-era": "workspace:*",

agent/src/index.ts

@@ -55,8 +55,10 @@ import { nearPlugin } from "@elizaos/plugin-near";
 import { nftGenerationPlugin } from "@elizaos/plugin-nft-generation";
 import { createNodePlugin } from "@elizaos/plugin-node";
 import { solanaPlugin } from "@elizaos/plugin-solana";
+import { sgxPlugin } from "@elizaos/plugin-sgx";
 import { suiPlugin } from "@elizaos/plugin-sui";
 import { TEEMode, teePlugin } from "@elizaos/plugin-tee";
+import { teeLogPlugin } from "@elizaos/plugin-tee-log";
 import { tonPlugin } from "@elizaos/plugin-ton";
 import { zksyncEraPlugin } from "@elizaos/plugin-zksync-era";
 import { cronosZkEVMPlugin } from "@elizaos/plugin-cronoszkevm";
@@ -578,6 +580,12 @@ export async function createAgent(
             ...(teeMode !== TEEMode.OFF && walletSecretSalt
                 ? [teePlugin, solanaPlugin]
                 : []),
+            getSecret(character, "SGX") ? sgxPlugin : null,
+            (getSecret(character, "ENABLE_TEE_LOG") &&
+                ((teeMode !== TEEMode.OFF && walletSecretSalt) ||
+                    getSecret(character, "SGX")))
+                ? teeLogPlugin
+                : null,
             getSecret(character, "COINBASE_API_KEY") &&
             getSecret(character, "COINBASE_PRIVATE_KEY") &&
             getSecret(character, "COINBASE_NOTIFICATION_URI")

eliza.manifest.template

@@ -0,0 +1,84 @@
+# Copyright (C) 2024 Gramine contributors
+# SPDX-License-Identifier: BSD-3-Clause
+
+# Node.js manifest file example
+
+libos.entrypoint = "{{ nodejs_dir }}/node"
+
+fs.start_dir = "/agent"
+
+loader.log_level = "{{ log_level }}"
+
+loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}:/usr/{{ arch_libdir }}"
+
+# Insecure configuration for loading arguments and environment variables
+# Do not set these configurations in production
+loader.insecure__use_cmdline_argv = true
+loader.insecure__use_host_env = true
+
+fs.mounts = [
+  { uri = "file:{{ gramine.runtimedir() }}", path = "/lib" },
+  { uri = "file:{{ arch_libdir }}", path = "{{ arch_libdir }}" },
+  { uri = "file:/usr/{{ arch_libdir }}", path = "/usr/{{ arch_libdir }}" },
+  { uri = "file:{{ nodejs_dir }}/node", path = "{{ nodejs_dir }}/node" },
+  { type = "tmpfs", path = "/tmp" },
+  { type = "tmpfs", path = "/agent/content_cache" },
+]
+
+sys.enable_extra_runtime_domain_names_conf = true
+sys.fds.limit = 65535
+
+sgx.debug = false
+sgx.remote_attestation = "dcap"
+sgx.max_threads = 64
+
+# Some dependencies of Eliza utilize WebAssembly (WASM).
+# Initializing WASM requires a substantial amount of memory.
+# If there is insufficient memory, you may encounter the following error:
+# RangeError: WebAssembly.instantiate(): Out of memory: Cannot allocate Wasm memory for a new instance.
+# To address this, we set the enclave size to 64GB.
+sgx.enclave_size = "64G"
+
+# `use_exinfo = true` is needed because Node.js uses memory mappings with `MAP_NORESERVE`, which
+# will defer page accepts to page-fault events when EDMM is enabled
+sgx.edmm_enable = {{ 'true' if env.get('EDMM', '0') == '1' else 'false' }}
+sgx.use_exinfo = {{ 'true' if env.get('EDMM', '0') == '1' else 'false' }}
+
+sgx.trusted_files = [
+  "file:{{ gramine.runtimedir() }}/",
+  "file:{{ arch_libdir }}/",
+  "file:/usr/{{ arch_libdir }}/",
+  "file:{{ nodejs_dir }}/node",
+  "file:characters/",
+  "file:agent/src/",
+  "file:agent/package.json",
+  "file:agent/tsconfig.json",
+  "file:package.json",
+  "file:.env",
+
+  # Add these files to sgx.trusted_files in production and remove them from sgx.allowed_files.
+  # Trusting these files requires a high-performance SGX machine due to the large number of files,
+  # which could significantly increase startup time.
+  # To mitigate startup time degradation, we use allowed_files in development.
+  #
+  # "file:node_modules/",
+  # "file:packages/",
+  # These files are symbolic links to node_modules,
+  # and Gramine does not support adding symbolic link directories to sgx.trusted_files.
+  # Therefore, we must add each directory individually to sgx.trusted_files.
+  # "file:agent/node_modules/@elizaos/adapter-sqlite/",
+  # "file:agent/node_modules/@elizaos/.../",
+]
+
+# Insecure configuration. Use gramine encrypted fs to store data in production.
+sgx.allowed_files = [
+  "file:agent/data/",
+  "file:agent/model.gguf",
+
+  # Move these files to sgx.trusted_files in production.
+  "file:node_modules/",
+  "file:packages/",
+  "file:agent/node_modules/",
+]
+
+loader.env.SGX = "1"

packages/client-direct/package.json

@@ -7,6 +7,7 @@
   "dependencies": {
     "@elizaos/core": "workspace:*",
     "@elizaos/plugin-image-generation": "workspace:*",
+    "@elizaos/plugin-tee-log": "workspace:*",
     "@types/body-parser": "1.19.5",
     "@types/cors": "2.8.17",
     "@types/express": "5.0.0",