Supported runtimes

MarbleRun strives to be runtime-agnostic. Currently, supported runtimes are described below. More will follow in the future.

EGo

EGo is the preferred way for writing confidential Go applications from scratch as well as porting existing ones. Usage is similar to conventional Go programming. Start building your service with EGo to use it with MarbleRun.

Edgeless RT

With Edgeless RT, you can create confidential C++ applications with a low TCB. Please follow the build instructions provided in the C++ sample to use it with MarbleRun.

Gramine

Gramine is a popular choice for wrapping unmodified applications into enclaves. This approach, commonly known as "lift and shift," facilitates the process of bringing existing applications into the confidential space. Gramine further adds support for dynamically linked libraries and multi-process applications in SGX. Running a Gramine app with MarbleRun requires minor changes to its manifest.

Occlum

Occlum is another popular solution that allows wrapping existing applications with minimal to no changes inside an enclave. It requires you to, at best, recompile existing applications with the provided toolchains with support for common languages such as C, C++, Go, Java, and Rust. Its core is written in the memory-safe programming language Rust, and it provides a separated environment under which your application is running. This provides a safe yet powerful way to build your applications. Running an Occlum app with MarbleRun requires minor changes to its manifest.