This document provides a comprehensive introduction to the dstack system, explaining its purpose as a confidential computing platform, its architecture, and how its components work together to enable secure deployment of containerized applications in Trusted Execution Environments (TEEs).
For detailed information about specific subsystems:
Sources: README.md1-502
dstack is a developer-friendly confidential computing platform that simplifies deploying arbitrary containerized applications into Intel TDX (Trust Domain Extensions) based Trusted Execution Environments. It provides an end-to-end security framework combining hardware-based TEE attestation with blockchain-enforced policies.
The platform enables developers to deploy Docker containers with the same familiar docker-compose.yaml workflow they already use, while automatically handling:
Sources: README.md19-29 Cargo.toml1-224
Traditional cloud deployments require trusting infrastructure providers with:
This trust model is incompatible with high-security use cases like:
dstack solves this by leveraging Intel TDX to create Confidential Virtual Machines (CVMs) where:
Sources: README.md19-29 docs/deployment.md1-377
dstack consists of four core infrastructure services running on TDX-capable bare metal hosts:
Diagram: Four Core Infrastructure Services and Their Interactions
| Service | Purpose | Key Code Paths |
|---|---|---|
| dstack-vmm | Manages CVM lifecycle, allocates resources, handles QEMU/KVM configuration | vmm/src/main.rs vmm/src/vm.rs |
| dstack-kms | Generates and derives cryptographic keys, validates TDX attestation quotes, enforces blockchain policies | kms/src/main.rs kms/src/service.rs |
| dstack-gateway | Terminates TLS connections, routes traffic to CVMs via WireGuard, manages Let's Encrypt certificates | gateway/src/main.rs gateway/src/proxy/ |
| dstack-guest-agent | Provides in-CVM APIs for key derivation, quote generation, and event logging via Unix socket | guest-agent/src/main.rs guest-agent/src/http_server.rs |
Sources: README.md63-76 Cargo.toml16-55
The VMM is a Rust service running on the bare metal host that orchestrates all CVMs. It:
Diagram: VMM CVM Creation Flow
Configuration: vmm/rpc/proto/vmm.proto defines the VmConfig message structure containing CPU count, memory size, OS image hash, and app configuration.
Sources: README.md71 Cargo.toml28 docs/deployment.md15-58
The KMS is the trust anchor of the system, running inside a dedicated CVM. It:
Diagram: KMS Key Derivation and Authorization Flow
Key Storage: Root keys are stored in /kms/root-key.bin, encrypted with keys sealed to TDX measurements. See kms/src/root_key.rs for implementation.
Sources: README.md73 Cargo.toml17-18 docs/deployment.md88-155
The Gateway CVM acts as a reverse proxy and TLS terminator, providing public internet access to application CVMs:
certbot<app_id>[-<port>][s|g].<domain>Diagram: Gateway Request Routing and TLS Management
Ingress Patterns: See README.md210-221 for complete routing rules. The suffix s enables TLS passthrough (see gateway/src/proxy/tls_passthough.rs74-87), while g enables gRPC/HTTP2.
Sources: README.md72-221 Cargo.toml29-30 docs/deployment.md156-281
The guest agent runs inside every CVM and provides the Unix socket API at /var/run/dstack.sock that containerized applications use to access TEE functionality:
Diagram: Guest Agent API Endpoints and Their Implementations
API Methods: See sdk/rust/types/src/lib.rs for the complete API schema exposed to applications. The agent implements three API surfaces: Host API (VSOCK to host), Guest API (VSOCK from host), and Public API (HTTP on :8090).
Sources: README.md74 Cargo.toml25-26 README.md230-254
dstack's security model is built on three pillars:
Every CVM generates TDX quotes that cryptographically prove:
Diagram: TDX Attestation Flow from Boot to Key Derivation
Sources: Cargo.toml70-71 README.md230-254
Ethereum smart contracts define immutable policies that the KMS enforces:
DstackKms.sol: Main contract managing allowed KMS instances, OS images, and app registryDstackApp.sol: Per-app contract controlling allowed compose hashes and device IDsDiagram: Smart Contract Authorization Flow
Sources: kms/auth-eth/foundry-cast-cheatsheet.md1-523 docs/deployment.md60-377
All keys are derived from a root key generated inside the KMS CVM, creating a hierarchical structure:
Root Key (sealed to TDX measurements) ├─> Per-App CA Key (derived via HKDF with app_id) │ └─> TLS Certificates for instances ├─> Per-Instance Disk Key (app_id + instance_id + "disk") ├─> Per-Instance Env Key (app_id + instance_id + "env") └─> Per-Instance k256 Key (app_id + instance_id + "k256") └─> Ethereum/Blockchain signing keys Key Derivation: Implemented in kms/src/service.rs using HKDF-SHA256 with domain separation.
Sources: README.md195-206
The typical workflow for deploying an application on dstack:
Deploy a DstackApp contract to define authorization policies:
Sources: docs/deployment.md300-352
Write a standard docker-compose.yaml and optionally encrypt environment variables:
Sources: README.md174-246
Calculate the SHA256 hash of the compose configuration and add it to the smart contract:
Sources: docs/deployment.md354-363
Use the Web UI at :9080 or CLI to deploy:
dstack-0.5.2)Sources: README.md174-193 docs/deployment.md365-377
Once deployed, the application is accessible via dstack-gateway:
https://<app_id>-<port>.domain.com Or retrieve TDX quotes from inside the container:
Sources: README.md207-254
A virtual machine running with Intel TDX protection, where memory is encrypted and isolated from the host. The VMM can create CVMs but cannot inspect their runtime state or memory contents.
Code: CVM creation in vmm/src/vm.rs TDX configuration via QEMU parameters.
DstackApp contract (proxy address), representing the application across all instancesRelationship: Multiple instances can share the same App ID but have different Instance IDs. Keys are derived per-instance, but authorization policies apply per-app.
A TLS extension that embeds a TDX quote in the certificate, allowing peers to verify the TEE authenticity during the handshake. Used for secure communication between KMS and guest agents.
Implementation: ra-tls/src/lib.rs
TDX provides 4 RTMRs that accumulate measurements during boot:
Extension: Applications can extend RTMR3 via the emitEvent API.
Sources: cc-eventlog/src/lib.rs
The SHA256 hash of the app-compose.json file, which includes:
This hash must be whitelisted in the DstackApp contract before deployment.
The hash of the entire guest OS filesystem image. The KMS maintains a whitelist of approved OS image hashes to prevent running unauthorized or compromised guest images.
Verification: verifier/dstack-verifier.toml9-13 shows configuration for OS image verification service.
Sources: README.md1-502 Cargo.toml1-224 docs/deployment.md1-377 verifier/dstack-verifier.toml1-19
Refresh this wiki