Upload a JAR Executable
The entire purpose of VaultCode is to run custom code in a secure, attested environment. For that, you upload JAR executables to VaultCode. These JARs contain your own code.
Upload JAR File
Let's assume the executable is stored in /path/to/code.jar.
Upload the JAR by calling POST /api/v1/upload_execution_code:
JAR=/path/to/code.jar
curl "https://demo-vaultcode.securosys.com/api/v1/upload_execution_code" --form "file=@${JAR};type=application/java-archive"
You can use the example JARs.
What JAR is Currently Loaded?
In a single VaultCode instance, only one JAR can be loaded at any given time. If you want to run multiple different JARs, you have two options:
- Deploy multiple instances of VaultCode.
- Before each execution, swap out the loaded JAR by uploading a new one.
To find out which JAR is currently loaded, you can query the SHA-256 hash of the loaded JAR by calling
GET /api/v1/get_evidence.
The hash is given by the executionCodeFingerprint field.
curl "https://demo-vaultcode.securosys.com/api/v1/get_evidence"
To also decode the JSON and extract the hash:
curl --silent "https://demo-vaultcode.securosys.com/api/v1/get_evidence" | jq --raw-output ".executionCodeFingerprint" | base64 --decode
This hash has the same value as the output of sha256sum $JAR.
Next Steps
- Execute the JAR with custom input, and obtain the attested output.
- Set up access control to limit which JARs can be uploaded.