Documentation Index
Fetch the complete documentation index at: https://mintlify.com/concrete-security/atlas/llms.txt
Use this file to discover all available pages before exploring further.
Connect to Trusted Execution Environments (TEEs) from browser applications using attested TLS. The WASM bindings handle the complete aTLS protocol including HTTP/1.1 and chunked transfer encoding for streaming LLM responses.
Installation
Install the package
npm install @concrete-security/atlas-wasm
Start the proxy
Browser deployments require a WebSocket-to-TCP proxy since browsers cannot make raw TCP connections:# Required: set allowlist for security
export ATLS_PROXY_ALLOWLIST="vllm.example.com:443,other.tee.com:443"
export ATLS_PROXY_LISTEN="127.0.0.1:9000"
cargo run -p atlas-proxy
- Proxy only forwards bytes (no TLS termination)
- All encryption and attestation verification happens in the browser
- Allowlist is required for security (prevents SSRF attacks)
Connect from browser
import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";
await init();
const fetch = createAtlsFetch({
proxyUrl: "ws://127.0.0.1:9000",
targetHost: "vllm.example.com",
policy: { type: "dstack_tdx" },
onAttestation: (att) => console.log("TEE:", att.teeType)
});
const response = await fetch("/v1/chat/completions", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ model: "gpt", messages: [...] })
});
Architecture
The WASM module handles attested TLS + HTTP/1.1 protocol (including chunked transfer encoding for streaming LLM responses).
Browser (atls-fetch.js) WASM (atlas_wasm) Proxy TEE
│ │ │ │
│──── AtlsHttp.connect ───────►│ │ │
│ │──── WebSocket ───────►│ │
│ │ │──── TCP ────────►│
│ │◄──── TLS handshake + attestation ───────►│
│◄─── attestation result ───────│ │ │
│ │ │ │
│──── http.fetch(method,...) ──►│──── HTTP/1.1 req ────►│──── raw ────────►│
│◄─── {status,headers,body} ────│◄──── HTTP/1.1 res ────│◄──── raw ────────│
Usage patterns
Fetch API
AtlsHttp (low-level)
AttestedStream (raw)
Fetch-compatible API with HTTP handling in Rust/WASM:import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";
await init();
const fetch = createAtlsFetch({
proxyUrl: "ws://127.0.0.1:9000",
targetHost: "vllm.example.com",
policy: { type: "dstack_tdx" }, // Required: verification policy
onAttestation: (att) => console.log("TEE:", att.teeType)
});
// Use like regular fetch
const response = await fetch("/v1/chat/completions", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ model: "gpt", messages: [...] })
});
console.log(response.status);
console.log(response.attestation); // { trusted: true, teeType: "Tdx", ... }
HTTP client with streaming body support:import init, { AtlsHttp } from "@concrete-security/atlas-wasm";
await init();
const http = await AtlsHttp.connect(
"ws://127.0.0.1:9000?target=vllm.example.com:443",
"vllm.example.com"
);
console.log(http.attestation()); // { trusted, teeType, tcbStatus }
const result = await http.fetch("POST", "/v1/chat/completions", "vllm.example.com",
[["Content-Type", "application/json"]],
new TextEncoder().encode('{"model":"gpt"}')
);
// result.body is a ReadableStream (handles chunked encoding automatically)
const reader = result.body.getReader();
while (true) {
const { done, value } = await reader.read();
if (done) break;
console.log(new TextDecoder().decode(value));
}
Direct access to the raw attested TLS stream (no HTTP handling):import init, { AttestedStream } from "@concrete-security/atlas-wasm";
await init();
const stream = await AttestedStream.connect(
"ws://127.0.0.1:9000?target=vllm.example.com:443",
"vllm.example.com"
);
console.log(stream.attestation()); // { trusted, teeType, tcbStatus }
await stream.send(new TextEncoder().encode("GET / HTTP/1.1\r\n\r\n"));
const reader = stream.readable.getReader();
const { value } = await reader.read();
console.log(new TextDecoder().decode(value));
API reference
createAtlsFetch(options)
Create a fetch-compatible function with attestation support:
import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";
await init();
const fetch = createAtlsFetch({
proxyUrl: "ws://127.0.0.1:9000", // Required: WebSocket proxy URL
targetHost: "vllm.example.com", // Required: TEE server hostname
policy: { type: "dstack_tdx" }, // Required: verification policy
onAttestation: (att) => { // Optional: attestation callback
console.log("TEE:", att.teeType);
}
});
AtlsHttp.connect(proxyUrl, serverName)
Connect to a TEE server and return an HTTP client:
import init, { AtlsHttp } from "@concrete-security/atlas-wasm";
await init();
const http = await AtlsHttp.connect(
"ws://127.0.0.1:9000?target=vllm.example.com:443",
"vllm.example.com"
);
const attestation = http.attestation();
const result = await http.fetch(method, path, host, headers, body);
AttestedStream.connect(proxyUrl, serverName)
Connect to a TEE server and return a raw attested TLS stream:
import init, { AttestedStream } from "@concrete-security/atlas-wasm";
await init();
const stream = await AttestedStream.connect(
"ws://127.0.0.1:9000?target=vllm.example.com:443",
"vllm.example.com"
);
const attestation = stream.attestation();
await stream.send(bytes);
const reader = stream.readable.getReader();
Proxy setup
Browser deployments require a WebSocket-to-TCP proxy since browsers cannot make raw TCP connections.
Quick start
# Required: set allowlist for security
export ATLS_PROXY_ALLOWLIST="vllm.example.com:443,other.tee.com:443"
export ATLS_PROXY_LISTEN="127.0.0.1:9000"
cargo run -p atlas-proxy
Key points
- Proxy only forwards bytes - No TLS termination
- All encryption happens in the browser - End-to-end security
- Allowlist is required - Prevents SSRF attacks
- No attestation verification in proxy - All verification happens in the browser
See the proxy documentation for detailed configuration and deployment patterns.
Policy configuration
Policies control attestation verification requirements:
const fetch = createAtlsFetch({
proxyUrl: "ws://127.0.0.1:9000",
targetHost: "vllm.example.com",
policy: {
type: "dstack_tdx",
allowed_tcb_status: ["UpToDate", "SWHardeningNeeded"],
expected_bootchain: {
mrtd: "b24d3b24...",
rtmr0: "24c15e08...",
rtmr1: "6e1afb74...",
rtmr2: "89e73ced..."
}
}
})
Building from source
The npm package includes prebuilt WASM binaries. To build from source:
# From repo root
make build-wasm
make setup-wasm
make build-wasm