Ever wondered how secure your projects and algorithms really are while development and deployment on a server?
When you deploy code to a standard server, it sits there in plaintext—accessible to anyone with root access, physical access to the disk, or a lucky exploit.
To solve this problem, we’re excited to introduce the ENC Project—a secure, encrypted execution environment that ensures only you can access and manage your projects, from anywhere.
Follow these steps to get your ENC ecosystem up and running in minutes.
If you don't already have an SSH key, generate one:
ssh-keygen -t ed25519 -f ~/.ssh/enc_admin_key -N ""Clone the project along with its submodules:
git clone --recurse-submodules https://github.com/Pranjalab/enc.git
cd encNavigate to the server directory and configure your environment:
cd enc-server
# 1. Setup Environment Variables
# Create a .env file (or copy the example)
echo "ADMIN_PASSWORD=your_secure_password" > .env
echo "ENC_SESSION_TIMEOUT=600" >> .env
# 2. Setup SSH Keys
mkdir -p ssh/host_keys
touch ssh/authorized_keys
chmod 600 ssh/authorized_keys
# 3. Add your Public Key to Server (Crucial!)
# This allows the server to recognize your key
cat ~/.ssh/enc_admin_key.pub >> ssh/authorized_keys
# 4. Deploy
# Check/Update docker-compose.yml if needed (e.g., ports)
docker compose up --build -dThe server is now running on port 2222 (default) and has authorized your key.
Now, install the client on your local machine:
cd ../enc-cli
# 1. Install the CLI
# Use 'pip install .' for standard install or '-e .' for editable mode
pip install .
# 2. Install Dependencies & Setup
# This helper command checks for SSHFS and sets up config directories
enc installConnect your client to the server:
# 1. Configure the connection
enc init
# Follow the prompts:
# - URL: http://localhost:2222 (or your server IP)
# - Username: admin
# - SSH Key: /path/to/private/key (e.g., ~/.ssh/enc_admin_key)
# 2. Login
enc login
# Enter the password you set in ADMIN_PASSWORD
# 3. Explore
enc --helpENC is designed to protect your intellectual property and sensitive logic by ensuring your code is always encrypted at rest and only decrypted in memory during active execution.
The system consists of two main components:
- 🔐 ENC Server: A hardened, SSH-based fortress that hosts your encrypted vaults. It can be deployed anywhere (AWS, VPS, On-Prem) and ensures that even the server administrator cannot peek into your project files.
- 💻 ENC Client (
enc-cli): A powerful CLI tool that runs on your local machine. It creates a secure tunnel to the server, managing encryption keys and allowing you to work on your projects seamlessly.
We are constantly evolving ENC to make it the standard for secure engineering.
- Smart Git Synchronization: Auto-commit logic that encrypts secrets before pushing to public repos.
- VS Code Extension: Native integration to manage, mount, and edit projects directly from your IDE.
- Team Vaults: Shared encrypted workspaces for secure team collaboration.
- Compliance Audit Logs: Detailed, exportable logs of every access event for enterprise compliance.
Note: For a quick setup, refer to the Quick Start section above.
You need an ENC Server to host your projects. You can run one on your local machine for testing or deploy it to a remote VPS. 👉 Read the Server Setup Guide
Install the enc CLI to communicate with your server.
👉 Read the Client Installation Guide
Requirement: Mounting requires
sshfs. Ensure it is installed (brew install sshfs).
For more detailed instructions, check the component-specific documentation:
- Server Documentation: Deployment, User Management, Architecture.
- Client Documentation: Command Reference, Configuration, SSH Keys.
| Use Case | Description | Status | Documentation |
|---|---|---|---|
| Host Your Own Server | Run your ENC server and access projects securely from anywhere. | ✅ Available | Guide |
| Secure Collaboration | Provide limited access to interns/contributors without IP leakage. | ✅ Available | Guide |
| Client-Side Deployment | Execute encrypted projects on client servers using RAM-only decryption. | 🚧 Upcoming | Guide |
| Git Synchronization | Auto-commit ENC project changes to Git repositories. | 🚧 Upcoming | Guide |
We provide a complete, searchable documentation site built with Sphinx. View Live Documentation
- 🚀 Quick Start: Get up and running in minutes.
- ✨ Features & Roadmap: Learn about our security model and upcoming VS Code integration.
- 🤝 Collaboration: Read our origin story and how to contribute.
We welcome contributions! Whether it's reporting a bug, suggesting a feature, or writing code, your help is appreciated.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Pranjal Bhaskare
Special thanks to the open-source tools that make this possible:
This project is licensed under the MIT License - see the LICENSE file for details.