Oak is a platform for building distributed systems that provide verifiable claims about their behavior, targeting developers of secure and transparent applications. It enables applications to run in isolated Trusted Execution Environments (TEEs) with remote attestation, ensuring data confidentiality and integrity even from the host provider.

How It Works

Oak leverages VM-based TEEs (like AMD SEV-SNP, Intel TDX) for hardware-rooted attestation. Enclave Applications, running within these TEEs, can cryptographically prove their software and hardware identity to remote parties. This process involves measuring binaries and configurations, binding them to hardware-protected keys, and signing the evidence with roots of trust from TEE manufacturers. End-to-end encrypted channels are established using these attested identities, ensuring confidentiality, integrity, and authenticity of communication.

Quick Start & Requirements

• Install/Run: Not explicitly detailed in the README.
• Prerequisites: Requires TEE-enabled hardware (e.g., AMD SEV-SNP, Intel TDX). Specific OS and CPU requirements are not detailed.
• Resources: Setup time and resource footprint are not specified.
• Links: Mailing list for contributors: [link to mailing list]

Highlighted Details

• Supports two OS flavors within TEEs: a minimal Oak Restricted Kernel for strict code review, and Oak Containers (OCI bundles with Linux) for greater flexibility and performance.
• Employs a "Transparent Release" process using Rekor (Sigstore) to log binary artifact signatures, enabling reproducible builds and verifiable provenance for components.
• Enables "Sealed Computing" for privacy-preserving data processing where inputs and outputs are hidden from the hosting service provider.
• Uses a multi-stage remote attestation protocol augmented with DICE to measure and bind all boot stages, including kernel and application, to the TEE evidence.

Maintenance & Community

• Community engagement is encouraged via a mailing list.
• No specific contributors, sponsorships, or roadmap details are provided.

Licensing & Compatibility

• License type is not specified in the README.
• Compatibility for commercial use or closed-source linking is not detailed.

Limitations & Caveats

The README acknowledges that TEEs can be vulnerable to side-channel attacks, and physical access to hardware is a threat not mitigated by Oak alone. The trust model relies on the security of the chosen TEE manufacturer and the broader Linux ecosystem if using Oak Containers.