Client Web Library

1. Introduction

The TypeScript library is used for communicating with the Sharemind HI Server from the browser and from NodeJS. Please note that the users of the browser have no realistic way of validating that the JavaScript of the web page is the audited version. If this is a problem, you should consider switching to a different technology for the client application.

Restrictions in comparison with the C++ library:

  • Confidential data, which shall be uploaded into a topic or downloaded from a topic, needs to be small enough to fit into the JavaScript heap. The C++ library can stream data from and to the disk, hence is just bounded by the available disk space.

2. Installation

The TypeScript Library is currently only distributed in a custom way, negotiated with the application developer. We only tested the library with webpack.

The package contains a README.md file which explains how it can be consumed. It touches on the topics of a gRPC-web proxy, creating TLS keys for developing on https://localhost, extra server configuration and how to activate the web library in the default task enclave project.

3. Operations

The main object is Session which can be imported as follows:

// "hi-web-client" or any other name you used in packages.json when importing it,
// e.g. `{ "dependencies": { "hi-web-client": "file:../../web-client" } }`.
import { Session } from "hi-web-client";

Its interface provides most of the relevant functions to communicate with the Sharemind HI Server. It does not support downloading the audit log and audit log key, yet. The class Session is initialized with a set of configuration options which resemble the configuration file of the CLI client.

class Session {
    // Manual remote attestation
    remoteAttestation(): Promise<void>;

    // Enforcer: Approve the DFC
    dataflowConfigurationApprove(...): Promise<void>;

    // Producer: Upload data
    dataUpload(...): Promise<bigint>;

    // Consumer: Download data
    dataDownload(...): Promise<Uint8Array>;

    // Task Runner: Run the task
    taskRun(...): Promise<mt.TaskInstance>;
    query(...): Promise<Uint8Array>

    // All stakeholders: Query information about a task instance
    taskWait(...): Promise<void>;
    taskStatus(...): Promise<mt.TaskInstance>;

    // Note: Audit log operations are not supported
    // in the web client, yet.
}