Skip to content

Files

Latest commit

 

History

History
69 lines (43 loc) · 5.5 KB

README.md

File metadata and controls

69 lines (43 loc) · 5.5 KB

IronCore Labs Alloy SDK

Mentioned in Awesome Security Solutions for AI Systems

The Alloy SDK brings together a set of tools that you can use for your different Application Layer Encryption needs. It unifies functionality that was provided in our SaaS Shield Tenant Security Client (TSC) SDKs and our new Cloaked AI tools in a single library that you can include in your application. This library provides tools to encrypt data using standard, deterministic, and vector encryption algorithms.

Whether you are handling structured or unstructured documents, fields that are stored in a relational database or key value store, vectors that are stored in a vector database, or some combination of these, the Alloy SDK provides the tools you need to protect the private or sensitive data your apps process.

Language Support

This SDK was written in Rust and is using uniffi to generate the foreign language bindings. If your language is not listed above, feel free to open an issue and we can take a look!

Getting Started

Follow the links above to get the latest version for the appropriate language. You can see the examples on our main docs site here. We also have specific vector database integration examples for our Cloaked AI functionality showing how to protect embeddings in various vector databases.

Prerequisites

Across all languages:

  • glibc 2.29+

Building Locally

  • cargo t --release will build Kotlin and Python bindings as well as run Rust and foreign code integration tests. It'll leave the binding project's directories in a state that they could be released from. This requires Python and Kotlin infrastructure to be installed.
  • cargo t will do almost the same faster but will leave the binding project's directories in an inefficient form not to be released.
  • cargo t --lib will build and run only the Rust tests, not integration tests. This doesn't require any Python or Kotlin infrastructure to be installed. This is used in Rust CI.

This project defaults to compiling with the metadata feature on for now, but --no-default-features will turn it off and the resulting foreign library will not have the metadata ops in it. --no-default-features could be used by a Rust SDK consumer if they don't want metadata functionality.

After either of the non---lib cargo commands have been run, the Kotlin and Python project directories will be in a state that you can play around with them as though they were native libraries of that language.

  • cd kotlin; ./gradlew test will manually run only the Kotlin tests.
  • cd python/ironcore-alloy; hatch run test:test will manually run only the Python tests.
  • See python/ironcore-alloy/README.md for more information about manually releasing that package and other available hatch commands.

Integration Tests

Running tests with the integration_tests feature flag enables SaaS Shield integration tests. These require a TSP running at http://localhost:32804 with the configuration provided in tests/demo-tsp.conf. This can be started by running docker compose up from the tests directory.

Run tests:

cargo test --features integration_tests

Benchmarks

We provide benchmarks of ironcore-alloy in Rust, Kotlin, Java, and Python. These benchmark folders each contain a Docker Compose file that will start up a TSP with a predefined configuration for testing purposes.

Cryptography Notice

This repository includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See https://www.wassenaar.org/ for more information.

The U.S. Government Department of Commerce, Bureau of Industry and Security (BIS), has classified this software as Export Commodity Control Number (ECCN) 5D002, which includes information security software using or performing cryptographic functions. The form and manner of this distribution makes it eligible for export under the License Exception ENC (see the BIS Export Administration Regulations, Section 740.17.B.3.i.B and also the publicly available source code exemption, under 742.15; notice has been given to BIS and NSA).

License

ironcore-alloy is licensed under the GNU Affero General Public License. We also offer commercial licenses - email for more information or check pricing on our website.