tinfoil

package module

v0.0.3 Latest Latest Go to latest Published: May 9, 2025 License: AGPL-3.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tinfoilsh/tinfoil-go

Links

Open Source Insights

README ¶

Tinfoil Go Client

Installation

go get github.com/tinfoilsh/tinfoil-go

Quick Start

The Tinfoil Go client is a wrapper around the OpenAI Go client and provides secure communication with Tinfoil enclaves. It has the same API as the OpenAI client, with additional security features:

Automatic verification that the endpoint is running in a secure Tinfoil enclave
TLS certificate pinning to prevent man-in-the-middle attacks
Attestation validation to ensure enclave integrity

import (
    "fmt"
    "context"
    "github.com/openai/openai-go"
    "github.com/openai/openai-go/option"
    "github.com/tinfoilsh/tinfoil-go" // imported as tinfoil
)

// Create a client for a specific enclave and model repository
client, err := tinfoil.NewClientWithParams("enclave.example.com", "org/model-repo",
    option.WithAPIKey("your-api-key"),
)
if err != nil {
    panic(err.Error())
}

// Make requests using the OpenAI client API
// Note: enclave verification happens automatically
chatCompletion, err := client.Chat.Completions.New(context.TODO(), openai.ChatCompletionNewParams{
    Messages: openai.F([]openai.ChatCompletionMessageParamUnion{
        openai.UserMessage("Say this is a test"),
    }),
    Model: openai.F("llama3.2:1b"), // see https://docs.tinfoil.sh for supported models
})

if err != nil {
    panic(err.Error())
}

fmt.Println(chatCompletion.Choices[0].Message.Content)

Usage

// 1. Create a client
client, err := tinfoil.NewClientWithParams(
    "enclave.example.com",  // Enclave hostname
    "org/repo",             // GitHub repository
    option.WithAPIKey("your-api-key"),
)
if err != nil {
    panic(err.Error())
}

// 2. Use client as you would openai.Client 
// see https://pkg.go.dev/github.com/openai/openai-go for API documentation

Advanced functionality

// Manual verification
state, err := client.Verify()
if err != nil {
    return fmt.Errorf("verification failed: %w", err)
}

// Get the raw HTTP client 
httpClient, err := client.HTTPClient()
if err != nil {
    return fmt.Errorf("failed to get HTTP client: %w", err)
}

// Make HTTP requests directly 
resp, err := client.Get("/api/status", map[string]string{
    "Authorization": "Bearer token",
})

Foreign Function Interface (FFI) Support

For usage in other languages through FFI, additional functions are available which avoid using FFI incompatible data structures (e.g., Go maps):

// Initialize a request and get an ID
requestID, err := client.InitPostRequest("/api/submit", []byte(`{"key":"value"}`))

// Add headers individually
client.AddHeader(requestID, "Content-Type", "application/json")
client.AddHeader(requestID, "Authorization", "Bearer token")

// Execute the request
resp, err := client.ExecuteRequest(requestID)

API Documentation

This library is a drop-in replacement for the official OpenAI Go client that can be used with Tinfoil. All methods and types are identical. See the OpenAI Go client documentation for complete API usage and documentation.

Reporting Vulnerabilities

Please report security vulnerabilities by either:

Emailing security@tinfoil.sh
Opening an issue on GitHub on this repository

We aim to respond to security reports within 24 hours and will keep you updated on our progress.

Documentation ¶

Index ¶

Variables
type Client
- func NewClient(openaiOpts ...option.RequestOption) (*Client, error)
- func NewClientWithParams(enclave, repo string, openaiOpts ...option.RequestOption) (*Client, error)
type GroundTruth
type Response
type SecureClient
- func NewSecureClient(enclave, repo string) *SecureClient
type TLSBoundRoundTripper
- func (t *TLSBoundRoundTripper) RoundTrip(r *http.Request) (*http.Response, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrNoTLS              = errors.New("no TLS connection")
	ErrCertMismatch       = errors.New("certificate fingerprint mismatch")
	ErrNoValidCertificate = errors.New("no valid certificate")
)

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	*openai.Client
	// contains filtered or unexported fields
}

Client wraps the OpenAI client to work with Tinfoil

func NewClient ¶

func NewClient(openaiOpts ...option.RequestOption) (*Client, error)

NewClient creates a new secure OpenAI client using environment variables for configuration

func NewClientWithParams ¶

func NewClientWithParams(enclave, repo string, openaiOpts ...option.RequestOption) (*Client, error)

NewClientWithParams creates a new secure OpenAI client with explicit enclave and repo parameters

type GroundTruth ¶

type GroundTruth struct {
	PublicKeyFP string
	Digest      string
	Measurement string
}

GroundTruth represents the "known good" verified state of the enclave

type Response ¶

type Response struct {
	Status     string
	StatusCode int
	Body       []byte
}

type SecureClient ¶

type SecureClient struct {
	// contains filtered or unexported fields
}

SecureClient provides a way to securely communicate with a verified enclave

func NewSecureClient ¶

func NewSecureClient(enclave, repo string) *SecureClient

NewSecureClient creates a new client for secure communications with the enclave

func (*SecureClient) AddHeader ¶

func (s *SecureClient) AddHeader(requestID int64, key string, value string) error

AddHeader adds a header to a pending request

func (*SecureClient) ExecuteRequest ¶

func (s *SecureClient) ExecuteRequest(requestID int64) (*Response, error)

ExecuteRequest executes a pending request and returns the response

func (*SecureClient) Get ¶

func (s *SecureClient) Get(url string, headers map[string]string) (*Response, error)

Get makes an HTTP GET request

func (*SecureClient) GroundTruth ¶

func (s *SecureClient) GroundTruth() *GroundTruth

GroundTruth returns the last verified enclave state

func (*SecureClient) HTTPClient ¶

func (s *SecureClient) HTTPClient() (*http.Client, error)

HTTPClient returns an HTTP client that only accepts TLS connections to the verified enclave

func (*SecureClient) InitGetRequest ¶

func (s *SecureClient) InitGetRequest(url string) (int64, error)

InitGetRequest initializes a new GET request and returns a unique request ID

func (*SecureClient) InitPostRequest ¶

func (s *SecureClient) InitPostRequest(url string, body []byte) (int64, error)

InitPostRequest initializes a new POST request and returns a unique request ID

func (*SecureClient) Post ¶

func (s *SecureClient) Post(url string, headers map[string]string, body []byte) (*Response, error)

Post makes an HTTP POST request

func (*SecureClient) Verify ¶

func (s *SecureClient) Verify() (*GroundTruth, error)

Verify fetches the latest verification information from GitHub and Sigstore and stores the ground truth results in the client

type TLSBoundRoundTripper ¶

type TLSBoundRoundTripper struct {
	ExpectedPublicKey string
}

func (*TLSBoundRoundTripper) RoundTrip ¶

func (t *TLSBoundRoundTripper) RoundTrip(r *http.Request) (*http.Response, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
examples
chat command
verifier module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL