Skip to main content
Connect to Trusted Execution Environments (TEEs) from browser applications using attested TLS. The WASM bindings handle the complete aTLS protocol including HTTP/1.1 and chunked transfer encoding for streaming LLM responses.

Installation

1

Install the package

npm install @concrete-security/atlas-wasm
The package includes prebuilt WASM binaries for browser use.
2

Start the proxy

Browser deployments require a WebSocket-to-TCP proxy since browsers cannot make raw TCP connections:
# Required: set allowlist for security
export ATLS_PROXY_ALLOWLIST="vllm.example.com:443,other.tee.com:443"
export ATLS_PROXY_LISTEN="127.0.0.1:9000"

cargo run -p atlas-proxy
Key points:
  • Proxy only forwards bytes (no TLS termination)
  • All encryption and attestation verification happens in the browser
  • Allowlist is required for security (prevents SSRF attacks)
3

Connect from browser

import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";

await init();

const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",
  targetHost: "vllm.example.com",
  policy: { type: "dstack_tdx" },
  onAttestation: (att) => console.log("TEE:", att.teeType)
});

const response = await fetch("/v1/chat/completions", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ model: "gpt", messages: [...] })
});

Architecture

The WASM module handles attested TLS + HTTP/1.1 protocol (including chunked transfer encoding for streaming LLM responses). 
Browser (atls-fetch.js)          WASM (atlas_wasm)           Proxy              TEE
        │                               │                       │                  │
        │──── AtlsHttp.connect ───────►│                       │                  │
        │                               │──── WebSocket ───────►│                  │
        │                               │                       │──── TCP ────────►│
        │                               │◄──── TLS handshake + attestation ───────►│
        │◄─── attestation result ───────│                       │                  │
        │                               │                       │                  │
        │──── http.fetch(method,...) ──►│──── HTTP/1.1 req ────►│──── raw ────────►│
        │◄─── {status,headers,body} ────│◄──── HTTP/1.1 res ────│◄──── raw ────────│

Usage patterns

Fetch-compatible API with HTTP handling in Rust/WASM:
import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";

await init();

const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",
  targetHost: "vllm.example.com",
  policy: { type: "dstack_tdx" },  // Required: verification policy
  onAttestation: (att) => console.log("TEE:", att.teeType)
});

// Use like regular fetch
const response = await fetch("/v1/chat/completions", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ model: "gpt", messages: [...] })
});

console.log(response.status);
console.log(response.attestation); // { trusted: true, teeType: "Tdx", ... }

API reference

createAtlsFetch(options)

Create a fetch-compatible function with attestation support: 
import { init, createAtlsFetch } from "@concrete-security/atlas-wasm";

await init();

const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",       // Required: WebSocket proxy URL
  targetHost: "vllm.example.com",       // Required: TEE server hostname
  policy: { type: "dstack_tdx" },       // Required: verification policy
  onAttestation: (att) => {             // Optional: attestation callback
    console.log("TEE:", att.teeType);
  }
});

AtlsHttp.connect(proxyUrl, serverName)

Connect to a TEE server and return an HTTP client: 
import init, { AtlsHttp } from "@concrete-security/atlas-wasm";

await init();

const http = await AtlsHttp.connect(
  "ws://127.0.0.1:9000?target=vllm.example.com:443",
  "vllm.example.com"
);

const attestation = http.attestation();
const result = await http.fetch(method, path, host, headers, body);

AttestedStream.connect(proxyUrl, serverName)

Connect to a TEE server and return a raw attested TLS stream: 
import init, { AttestedStream } from "@concrete-security/atlas-wasm";

await init();

const stream = await AttestedStream.connect(
  "ws://127.0.0.1:9000?target=vllm.example.com:443",
  "vllm.example.com"
);

const attestation = stream.attestation();
await stream.send(bytes);
const reader = stream.readable.getReader();

Proxy setup

Browser deployments require a WebSocket-to-TCP proxy since browsers cannot make raw TCP connections.

Quick start

# Required: set allowlist for security
export ATLS_PROXY_ALLOWLIST="vllm.example.com:443,other.tee.com:443"
export ATLS_PROXY_LISTEN="127.0.0.1:9000"

cargo run -p atlas-proxy

Key points

  • Proxy only forwards bytes - No TLS termination
  • All encryption happens in the browser - End-to-end security
  • Allowlist is required - Prevents SSRF attacks
  • No attestation verification in proxy - All verification happens in the browser
See the proxy documentation for detailed configuration and deployment patterns.

Policy configuration

Policies control attestation verification requirements: 
const fetch = createAtlsFetch({
  proxyUrl: "ws://127.0.0.1:9000",
  targetHost: "vllm.example.com",
  policy: {
    type: "dstack_tdx",
    allowed_tcb_status: ["UpToDate", "SWHardeningNeeded"],
    expected_bootchain: {
      mrtd: "b24d3b24...",
      rtmr0: "24c15e08...",
      rtmr1: "6e1afb74...",
      rtmr2: "89e73ced..."
    }
  }
})
See Policy Configuration for complete field descriptions.

Building from source

The npm package includes prebuilt WASM binaries. To build from source: 
# From repo root
make build-wasm
macOS note: Requires Clang with WebAssembly target support (Apple’s Xcode clang doesn’t support WASM). The build process automatically detects and uses Homebrew’s LLVM if available: 
make setup-wasm
make build-wasm

Build docs developers (and LLMs) love

Get started for freeTalk to us