Documentation Index Fetch the complete documentation index at: https://mintlify.com/concrete-security/atlas/llms.txt
Use this file to discover all available pages before exploring further.
Policies define the verification requirements for attested TLS connections. They control what TEE measurements and security levels are acceptable.
Policy structure All policies must specify a type and verification rules:
const policy = { type: "dstack_tdx" , allowed_tcb_status: [ "UpToDate" ], expected_bootchain: { mrtd: "b24d3b24..." , rtmr0: "24c15e08..." , rtmr1: "6e1afb74..." , rtmr2: "89e73ced..." }, os_image_hash: "86b18137..." , app_compose: { runner: "docker-compose" , docker_compose_file: "..." } }
Development policy For testing and development, use a relaxed policy that skips bootchain verification:
import { createAtlsFetch } from "@concrete-security/atlas-node" // WARNING: disable_runtime_verification skips bootchain/app_compose/os_image checks // Use ONLY for development/testing, NEVER in production const devPolicy = { type: "dstack_tdx" , disable_runtime_verification: true , // DEV ONLY allowed_tcb_status: [ "UpToDate" , "SWHardeningNeeded" , "OutOfDate" ] } const fetch = createAtlsFetch ({ target: "enclave.example.com" , policy: devPolicy })
Never use disable_runtime_verification: true in production. This skips all bootchain, OS image, and application verification.
Production policy Production policies require full verification with bootchain measurements:
import { createAtlsFetch , mergeWithDefaultAppCompose } from "@concrete-security/atlas-node" import { readFileSync } from "fs" const dockerComposeFile = readFileSync ( "vllm_docker_compose.yml" , "utf-8" ) const productionPolicy = { type: "dstack_tdx" , expected_bootchain: { mrtd: "b24d3b24e9e3c16012376b52362ca09856c4adecb709d5fac33addf1c47e193da075b125b6c364115771390a5461e217" , rtmr0: "24c15e08c07aa01c531cbd7e8ba28f8cb62e78f6171bf6a8e0800714a65dd5efd3a06bf0cf5433c02bbfac839434b418" , rtmr1: "6e1afb7464ed0b941e8f5bf5b725cf1df9425e8105e3348dca52502f27c453f3018a28b90749cf05199d5a17820101a7" , rtmr2: "89e73cedf48f976ffebe8ac1129790ff59a0f52d54d969cb73455b1a79793f1dc16edc3b1fccc0fd65ea5905774bbd57" }, os_image_hash: "86b181377635db21c415f9ece8cc8505f7d4936ad3be7043969005a8c4690c1a" , app_compose: mergeWithDefaultAppCompose ({ docker_compose_file: dockerComposeFile , allowed_envs: [ "EKM_SHARED_SECRET" , "AUTH_SERVICE_TOKEN" ] }), allowed_tcb_status: [ "UpToDate" , "SWHardeningNeeded" ] } const fetch = createAtlsFetch ({ target: "vllm.concrete-security.com" , policy: productionPolicy })
JSON policies Policies can be loaded from JSON files for easier management:
Load from file
policy.json
import { readFileSync } from "fs" const policyJson = readFileSync ( "policy.json" , "utf-8" ) const policy = JSON . parse ( policyJson ) const fetch = createAtlsFetch ({ target: "enclave.example.com" , policy })
Policy fields Required fields Field Type Description typestringPolicy type ("dstack_tdx" for Intel TDX) allowed_tcb_statusstring[]Acceptable TCB statuses (e.g., ["UpToDate"])
Runtime verification fields By default, all runtime fields are required for production. Missing any field will cause a configuration error unless disable_runtime_verification is set to true.
Field Type Description expected_bootchainobjectMRTD and RTMR0-2 measurements os_image_hashstringSHA256 of Dstack image’s sha256sum.txt app_composeobjectExpected application configuration
Optional fields Field Type Default Description grace_periodnumber0Grace period (seconds) for OutOfDate TCB status disable_runtime_verificationbooleanfalseSkip runtime checks (dev only) pccs_urlstringPhala’s PCCS Intel PCCS URL for collateral cache_collateralbooleanfalseCache Intel collateral
TCB status values TCB (Trusted Computing Base) status indicates platform security posture:
Status Meaning Production Use UpToDatePlatform is fully patched ✅ Always use SWHardeningNeededSoftware requires specific mitigations ⚠️ Use if mitigations are implemented ConfigurationNeededBIOS/hardware config needs adjustment ⚠️ Use if config risk is acceptable OutOfDatePlatform TCB level is outdated ⚠️ Use only with grace period RevokedProcessor/keys are compromised ❌ Never use
Production TCB policy const strictPolicy = { type: "dstack_tdx" , allowed_tcb_status: [ "UpToDate" ], // ... other required fields }
Permissive TCB policy (with grace period) const gracefulPolicy = { type: "dstack_tdx" , allowed_tcb_status: [ "UpToDate" , "OutOfDate" ], grace_period: 30 * 24 * 60 * 60 , // 30 days // ... other required fields }
Bootchain verification Bootchain measurements verify the TEE’s boot process:
const policy = { type: "dstack_tdx" , expected_bootchain: { mrtd: "b24d3b24..." , // TD measurement root rtmr0: "24c15e08..." , // Firmware measurements rtmr1: "6e1afb74..." , // OS loader measurements rtmr2: "89e73ced..." // OS kernel measurements }, // ... other required fields }
Bootchain measurements depend on hardware configuration (CPU count, memory, GPUs). Compute measurements for your specific deployment using dstack-mr. See Bootchain Verification for details. Application verification Verify the application running inside the TEE:
import { mergeWithDefaultAppCompose } from "@concrete-security/atlas-node" const policy = { type: "dstack_tdx" , app_compose: mergeWithDefaultAppCompose ({ docker_compose_file: "version: '3' \n services: \n app: \n image: myapp:latest" , allowed_envs: [ "API_KEY" , "DATABASE_URL" ] }), // ... other required fields }
The mergeWithDefaultAppCompose helper fills in default Dstack configuration:
const merged = mergeWithDefaultAppCompose ({ docker_compose_file: "..." , allowed_envs: [ "MY_VAR" ] }) // Result includes: // - runner: "docker-compose" // - manifest_version: 2 // - features: ["kms", "docker-in-docker", "run-as-root", ...] // - Your custom fields
OS image verification Verify the Dstack OS image:
const policy = { type: "dstack_tdx" , os_image_hash: "86b181377635db21c415f9ece8cc8505f7d4936ad3be7043969005a8c4690c1a" , // ... other required fields }
The OS image hash is the SHA256 of Dstack’s sha256sum.txt file.
Grace periods Grace periods allow temporary acceptance of OutOfDate TCB status:
const policy = { type: "dstack_tdx" , allowed_tcb_status: [ "UpToDate" , "OutOfDate" ], grace_period: 30 * 24 * 60 * 60 , // 30 days in seconds // ... other required fields }
Grace period behavior:
Applies only when TCB status is OutOfDate
Requires OutOfDate in allowed_tcb_status
Value of 0 means no grace window
Use for patch cycle transitions
PCCS configuration Customize Intel PCCS (Provisioning Certification Caching Service) endpoint:
const policy = { type: "dstack_tdx" , pccs_url: "https://your-pccs.example.com" , cache_collateral: true , // Cache collateral for faster verification // ... other required fields }
Default PCCS: Phala’s public PCCS endpoint.
Verification errors Handle specific verification failures:
import { createAtlsFetch } from "@concrete-security/atlas-node" try { const fetch = createAtlsFetch ({ target: "enclave.example.com" , policy: productionPolicy }) const response = await fetch ( "/api/data" ) if ( ! response . attestation . trusted ) { console . error ( "Attestation failed!" ) } } catch ( err ) { if ( err . message . includes ( "BootchainMismatch" )) { console . error ( "Bootchain verification failed:" , err . message ) } else if ( err . message . includes ( "TcbStatusNotAllowed" )) { console . error ( "TCB status not allowed:" , err . message ) } else if ( err . message . includes ( "Configuration" )) { console . error ( "Policy configuration error:" , err . message ) } else { console . error ( "Verification error:" , err . message ) } }
Policy reuse Share policies across multiple connections:
const commonPolicy = { type: "dstack_tdx" , allowed_tcb_status: [ "UpToDate" ], expected_bootchain: { /* ... */ }, os_image_hash: "86b18137..." , app_compose: { /* ... */ } } // Use same policy for multiple targets const fetch1 = createAtlsFetch ({ target: "enclave1.example.com" , policy: commonPolicy }) const fetch2 = createAtlsFetch ({ target: "enclave2.example.com" , policy: commonPolicy })
Rust policy example For Rust applications using the core library:
use atlas_rs :: {atls_connect, Policy , DstackTdxPolicy , ExpectedBootchain }; use serde_json :: json; #[tokio :: main] async fn main () -> Result <(), Box < dyn std :: error :: Error >> { let tcp = tokio :: net :: TcpStream :: connect ( "vllm.example.com:443" ) . await ? ; let policy = Policy :: DstackTdx ( DstackTdxPolicy { expected_bootchain : Some ( ExpectedBootchain { mrtd : "b24d3b24..." . into (), rtmr0 : "24c15e08..." . into (), rtmr1 : "6e1afb74..." . into (), rtmr2 : "89e73ced..." . into (), }), os_image_hash : Some ( "86b18137..." . into ()), app_compose : Some ( json! ({ "runner" : "docker-compose" , "docker_compose_file" : "..." })), allowed_tcb_status : vec! [ "UpToDate" . into ()], .. Default :: default () }); let ( mut tls_stream , report ) = atls_connect ( tcp , "vllm.example.com" , policy , None ) . await ? ; println! ( "TEE verified!" ); Ok (()) }
Next steps