Readme & Docs Revamp #423
Open
Readme & Docs Revamp #423
+4,169
−2,482
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Add ALCHEMY_API_KEY to prerequisites and deploy command - Add KMS_CONTRACT_ADDRESS export after deployment (critical fix) - Clarify KMS_CONTRACT_ADDR vs KMS_CONTRACT_ADDRESS usage - Add sample outputs for all commands - Add compose hash computation instructions - Add cross-references to related docs - Writing guide: add procedural documentation section 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add auth-simple as a production-ready alternative to auth-eth for operators who prefer config-file-based whitelisting over on-chain governance. New components: - kms/auth-simple/: Hono-based webhook server with Zod validation - kms/dstack-app/compose-simple.yaml: KMS compose for external auth - kms/dstack-app/deploy-simple.sh: Deploy script for auth-simple mode Auth server ecosystem: - auth-simple: Config-file whitelisting (production, centralized) - auth-eth: Smart contract governance (production, decentralized) - auth-mock: Always allows (dev/testing only) Documentation: - docs/deployment.md: Simplified auth-simple config for initial deploy - docs/auth-simple-operations.md: Day-to-day operations guide 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The http-client-unix-domain-socket library requires a Host header for HTTP/1.1 requests over Unix sockets. Without it, requests return 400 Bad Request. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
SDK Documentation: - Rewrite all SDK READMEs (Python, JS, Rust, Go) for concise style - Add HTTP API reference section to sdk/README.md - Fix curl API docs (invalid JSON, mark Sign/Verify as unreleased) - Test all SDK code snippets against live dstack.sock Main README: - Add chat.redpill.ai as "Try it now" entry point - Add HTTP API link in SDKs section Security Documentation: - Split security.md into security-model.md and security-best-practices.md - Update AI docs (inference, agents, training) for TEE-agnostic language 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Consolidate inference, training, and agents docs into a single confidential-ai.md guide. Covers the four protection layers (TLS in CVM, CPU memory, GPU memory, disk encryption), includes mermaid diagrams, and links to working examples. Also update WRITING_GUIDE.md with generic documentation principles. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use Cases: point to single confidential-ai.md instead of separate inference.md, agents.md, training.md - Fix security.md → security-model.md (file was renamed) - Add security-best-practices.md to Reference section - Delete old docs: inference.md, agents.md, training.md 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add .agent/GPU_TEE_DEPLOYMENT.md with learnings from deploying GPU workloads to Phala Cloud: - Instance types (tdx.* for CPU, h200.* for GPU) - Docker Compose GPU configuration - vLLM and vllm-proxy setup - Debugging commands and common issues 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
- Move security-model.md, security-best-practices.md, and cvm-boundaries.md to docs/security/ subdirectory - Add docs/security/README.md as security landing page with responsible disclosure policy - Add dedicated Security section to main README with links to all security docs - Add base image link to meta-dstack releases in README - Add proof.t16z.com context explaining it's Phala's TEE attestation explorer - Fix broken link in deployment.md (security-guide → security-model) - Promote security audit to top of security-best-practices.md - Rename "Dstack Logo Kit" to "dstack-logo-kit" to avoid URL encoding issues - Remove dangling KNOWN_ISSUES.md reference from Rust SDK README 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add developer-focused framing that highlights what can be built with confidential AI without being pitchy. Covers private inference, training on sensitive data, and trustworthy agents. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add practical verification guide covering: - Visual verification with proof.t16z.com - Programmatic verification via guest agent API - Links to comprehensive docs at docs.phala.network Reorganize README documentation section by audience: - For Developers: building apps on dstack - For Operators: running dstack infrastructure - Reference: specifications and CLI reference 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add FAQ section covering: - Why not use cloud provider TEEs directly (with comparison table) - Difference from SGX/Gramine - Performance overhead - Production readiness - Hardware support - Verification process Consolidate media kit to single line. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add BibTeX citation for the dstack paper: "Dstack: A Zero Trust Framework for Confidential Containers" (arXiv:2509.11555) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add precedence override for openzeppelin-foundry-upgrades and forge-std to handle invalid SPDX expressions in vendored dependencies - Add missing annotations for kms/auth-simple config files - Add override for scripts/add-spdx-attribution.py to prevent false positive SPDX detection from script content 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove dangerous `danger_accept_invalid_certs(true)` - gateway uses valid certs. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR revamps the readme and docs in dstack repo with the following goals: