Following the first production-ready release “v1.0”, The Gramine Projectis releasing “v1.1” in upcoming weeks. One highlight of this release is stability improvements for Golang and Rust workloads. Another prominent feature of the release is support for the musl C standard library– now Gramine allows users to choose between glibc and musl, depending on users’ requirements on the binary size (TCB), as musl is more light-weight than glibc. Also, AddressSanitizer was integrated in Gramine, and it runs in the CI on each change, for detecting any security issues ahead of code merge. This version adds several other features as well as multiple bug fixes (thanks to our ever-increasing user base for reporting issues!).
While there are several use cases under development, we would like to highlight the production release of the OpenVino Security Add-on (OVSA) for Model IP protection (consider using it for your protected ML workloads). Please reach out to the Gramine team if you are experimenting with Gramine and would like to be added to the list of “Users of Gramine”
Enarx
In Enarx’s first release “version .0.1.0” (codenamed Alamo) we provided WebAssembly as a runtime. For our upcoming release “version 0.2.0” this coming quarter we are looking forward to providing support for attestation, including Intel’s SGX and AMD’s SEV.
Other areas where we are working on are support for filesystem and networking, which depend on upstream collaboration with the WebAssembly community.
Enarx is under high development and is not production ready yet, but our hope is that these initial releases will allow developers to experiment with Enarx and see its progress.
If you are interested in learning more about the Enarx project, please access our website, star us on GitHub, and join our chat.
