Get started¶

Caution is a verifiable compute platform for deploying confidential workloads to secure enclaves. This guide walks you through creating an account, installing the CLI, and deploying your first application. It takes about 10 minutes to complete.

Prerequisites¶

Before you begin, ensure you have the following:

Install the CLI¶

Follow the installation instructions in the CLI README.

Create an account¶

Account creation requires a valid alpha access code and a smart card. You can register via the browser or the CLI.

Your smart card will need to have a FIDO pin set on it.

caution register --alpha-code <your_code>

If you do not have an alpha access code, request one at info@caution.co.

Add an SSH key¶

Register your SSH key with Caution to authenticate deployments:

caution ssh-keys add --from-agent

You can also add an SSH key in the browser.

Select an application¶

You can deploy your own containerized application or use one of the Caution demo apps. For this guide, we'll use the hello-world-enclave:

git clone https://codeberg.org/caution/demo-hello-world-enclave.git
cd demo-hello-world-enclave

Initialize the application¶

Run caution init to capture the build environment and lock it for reproducible enclave builds:

caution init

This creates a Procfile that defines how to run your application and which ports to expose. If you're using one of Caution's demo apps, a Procfile is already included. If you're deploying your own application, you'll need to create one—see the Procfile reference.

Deploy the application¶

Push the code to Caution:

git push caution main

Caution builds a reproducible enclave image and provisions the TEE.

Verify the deployment¶

Run caution verify to rebuild the image, compare hashes, and confirm exactly what the enclave is running:

caution verify

Next steps¶

Your application is now running in a verified enclave. Here's what to explore next: