# Deploy TEE program on WeTEE

## Prepare machines that support SGX

CPU Support

* Intel 8th generation (Cannon Lake) Core i3, i5, i7, and i9 processors
* Intel 9th generation (Cascade Lake) Core i3, i5, i7, and i9 processors
* Intel 10th generation (Comet Lake) Core i3, i5, i7, and i9 processors
* 2nd Generation Xeon Scalable processors (Cascade Lake) and later generations generally provide - SGX capabilities.

## Install Ubuntu 20.04/22.04 and the ego programming environment

1\. Install base pkg

```
sudo apt install curl build-essential libssl-dev
```

2\. Install sgx repp key

```
sudo curl -s https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo tee /etc/apt/keyrings/intel-sgx-keyring.asc > /dev/null
sudo echo "deb [signed-by=/etc/apt/keyrings/intel-sgx-keyring.asc arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu focal main" | sudo tee /etc/apt/sources.list.d/intel-sgx.list
```

3\. Install sgx driver

```
sudo apt-get update && sudo1 apt-get install -y libsgx-dcap-ql libsgx-dcap-default-qpl  libsgx-enclave-common 
```

```
sudo mkdir -p /etc/apt/keyrings
wget -qO- https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | sudo tee /etc/apt/keyrings/intel-sgx-keyring.asc > /dev/null
echo "deb [signed-by=/etc/apt/keyrings/intel-sgx-keyring.asc arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/intel-sgx.list
sudo apt update
EGO_DEB=ego_1.5.3_amd64_ubuntu-$(lsb_release -rs).deb
wget https://github.com/edgelesssys/ego/releases/download/v1.5.3/$EGO_DEB
sudo apt install ./$EGO_DEB build-essential libssl-dev
```

## Initialize a Golang project

```
go mod init xxx/ego-demo
```

## Add SGX SDK to the project

```
go get github.com/wetee-dao/libos-entry@v0.1.0
```

## Write demo code named hello

```go
package main

import (
	"net/http"

	"github.com/wetee-dao/libos-entry/entry/ego"
)

func main() {
	// ADD TEE sdk
	err := ego.InitEgo()
	if err != nil {
		panic(err)
	}

	http.HandleFunc("/", resourceHandler)
	err = http.ListenAndServe(":8999", nil)
	if err != nil {
		panic(err)
	}
}

func resourceHandler(w http.ResponseWriter, req *http.Request) {
	w.WriteHeader(http.StatusOK)
	w.Write([]byte("hello world"))
}

```

## Compile into a binary program

```bash
ego-go build hello.go
```

## Sign the binary program

```bash
ego sign hello
```

## Run the program using ego

```bash
ego run hello
```

## Edit Dockerfile and build docker

```docker
FROM registry.cn-hangzhou.aliyuncs.com/wetee_dao/ego-ubuntu-deploy:22.04
WORKDIR /

# Add the hello 
ADD hello  /hello
# Add the hello end

EXPOSE 8999 65535

ENTRYPOINT ["/bin/sh", "-c" ,"ego run hello"]
```

```bash
docker build xxxx/ego-hello:dev .
docker push xxxx/ego-hello:dev
```

## Deploy to WeTEE

Open <https://dapp.wetee.app><br>

<figure><img src="https://2731380998-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FBCY2ACfOkYK1uP9KWub2%2Fuploads%2FxSkFTxoi2QfFMWDpxdtT%2Fimage.png?alt=media&#x26;token=ce6552a8-fb38-4757-b509-b69a6f4b6c01" alt=""><figcaption></figcaption></figure>

Add SGX Confidential Service

[**TEE type select SGX**](#user-content-fn-1)[^1]

<figure><img src="https://2731380998-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FBCY2ACfOkYK1uP9KWub2%2Fuploads%2FfW4zMSLaCxM2hOsZRSgV%2Fimage.png?alt=media&#x26;token=af1baf5a-a3a0-450c-8bfa-575594732c76" alt=""><figcaption></figcaption></figure>

Click Deploy&#x20;

[^1]: