{"id":51025404,"url":"https://github.com/edycutjong/lethe","last_synced_at":"2026-06-21T19:01:56.737Z","repository":{"id":366082881,"uuid":"1274988267","full_name":"edycutjong/lethe","owner":"edycutjong","description":"🌊 Autonomous right-to-erasure agent protecting PII via secure TEE enclaves and network egress blinding.","archived":false,"fork":false,"pushed_at":"2026-06-20T08:03:05.000Z","size":1929,"stargazers_count":0,"open_issues_count":20,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-20T08:09:48.596Z","etag":null,"topics":["compliance","cryptography","gdpr","intel-tdx","nextjs","privacy","rust","tee","webassembly"],"latest_commit_sha":null,"homepage":"https://lethe.edycu.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/edycutjong.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-06-20T05:41:29.000Z","updated_at":"2026-06-20T08:00:35.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/edycutjong/lethe","commit_stats":null,"previous_names":["edycutjong/lethe"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/edycutjong/lethe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Flethe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Flethe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Flethe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Flethe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/edycutjong","download_url":"https://codeload.github.com/edycutjong/lethe/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edycutjong%2Flethe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34622271,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-21T02:00:05.568Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["compliance","cryptography","gdpr","intel-tdx","nextjs","privacy","rust","tee","webassembly"],"created_at":"2026-06-21T19:01:55.467Z","updated_at":"2026-06-21T19:01:56.732Z","avatar_url":"https://github.com/edycutjong.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"docs/icon-animated.svg\" alt=\"Lethe Logo\" width=\"120px\"\u003e\n\n \u003ch1\u003eLethe 🌊\u003c/h1\u003e\n \u003cp\u003e\u003cem\u003eAutonomous right-to-erasure agent protecting PII via secure TEE enclaves and network egress blinding.\u003c/em\u003e\u003c/p\u003e\n \u003cimg src=\"docs/readme-hero-animated.svg\" alt=\"Lethe Readme Hero\" width=\"100%\"\u003e\n\n \u003cbr/\u003e\n\n [![Live Demo](https://img.shields.io/badge/πŸš€_Live-Demo-06b6d4?style=for-the-badge)](https://lethe.edycu.dev)\n [![Agent API](https://img.shields.io/badge/πŸ€–_Agent-API-06b6d4?style=for-the-badge)](https://agent.lethe.edycu.dev)\n [![Pitch Video](https://img.shields.io/badge/🎬_Pitch-Video-ef4444?style=for-the-badge)](https://youtu.be/lethe-demo-video)\n [![Pitch Deck](https://img.shields.io/badge/πŸ“Š_Pitch-Deck-f59e0b?style=for-the-badge)](https://lethe.edycu.dev/pitch.html)\n [![Built for T3ADK](https://img.shields.io/badge/DoraHacks-T3ADK_Launch_2026-8b5cf6?style=for-the-badge)](https://dorahacks.io/hackathon/t3adkdevchallenge)\n\n \u003cbr/\u003e\n\n ![Next.js 16](https://img.shields.io/badge/Next.js_16-black?style=flat\u0026logo=next.js)\n ![React 19](https://img.shields.io/badge/React_19-61DAFB?style=flat\u0026logo=react\u0026logoColor=black)\n ![TypeScript](https://img.shields.io/badge/TypeScript-3178C6?style=flat\u0026logo=typescript\u0026logoColor=white)\n ![Tailwind v4](https://img.shields.io/badge/Tailwind_v4-38B2AC?style=flat\u0026logo=tailwindcss\u0026logoColor=white)\n ![Rust WASM](https://img.shields.io/badge/Rust_WASM-000000?style=flat\u0026logo=rust\u0026logoColor=white)\n ![Solidity](https://img.shields.io/badge/Solidity-363636?style=flat\u0026logo=solidity\u0026logoColor=white)\n ![Express](https://img.shields.io/badge/Express-000000?style=flat\u0026logo=express\u0026logoColor=white)\n ![Intel TDX](https://img.shields.io/badge/Intel_TDX-0071C5?style=flat\u0026logo=intel\u0026logoColor=white)\n ![Terminal 3](https://img.shields.io/badge/T3_ADK-8b5cf6?style=flat)\n [![CI](https://github.com/edycutjong/lethe/actions/workflows/ci.yml/badge.svg)](https://github.com/edycutjong/lethe/actions/workflows/ci.yml)\n [![npm sdk version](https://img.shields.io/npm/v/@edycutjong/lethe-sdk.svg?style=flat\u0026logo=npm\u0026color=cba258)](https://www.npmjs.com/package/@edycutjong/lethe-sdk)\n [![npm cli version](https://img.shields.io/npm/v/@edycutjong/lethe-cli.svg?style=flat\u0026logo=npm\u0026color=cba258)](https://www.npmjs.com/package/@edycutjong/lethe-cli)\n\n\u003c/div\u003e\n\n---\n\n\u003e ⚑ **Reviewers / judges:** fastest path is **[GOLDEN_PATH.md](docs/GOLDEN_PATH.md)** β€” the entire flow in ~2 minutes, **no credentials**. Bug-bounty track: **[SDK_AUDIT.md](docs/SDK_AUDIT.md)** (confirmed, code-cited findings from the real `@terminal3` SDK).\n\n## πŸ“Έ See it in Action\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"ui/public/og-image.png\" alt=\"Lethe Dashboard\" width=\"100%\"\u003e\n\u003c/div\u003e\n\n\u003e **Onboard Wallet** β†’ **Authorize Agent Delegation** β†’ **Batch Fund x402 Micropayments** β†’ **Trigger Blinded Erasure Loop** β†’ **Cryptographic Purge \u0026 Self-Destruct**.\n\n---\n\n## πŸ’‘ The Problem \u0026 Solution\n\nSophie Miller discovered her phone number, physical address, and SSN listed on dozens of public data-broker sites. When she attempted to exercise her legal right to be deleted (GDPR Art. 17 / CCPA), she was met with a paradox: opt-out portals demanded that she upload *more* sensitive credentialsβ€”like a full SSN scan and utility billsβ€”to verify her identity. These opt-out systems are centralized data honeypots. If any broker or the crawler agent routing the request gets breached, Sophie's PII is leaked. \n\n**Lethe** solves this paradox. Sophie encrypts her PII locally in her browser. The coordinator agent routes the request but remains blind. Decryption and validation happen exclusively inside the hardware-isolated TEE secure enclave, and the final webhook dispatches the data securely replacing placeholder markers at the secure edge.\n\nUpon campaign completion, Lethe triggers a self-destruct sequence to zeroize its own volatile memory and de-authorize session DID tokens. **The last act of the agent is to forget you.**\n\n### Key Features:\n- πŸ›‘οΈ **Intel TDX Secure TEE Enclaves**: Decrypts user PII envelopes and processes erasures inside isolated hardware boundaries.\n- πŸ”’ **Zero-Knowledge Proofs**: Groth16 proofs verify ownership of emails/SSNs offline before executing deletion request webhooks.\n- ⚑ **Egress Placeholder Blinding**: Uses `http-with-placeholders` API to blind unsecure network layers and route requests securely.\n- πŸ”‘ **x402 Micropayments**: Requires verified micropayment hashes for each request to protect broker APIs from spam.\n- πŸ’€ **Zeroization \u0026 Purging**: The final act of the agent is to zeroize private keys in RAM and trigger `user-removal` to wipe delegation sessions.\n\n---\n\n## πŸ—οΈ Architecture \u0026 Tech Stack\n\n| Layer | Technology |\n|---|---|\n| **Dashboard UI** | Next.js 16 (App Router), React 19, Tailwind CSS v4 |\n| **Coordinator Agent** | Node.js, Express, TypeScript, Ethers.js |\n| **Secure Enclave** | Intel TDX TEE |\n| **TEE Contract** | Rust compiled to WebAssembly WASIP2 (`wasm32-wasip2`) |\n| **Client SDK** | TypeScript, `secp256k1` (ECDH), `aes-256-gcm` |\n| **CLI Tool** | Node.js, Commander.js |\n| **E2E Testing** | Playwright |\n| **Performance Audit** | Lighthouse CI |\n\n### Enclave Egress Flow:\n```mermaid\nsequenceDiagram\n participant Client as Client SDK (Browser)\n participant Agent as Coordinator Agent (Blind)\n participant TEE as TEE Contract (Intel TDX)\n participant Broker as Data Broker API\n\n Client-\u003e\u003eAgent: ECIES Envelope + ZK Proof\n Note over Agent: Agent sees only ciphertext β€”\u003cbr/\u003ezero plaintext exposure\n Agent-\u003e\u003eTEE: executeAndDecode(envelope, proof)\n Note over TEE: Decrypts PII inside\u003cbr/\u003ehardware-isolated enclave\n TEE-\u003e\u003eBroker: DELETE /gdpr/delete\u003cbr/\u003e{{profile.email}} β†’ sophie@…\u003cbr/\u003e(Placeholders resolved at edge)\n Broker--\u003e\u003eTEE: 200 OK + Deletion Confirmation\n TEE--\u003e\u003eAgent: Signed Verifiable Credential (VC)\n Agent--\u003e\u003eClient: Evidence Receipt\n```\n\n---\n\n## πŸ›‘οΈ Sponsor Host API Integration Defense\n\nLethe utilizes 6 host API namespaces from the **Terminal 3 Agent Dev Kit (ADK)**:\n\n1. **`user-removal`:** Coordinates physical de-authorization of the delegation session DID, deleting credentials from the host ledger.\n2. **`http-with-placeholders`:** Executes blind HTTP egress webhook calls by replacing placeholdered variables inside the secure TLS tunnel.\n3. **`user-profile`:** Retrieves isolated encrypted customer profile data at rest.\n4. **`signing`:** Enclave-side signing service used to generate signed W3C Verifiable Credentials proving erasure receipt validation.\n5. **`kv-store`:** Namespace-isolated key-value maps (`lethe:broker`, `lethe:job`, `lethe:evidence`) storing broker templates and execution records.\n6. **`authorisation`:** Verifies broker grid delegation signatures against tenant registries.\n\n---\n\n## πŸš€ Getting Started\n\n### Prerequisites\n- Node.js \u003e= 20.9.0\n- Python \u003e= 3.11\n- Rust \u003e= 1.75\n- target wasm32-wasip2:\n ```bash\n rustup target add wasm32-wasip2\n ```\n\n### Installation \u0026 Local Setup\n\n1. **Clone the repository:**\n ```bash\n git clone https://github.com/edycutjong/lethe.git\n cd lethe\n ```\n\n2. **Install all dependencies:**\n ```bash\n make bootstrap\n ```\n\n3. **Compile and Build all components:**\n ```bash\n make build\n ```\n\n4. **Setup Environment:**\n ```bash\n cp .env.example .env\n ```\n\n5. **Run Dashboard UI:**\n ```bash\n cd ui \u0026\u0026 npm run dev\n ```\n\n---\n\n## πŸ§ͺ Testing \u0026 CI\n\nWe enforce a **6-stage pipeline**: Quality β†’ Security β†’ Build β†’ E2E β†’ Performance β†’ Deploy.\n\n```bash\n# ── Workspace Automation ─────────────────────\nmake ci # Run full code quality pipeline (lint, typecheck, tests)\nmake e2e # Run Playwright E2E tests (demo mode)\nmake lighthouse # Run Lighthouse CI performance audit\nmake security-scan # Run high/critical security scan\nmake check-readiness # Run the official readiness suite check\nmake verify-offline # Run the enclave PII leak offline verification\n```\n\n| Layer | Tool | Status |\n|---|---|---|\n| Code Quality | ESLint + TypeScript | βœ… Passed |\n| Unit Testing | Jest (Agent) + Cargo test (Contract) | βœ… Passed |\n| E2E Testing | Playwright (3 suites) | βœ… Passed |\n| Security (SAST) | CodeQL | βœ… Active |\n| Security (SCA) | Dependabot + npm audit | βœ… Clean |\n| Secret Scanning | TruffleHog | βœ… Configured |\n| Performance | Lighthouse CI | βœ… Configured |\n\n---\n\n## πŸ“ Project Structure\n\n```\nlethe/\nβ”œβ”€β”€ docs/ # README assets (hero, pitch deck, mockup)\nβ”‚ β”œβ”€β”€ readme-hero.png\nβ”‚ └── readme.png\nβ”œβ”€β”€ sdk/ # TypeScript SDK (@edycutjong/lethe-sdk)\nβ”œβ”€β”€ contract/ # Rust WASM Component Contract source\nβ”œβ”€β”€ agent/ # Node.js Coordinator Agent\nβ”‚ β”œβ”€β”€ src/index.test.ts # Jest Integration tests\nβ”‚ └── src/index.ts # Agent logic\nβ”œβ”€β”€ ui/ # Next.js Dashboard App\nβ”‚ β”œβ”€β”€ e2e/ # Playwright E2E tests\nβ”‚ └── src/app/ # Dashboard pages\nβ”œβ”€β”€ cli/ # @edycutjong/lethe-cli executable\nβ”œβ”€β”€ scripts/ # Seeding, verification and leak checks\nβ”œβ”€β”€ Makefile # Local Automation targets\nβ”œβ”€β”€ package.json # Workspace script coordinator\n└── README.md # You are here\n```\n\n---\n\n## 🧠 Terminal 3 ADK Dev Challenge: Audit \u0026 Discovered Bugs\n\nThis project is submitted to the **Terminal 3 ADK Dev Challenge 2026** as part of the **Vouch Suite** (a 5-enclave system including Epoch, Lethe, Silo, Synod, and Visor).\n\nWhile building these enclaves we audited the T3 ADK host APIs and SDK and documented **10 concrete onboarding bugs and documentation gaps** β€” each with a repro, impact, and the workaround we shipped β€” for the **Track 2 bug bounty**.\n\n➑️ **See [BUGS.md](BUGS.md)** for the full audit. Highlights for Lethe:\n\n- **Bug #2 β€” `kv-store` interface discrepancy:** WIT declares `get(map-name, key)` but the C ABI is flat `(key_ptr, key_len)` (Lethe `scan`s deletion campaigns through the flat shape).\n- **Bug #4 β€” `signing` has no VC helper:** templates call `host_signing_issue_vc`, but WIT only exposes raw `sign` (Lethe issues a deletion-proof VC per broker).\n- **Gap #8 / #9 β€” rollback boundary \u0026 `outbox` idempotency window** are unspecified β€” both affect the erasure campaign's all-or-nothing guarantee.\n- **Gap #10 β€” `user-removal` ordering vs. in-flight egress** is undocumented β€” Lethe's self-destruct must run strictly after the last PII-blind broker request resolves.\n\n---\n\n## πŸ“„ License\n\n[MIT](LICENSE) Β© 2026 Edy Cu\n\n---\n\n## πŸ™ Acknowledgments\n\nBuilt for the DoraHacks T3ADK Launch Edition 2026. Thank you to the Terminal 3 team for the enclaves environment and development tools.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedycutjong%2Flethe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fedycutjong%2Flethe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedycutjong%2Flethe/lists"}