Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/concrete-security/atlas/llms.txt

Use this file to discover all available pages before exploring further.

Connect to Trusted Execution Environments (TEEs) from browser applications using attested TLS. The WASM bindings handle the complete aTLS protocol including HTTP/1.1 and chunked transfer encoding for streaming LLM responses.

Installation

1

Install the package

npm install @concrete-security/atlas-wasm
The package includes prebuilt WASM binaries for browser use.
2

Start the proxy

Browser deployments require a WebSocket-to-TCP proxy since browsers cannot make raw TCP connections:
# Required: set allowlist for security
export ATLS_PROXY_ALLOWLIST="vllm.example.com:443,other.tee.com:443"
export ATLS_PROXY_LISTEN="127.0.0.1:9000"

cargo run -p atlas-proxy
Key points:
  • Proxy only forwards bytes (no TLS termination)
  • All encryption and attestation verification happens in the browser
  • Allowlist is required for security (prevents SSRF attacks)
3

Connect from browser

import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";

await init();

const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",
  targetHost: "vllm.example.com",
  policy: { type: "dstack_tdx" },
  onAttestation: (att) => console.log("TEE:", att.teeType)
});

const response = await fetch("/v1/chat/completions", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ model: "gpt", messages: [...] })
});

Architecture

The WASM module handles attested TLS + HTTP/1.1 protocol (including chunked transfer encoding for streaming LLM responses). 
Browser (atls-fetch.js)          WASM (atlas_wasm)           Proxy              TEE
        │                               │                       │                  │
        │──── AtlsHttp.connect ───────►│                       │                  │
        │                               │──── WebSocket ───────►│                  │
        │                               │                       │──── TCP ────────►│
        │                               │◄──── TLS handshake + attestation ───────►│
        │◄─── attestation result ───────│                       │                  │
        │                               │                       │                  │
        │──── http.fetch(method,...) ──►│──── HTTP/1.1 req ────►│──── raw ────────►│
        │◄─── {status,headers,body} ────│◄──── HTTP/1.1 res ────│◄──── raw ────────│

Usage patterns

Fetch-compatible API with HTTP handling in Rust/WASM:
import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";

await init();

const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",
  targetHost: "vllm.example.com",
  policy: { type: "dstack_tdx" },  // Required: verification policy
  onAttestation: (att) => console.log("TEE:", att.teeType)
});

// Use like regular fetch
const response = await fetch("/v1/chat/completions", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ model: "gpt", messages: [...] })
});

console.log(response.status);
console.log(response.attestation); // { trusted: true, teeType: "Tdx", ... }

API reference

createAtlsFetch(options)

Create a fetch-compatible function with attestation support: 
import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";

await init();

const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",       // Required: WebSocket proxy URL
  targetHost: "vllm.example.com",       // Required: TEE server hostname
  policy: { type: "dstack_tdx" },       // Required: verification policy
  onAttestation: (att) => {             // Optional: attestation callback
    console.log("TEE:", att.teeType);
  }
});

AtlsHttp.connect(proxyUrl, serverName)

Connect to a TEE server and return an HTTP client: 
import init, { AtlsHttp } from "@concrete-security/atlas-wasm";

await init();

const http = await AtlsHttp.connect(
  "ws://127.0.0.1:9000?target=vllm.example.com:443",
  "vllm.example.com"
);

const attestation = http.attestation();
const result = await http.fetch(method, path, host, headers, body);

AttestedStream.connect(proxyUrl, serverName)

Connect to a TEE server and return a raw attested TLS stream: 
import init, { AttestedStream } from "@concrete-security/atlas-wasm";

await init();

const stream = await AttestedStream.connect(
  "ws://127.0.0.1:9000?target=vllm.example.com:443",
  "vllm.example.com"
);

const attestation = stream.attestation();
await stream.send(bytes);
const reader = stream.readable.getReader();

Proxy setup

Browser deployments require a WebSocket-to-TCP proxy since browsers cannot make raw TCP connections.

Quick start

# Required: set allowlist for security
export ATLS_PROXY_ALLOWLIST="vllm.example.com:443,other.tee.com:443"
export ATLS_PROXY_LISTEN="127.0.0.1:9000"

cargo run -p atlas-proxy

Key points

  • Proxy only forwards bytes - No TLS termination
  • All encryption happens in the browser - End-to-end security
  • Allowlist is required - Prevents SSRF attacks
  • No attestation verification in proxy - All verification happens in the browser
See the proxy documentation for detailed configuration and deployment patterns.

Policy configuration

Policies control attestation verification requirements: 
const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",
  targetHost: "vllm.example.com",
  policy: {
    type: "dstack_tdx",
    allowed_tcb_status: ["UpToDate", "SWHardeningNeeded"],
    expected_bootchain: {
      mrtd: "b24d3b24...",
      rtmr0: "24c15e08...",
      rtmr1: "6e1afb74...",
      rtmr2: "89e73ced..."
    }
  }
})
See Policy Configuration for complete field descriptions.

Building from source

The npm package includes prebuilt WASM binaries. To build from source: 
# From repo root
make build-wasm
macOS note: Requires Clang with WebAssembly target support (Apple’s Xcode clang doesn’t support WASM). The build process automatically detects and uses Homebrew’s LLVM if available: 
make setup-wasm
make build-wasm