This is an automated email from the ASF dual-hosted git repository.
zfc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-website.git
The following commit(s) were added to refs/heads/master by this push:
new 574429615 site: add overview page and polish content
574429615 is described below
commit 574429615327e833dc597da015244b9105010479
Author: Zhaofeng Chen <[email protected]>
AuthorDate: Sat Jul 19 01:35:21 2025 +0000
site: add overview page and polish content
---
site/blog/2025-07-08-repo-reorg-community-focus.md | 93 +++++++++++++++++++++
site/docs/community/community.md | 10 ---
site/docusaurus.config.js | 4 +-
site/src/pages/index.js | 2 +-
site/src/pages/overview.md | 94 ++++++++++++++++++++++
5 files changed, 190 insertions(+), 13 deletions(-)
diff --git a/site/blog/2025-07-08-repo-reorg-community-focus.md
b/site/blog/2025-07-08-repo-reorg-community-focus.md
new file mode 100644
index 000000000..60d67a40d
--- /dev/null
+++ b/site/blog/2025-07-08-repo-reorg-community-focus.md
@@ -0,0 +1,93 @@
+---
+
+title: Teaclave Repository Restructuring and Community Focus
+date: 2025-07-08
+author: [email protected]
+
+---
+
+Teaclave was originally created with a broad vision to explore the
possibilities of confidential computing. It consisted of multiple components,
including SDKs supporting Intel SGX and Arm TrustZone, a general-purpose
application framework (FaaS), and experimental verification efforts, spanning
several repositories under the Apache Incubator.
+
+Over the years, as the field of confidential computing evolved, we observed a
clear trend: developers increasingly preferred building their own Trusted
Applications using SDKs directly, rather than relying on a general-purpose FaaS
framework. This organic shift in usage has also been reflected in our
contributor activities. Most community engagement and active development now
center around the SDKs, especially the Rust-based TrustZone and SGX SDKs.
+
+As part of our preparation for graduation from the Apache Incubator, we’ve
received recurring questions about what Teaclave is today, and what its
long-term focus should be. To address this and align with current usage and
contributions, we propose a refined mission and corresponding repository
restructuring.
+
+---
+
+## Refined Mission
+
+`Teaclave empowers developers to build memory-safe (e.g. Rust) Trusted
Applications across diverse confidential computing platforms.`
+Our primary focus going forward will be on maintaining and improving SDKs that
support this mission.
+
+---
+
+## Repository Restructuring Plan
+
+### Goals
+
+- Reflect Teaclave’s active development and current focus
+- Reduce long-term maintenance costs for inactive components
+- Preserve historical contributions and community merit
+
+### `incubator-teaclave`
+
+**Current Status:**
+- Role: Former flagship repository for the FaaS-style confidential computing
framework.
+- Activity: Last commit in July 2023.
+- Maintenance: No longer actively developed or aligned with the community’s
current direction.
+
+**Shift in Focus:**
+- This repository will be repurposed as the **main landing page** for the
Teaclave project (Podling or TLP). It will provide high-level documentation,
links to active SDKs, examples to help users get started, and showcases to
build with Teaclave SDKs.
+- Historical contributions and community merit will be preserved [1].
+- Preview of reorganized content is already hosted on the `main` branch [2].
+ - A clear project overview
+ - Links to active SDK repositories (TrustZone, SGX, etc.)
+ - Showcases for each SDK
+ - A unified contribution guide and roadmap
+
+[1]: https://github.com/apache/incubator-teaclave/graphs/contributors
+[2]: https://github.com/apache/incubator-teaclave/tree/main
+
+**Action Items:**
+- Deprecate the existing `master` branch and rename it to `legacy`
+- Set `main` as the default branch
+
+### `incubator-teaclave-crates`
+
+**Current Status:**
+- Role: Hosts ported/forked crates for TEE platforms (e.g., sgx-crypto,
protobuf)
+- Activity: Some crates are outdated or redundant
+- Maintenance: Partial
+
+**Shift in Focus:**
+This repository will remain an **auxiliary dependency hub** supporting only
the active SDKs. It will be **cleaned and scoped down** to what is still
necessary for TrustZone/SGX development.
+**Action Items:**
+- Retain the repository to support SDK builds and examples
+- Remove:
+ - Crates no longer used by maintained SDKs or demos
+ - Redundant forks of crates that now work upstream
+- Preserve and maintain:
+ - Crates required by `incubator-teaclave-trustzone-sdk` or
`incubator-teaclave-sgx-sdk`
+
+### `incubator-teaclave-verification`
+
+**Current Status:**
+- Role: Experimental repo for formal verification methods
+- Activity: No active development or adoption
+- Maintenance: Unmaintained
+
+**Shift in Focus:**
+This repository will become a **historical archive** for early verification
efforts, preserved for transparency and reference.
+
+**Action Items:**
+- Archive the repository on GitHub (read-only)
+- Add a short README noting its archival status and rationale
+
+### Active SDKs
+
+These SDKs are actively maintained and form the core of Teaclave’s current
focus:
+- `incubator-teaclave-trustzone-sdk`
+- `incubator-teaclave-sgx-sdk`
+- `incubator-teaclave-java-tee-sdk`
+
+No changes are proposed at this time. Any future updates will be discussed in
separate threads.
\ No newline at end of file
diff --git a/site/docs/community/community.md b/site/docs/community/community.md
index c043c12f9..07af9cb50 100644
--- a/site/docs/community/community.md
+++ b/site/docs/community/community.md
@@ -22,10 +22,6 @@ an email to `[email protected]` (or
`[email protected]`) to subscribe (or unsubscribe) the dev
mailing list.
-## Discord
-
-Connect directly with Teaclave community members in Discord.
[[Join](https://discord.gg/ynECXsxm5P)]
-
## GitHub Issues
You can also ask questions, propose features, and report bugs in Teaclave's
@@ -43,12 +39,6 @@ we aim to create a project that is maintained and owned by
the community. All
kinds of contributions are welcome. Read this [contributing
document](/contributing/) to
learn more about how to contribute. Huge thanks to our
[contributors](/contributors/).
-## Event Calendar
-
-The Teaclave community organizes a number of public events, including monthly
-general online meetups. You can subscribe to the
-[public events
calendar](https://calendar.google.com/calendar/u/0/[email protected]).
-
## Reporting a Vulnerability
We take a very active stance in eliminating security problems in Teaclave. We
diff --git a/site/docusaurus.config.js b/site/docusaurus.config.js
index 162e64447..954383d18 100644
--- a/site/docusaurus.config.js
+++ b/site/docusaurus.config.js
@@ -165,15 +165,15 @@ const config = {
},
{ to: '/download', label: 'Download', position: 'right' },
{
- to: '/teaclave-docs',
+ to: '/overview',
label: 'Docs',
items: [
- { label: 'Teaclave', to: '/teaclave-docs/' },
{ label: 'Teaclave TrustZone SDK', to: '/trustzone-sdk-docs/' },
{ label: 'API Docs: Teaclave TrustZone SDK (Host)', href:
'https://teaclave.apache.org/api-docs/trustzone-sdk/optee_teec', target:
'_self', rel: '' },
{ label: 'API Docs: Teaclave TrustZone SDK (TA)', href:
'https://teaclave.apache.org/api-docs/trustzone-sdk/optee_utee', target:
'_self', rel: '' },
{ label: 'Teaclave SGX SDK', to: '/sgx-sdk-docs/' },
{ label: 'API Docs: Teaclave SGX SDK', href:
'https://teaclave.apache.org/api-docs/sgx-sdk/', target: '_self', rel: '' },
+ { label: 'Teaclave', to: '/teaclave-docs/' },
{ label: 'Teaclave FaaS (legacy)', to: '/docs/' },
],
position: 'right',
diff --git a/site/src/pages/index.js b/site/src/pages/index.js
index 0e412fef0..9fe21cbde 100644
--- a/site/src/pages/index.js
+++ b/site/src/pages/index.js
@@ -19,7 +19,7 @@ function HomepageHeader() {
<div className={styles.buttons}>
<Link
className="button button--secondary button--lg"
- to="/teaclave-docs/">
+ to="/overview/">
GET STARTED →
</Link>
</div>
diff --git a/site/src/pages/overview.md b/site/src/pages/overview.md
new file mode 100644
index 000000000..8b7a92e18
--- /dev/null
+++ b/site/src/pages/overview.md
@@ -0,0 +1,94 @@
+---
+permalink: /overview
+---
+
+# Teaclave: Empowering Memory-Safe Development for TEEs
+
+Welcome to the official website of Teaclave, an open-source initiative under
the [Apache Incubator](https://incubator.apache.org/). Teaclave empowers
developers to build memory-safe Trusted Applications across diverse
confidential computing platforms**, including **Intel SGX** and **Arm
TrustZone**.
+
+Originally designed as a general-purpose secure computing framework, Teaclave
has naturally evolved into a growing ecosystem of developer-friendly SDKs,
enabling direct development of custom Trusted Applications. This evolution is
driven by strong community adoption and contributions.
+
+This page serves as an overview and entry point to the entire Teaclave
ecosystem. Use it as a guide to explore SDKs, documentation, and useful
developer resources for building secure and efficient TEE-based applications.
+
+---
+
+## 🔧 The Teaclave Ecosystem
+
+The Teaclave ecosystem consists of several independently maintained
repositories, each targeting a specific Trusted Execution Environment (TEE).
These SDKs and supporting libraries provide essential tooling for building
secure applications in constrained environments using modern memory-safe
languages like Rust.
+
+---
+
+### 🔐 [Teaclave TrustZone
SDK](https://github.com/apache/incubator-teaclave-trustzone-sdk/)
+
+The Teaclave TrustZone SDK is a Rust-based development toolkit for building
Trusted Applications (TAs) on Arm platforms using the open-source
[OP-TEE](https://optee.readthedocs.io/) ecosystem. As the [**officially
recommended Rust SDK for
OP-TEE**](https://optee.readthedocs.io/en/latest/building/optee_with_rust.html),
it enables developers to leverage the Rust standard library (`std`) in the
secure world—something rarely possible in embedded TEE development.
+
+This SDK adheres to the GlobalPlatform TEE specifications, ensuring broad
compatibility. It provides ergonomic, memory-safe APIs for both the normal
world and the secure world, significantly reducing the risk of low-level memory
vulnerabilities. A ready-to-use QEMU-based emulator environment is also
included, allowing developers to rapidly prototype and test Trusted
Applications entirely in Docker containers.
+
+**📄 Quick Navigation Links**
+- [📘 Teaclave TrustZone Docs](/trustzone-sdk-docs)
+- [📚 API Doc For (Normal World) Host
Application](https://teaclave.apache.org/api-docs/trustzone-sdk/optee_teec/)
+- [📚 API Doc For (Secure World) Trust
Application](https://teaclave.apache.org/api-docs/trustzone-sdk/optee_utee/)
+- [🚀 Quick Start: TA Development on
QEMU](/trustzone-sdk-docs/emulate-and-dev-in-docker.md)
+- [🚀 Overview of OP-TEE Rust
Examples](/trustzone-sdk-docs/overview-of-optee-rust-examples)
+- [🔗 OP-TEE with Rust (using Teaclave TrustZone
SDK)](https://optee.readthedocs.io/en/latest/building/optee_with_rust.html)
+
+---
+
+### 🔐 [Teaclave SGX SDK](https://github.com/apache/incubator-teaclave-sgx-sdk/)
+
+The Teaclave SGX SDK brings memory-safe Rust programming to Intel SGX,
enabling the development of secure enclave applications that benefit from
Rust’s strong safety guarantees. It supports writing both enclaves and
untrusted host applications in Rust, encouraging consistent use of modern Rust
idioms across the entire trusted-untrusted boundary.
+
+The SDK offers a complete SGX-compatible runtime and tooling suite, bridging
the gap between native SGX support and idiomatic Rust development. It allows
developers to adopt Rust’s ownership model, type system, and concurrency safety
even within the limitations of SGX.
+
+**📄 Quick Navigation Links**
+- [📘 Teaclave SGX Docs](/sgx-sdk-docs/)
+- [📚 SGX Enclave API Doc](https://teaclave.apache.org/api-docs/sgx-sdk/)
+- [🚀 Setting up your SGX Development
Environment](/sgx-sdk-docs/environment-setup)
+
+---
+
+### 🔐 [Teaclave FaaS
(legacy)](https://github.com/apache/incubator-teaclave/tree/legacy)
+
+The original **Teaclave Function-as-a-Service (FaaS)** platform was designed
as a **general-purpose secure computing framework** that enables users to
execute private computations on confidential data using Intel SGX.
+
+As the field of confidential computing evolved, the Teaclave community
naturally shifted its focus. Developers increasingly preferred building their
own custom Trusted Applications directly using SDKs, rather than relying on a
general-purpose FaaS framework. This shift was reflected in contributor
activity, with most development and community engagement moving toward the
Rust-based TrustZone and SGX SDKs. As a result, the FaaS framework is no longer
actively maintained and has been archived.
+
+Although now considered **legacy**, the FaaS platform remains a valuable
milestone in Teaclave’s evolution into an SDK-focused ecosystem. Its
architecture demonstrates how to build a high-level, privacy-preserving compute
service on top of hardware-enforced TEEs. We preserve its documentation and
codebase history so that developers can continue to learn from its design and
implementation.
+
+**📄 Quick Navigation Links**
+- [📘 Teaclave FaaS (legacy) Docs](/docs/)
+- [📘 Papers, Talks, and Related Articles](/docs/papers-talks)
+
+---
+
+### ☕ [Teaclave Java TEE SDK
*(Experimental)*](https://github.com/apache/incubator-teaclave-java-tee-sdk/)
+
+The Teaclave Java TEE SDK is an **experimental toolkit** for building
Java-based Trusted Applications on Intel SGX. It follows a familiar
host/enclave partitioning model, similar to Intel's official SGX SDK, and aims
to make confidential computing more accessible to Java developers.
+
+By supporting a modular structure with clear separation between host-side and
enclave-side components, this SDK helps bring the benefits of hardware-based
trusted execution to Java ecosystems. It also adopts a provider interface
inspired by the Java SPI (Service Provider Interface) model to facilitate
pluggability and flexibility in enclave logic.
+
+> ⚠️ Note: This SDK is still in an experimental stage.
+
+**📄 Quick Navigation Links**
+- [📘 Java TEE SDK Proposal](/blog/2022/10/08/accepting-java-enclave-proposal)
+
+---
+
+### 📦 [Teaclave Dependency
Crates](https://github.com/apache/incubator-teaclave-crates)
+
+The Teaclave Dependency Crates repository hosts a curated set of Rust
libraries that have been adapted for use within Trusted Execution Environments.
Due to the limitations of TEEs—such as the absence of standard OS support,
restricted I/O, and incomplete standard library coverage—many third-party
crates require modification or isolation to ensure safety and compatibility.
+
+This repository serves as a security-reviewed foundation for TEE application
development, offering vetted versions of widely-used crates like `rustls` and
`ring`, reworked for secure enclave execution. It significantly simplifies the
dependency management process for developers building within these constrained
environments.
+
+---
+
+## 👥 Community Management
+
+We welcome all contributors to help grow the Teaclave project and ecosystem.
Whether you're new to trusted computing or an experienced contributor, your
involvement is highly valued.
+
+Please visit the [**Community**](/community) page for more details on how to
participate and contribute.
+
+**📄 Quick Navigation Links**
+- [🚀 How to Contribute to Teaclave](/contributing)
+- [🚀 How to Become a Member of Teaclave](/becoming-a-member)
+- [🚀 How to Make a Release](/release-guide)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
