Rest API | T R E Z A

Get user enclaves

get

/api/enclaves

Retrieve all enclaves associated with a wallet address

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

walletstringRequired

Wallet address to filter enclaves

Example: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

List of enclaves

application/json

400

Missing wallet address

application/json

500

Internal server error

application/json

get

/api/enclaves

GET /api/enclaves?wallet=0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "enclaves": [
    {
      "id": "enc_123456",
      "name": "Trading Bot Enclave",
      "description": "Secure environment for automated trading strategies",
      "status": "PENDING_DEPLOY",
      "region": "us-east-1",
      "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
      "providerId": "aws-nitro",
      "providerConfig": {
        "dockerImage": "my-app:latest",
        "cpuCount": 2,
        "memoryMiB": 512
      },
      "createdAt": "2024-01-15T00:00:00Z",
      "updatedAt": "2024-01-15T00:00:00Z",
      "githubConnection": {
        "isConnected": true,
        "username": "example-user",
        "selectedRepo": "example-user/trading-bot",
        "selectedBranch": "main",
        "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx"
      },
      "error_message": "Deployment failed: Instance type not compatible with Nitro Enclaves"
    }
  ]
}

Create new enclave

post

/api/enclaves

Create a new secure enclave

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

namestringRequiredExample: Trading Bot Enclave

descriptionstringRequiredExample: Secure environment for automated trading strategies

regionstringRequiredExample: us-east-1

walletAddressstringRequiredExample: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

providerIdstringRequiredExample: aws-nitro

providerConfigobjectOptionalExample: {"dockerImage":"my-app:latest","cpuCount":2,"memoryMiB":512}

Responses

201

Enclave created successfully

application/json

400

Missing required fields or invalid provider configuration

application/json

500

Internal server error

application/json

post

/api/enclaves

POST /api/enclaves HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 456

{
  "name": "Trading Bot Enclave",
  "description": "Secure environment for automated trading strategies",
  "region": "us-east-1",
  "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
  "providerId": "aws-nitro",
  "providerConfig": {
    "dockerImage": "my-app:latest",
    "cpuCount": 2,
    "memoryMiB": 512
  },
  "githubConnection": {
    "isConnected": true,
    "username": "example-user",
    "selectedRepo": "example-user/trading-bot",
    "selectedBranch": "main",
    "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx"
  }
}

{
  "enclave": {
    "id": "enc_123456",
    "name": "Trading Bot Enclave",
    "description": "Secure environment for automated trading strategies",
    "status": "PENDING_DEPLOY",
    "region": "us-east-1",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "providerId": "aws-nitro",
    "providerConfig": {
      "dockerImage": "my-app:latest",
      "cpuCount": 2,
      "memoryMiB": 512
    },
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "githubConnection": {
      "isConnected": true,
      "username": "example-user",
      "selectedRepo": "example-user/trading-bot",
      "selectedBranch": "main",
      "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx"
    },
    "error_message": "Deployment failed: Instance type not compatible with Nitro Enclaves"
  }
}

Update enclave

put

/api/enclaves

Update an existing enclave

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

idstringRequiredExample: enc_123456

namestringOptionalExample: Updated Enclave Name

descriptionstringOptionalExample: Updated description

regionstringOptionalExample: us-west-2

walletAddressstringRequiredExample: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

providerIdstringOptionalExample: aws-nitro

providerConfigobjectOptionalExample: {"dockerImage":"my-app:v2","cpuCount":4,"memoryMiB":1024}

Responses

200

Enclave updated successfully

application/json

400

Missing required fields or invalid provider configuration

application/json

404

Enclave not found or access denied

application/json

500

Internal server error

application/json

put

/api/enclaves

PUT /api/enclaves HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 440

{
  "id": "enc_123456",
  "name": "Updated Enclave Name",
  "description": "Updated description",
  "region": "us-west-2",
  "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
  "providerId": "aws-nitro",
  "providerConfig": {
    "dockerImage": "my-app:v2",
    "cpuCount": 4,
    "memoryMiB": 1024
  },
  "githubConnection": {
    "isConnected": true,
    "username": "example-user",
    "selectedRepo": "example-user/trading-bot",
    "selectedBranch": "main",
    "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx"
  }
}

{
  "enclave": {
    "id": "enc_123456",
    "name": "Trading Bot Enclave",
    "description": "Secure environment for automated trading strategies",
    "status": "PENDING_DEPLOY",
    "region": "us-east-1",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "providerId": "aws-nitro",
    "providerConfig": {
      "dockerImage": "my-app:latest",
      "cpuCount": 2,
      "memoryMiB": 512
    },
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "githubConnection": {
      "isConnected": true,
      "username": "example-user",
      "selectedRepo": "example-user/trading-bot",
      "selectedBranch": "main",
      "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx"
    },
    "error_message": "Deployment failed: Instance type not compatible with Nitro Enclaves"
  }
}

Delete enclave

delete

/api/enclaves

Delete an existing enclave

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

idstringRequired

Enclave ID to delete

Example: enc_123456

walletstringRequired

Wallet address for authorization

Example: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

Enclave deleted successfully

application/json

400

Missing required parameters

application/json

404

Enclave not found or access denied

application/json

500

Internal server error

application/json

delete

/api/enclaves

DELETE /api/enclaves?id=enc_123456&wallet=0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "message": "Enclave deleted successfully"
}

Get specific enclave

get

/api/enclaves/{id}

Retrieve details for a specific enclave by ID

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idstringRequired

Enclave ID

Example: enc_123456

Responses

200

Enclave details retrieved successfully

application/json

404

Enclave not found

application/json

500

Internal server error

application/json

get

/api/enclaves/{id}

GET /api/enclaves/{id} HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "enclave": {
    "id": "enc_123456",
    "name": "Trading Bot Enclave",
    "description": "Secure environment for automated trading strategies",
    "status": "PENDING_DEPLOY",
    "region": "us-east-1",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "providerId": "aws-nitro",
    "providerConfig": {
      "dockerImage": "my-app:latest",
      "cpuCount": 2,
      "memoryMiB": 512
    },
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "githubConnection": {
      "isConnected": true,
      "username": "example-user",
      "selectedRepo": "example-user/trading-bot",
      "selectedBranch": "main",
      "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx"
    },
    "error_message": "Deployment failed: Instance type not compatible with Nitro Enclaves"
  }
}

Delete specific enclave

delete

/api/enclaves/{id}

Delete a specific enclave by ID (only if in terminal state)

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idstringRequired

Enclave ID

Example: enc_123456

Query parameters

walletstringRequired

Wallet address for authorization

Example: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

Enclave deleted successfully

application/json

400

Enclave not in terminal state or missing parameters

application/json

403

Unauthorized - wallet mismatch

application/json

404

Enclave not found

application/json

500

Internal server error

application/json

delete

/api/enclaves/{id}

DELETE /api/enclaves/{id}?wallet=0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "message": "Enclave deleted successfully"
}

Manage enclave lifecycle

patch

/api/enclaves/{id}

Perform lifecycle actions on an enclave (pause, resume, terminate)

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idstringRequired

Enclave ID

Example: enc_123456

Body

actionstring · enumRequired

Action to perform on the enclave

Example: pausePossible values:

walletAddressstringRequiredExample: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

Lifecycle action performed successfully

application/json

400

Invalid action or enclave state

application/json

403

Unauthorized - wallet mismatch

application/json

404

Enclave not found

application/json

500

Internal server error

application/json

patch

/api/enclaves/{id}

PATCH /api/enclaves/{id} HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 79

{
  "action": "pause",
  "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB"
}

{
  "enclave": {
    "id": "enc_123456",
    "name": "Trading Bot Enclave",
    "description": "Secure environment for automated trading strategies",
    "status": "PENDING_DEPLOY",
    "region": "us-east-1",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "providerId": "aws-nitro",
    "providerConfig": {
      "dockerImage": "my-app:latest",
      "cpuCount": 2,
      "memoryMiB": 512
    },
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "githubConnection": {
      "isConnected": true,
      "username": "example-user",
      "selectedRepo": "example-user/trading-bot",
      "selectedBranch": "main",
      "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx"
    },
    "error_message": "Deployment failed: Instance type not compatible with Nitro Enclaves"
  },
  "message": "Enclave pause initiated successfully"
}

Get enclave logs

get

/api/enclaves/{id}/logs

Retrieve logs for a specific enclave from various sources

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idstringRequired

Enclave ID

Example: enc_123456

Query parameters

typestring · enumOptional

Type of logs to retrieve

Default: allExample: applicationPossible values:

limitinteger · min: 1 · max: 1000Optional

Maximum number of log entries to return

Default: 100Example: 50

Responses

200

Logs retrieved successfully

application/json

404

Enclave not found

application/json

500

Internal server error

application/json

get

/api/enclaves/{id}/logs

GET /api/enclaves/{id}/logs HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "enclave_id": "enc_123456",
  "enclave_name": "Trading Bot Enclave",
  "enclave_status": "DEPLOYED",
  "logs": {
    "ecs": [
      {
        "timestamp": 1640995200000,
        "message": "Application started successfully",
        "source": "application",
        "stream": "ecs/treza-dev-terraform-runner/12345",
        "type": "stdout",
        "logGroup": "/aws/nitro-enclave/enc_123456/application",
        "function": "treza-dev-validation",
        "execution": "deployment-enc_123456",
        "stateMachine": "deployment"
      }
    ],
    "stepfunctions": [
      {
        "timestamp": 1640995200000,
        "message": "Application started successfully",
        "source": "application",
        "stream": "ecs/treza-dev-terraform-runner/12345",
        "type": "stdout",
        "logGroup": "/aws/nitro-enclave/enc_123456/application",
        "function": "treza-dev-validation",
        "execution": "deployment-enc_123456",
        "stateMachine": "deployment"
      }
    ],
    "lambda": [
      {
        "timestamp": 1640995200000,
        "message": "Application started successfully",
        "source": "application",
        "stream": "ecs/treza-dev-terraform-runner/12345",
        "type": "stdout",
        "logGroup": "/aws/nitro-enclave/enc_123456/application",
        "function": "treza-dev-validation",
        "execution": "deployment-enc_123456",
        "stateMachine": "deployment"
      }
    ],
    "application": [
      {
        "timestamp": 1640995200000,
        "message": "Application started successfully",
        "source": "application",
        "stream": "ecs/treza-dev-terraform-runner/12345",
        "type": "stdout",
        "logGroup": "/aws/nitro-enclave/enc_123456/application",
        "function": "treza-dev-validation",
        "execution": "deployment-enc_123456",
        "stateMachine": "deployment"
      }
    ],
    "errors": [
      {
        "timestamp": 1640995200000,
        "message": "Application started successfully",
        "source": "application",
        "stream": "ecs/treza-dev-terraform-runner/12345",
        "type": "stdout",
        "logGroup": "/aws/nitro-enclave/enc_123456/application",
        "function": "treza-dev-validation",
        "execution": "deployment-enc_123456",
        "stateMachine": "deployment"
      }
    ]
  }
}

Get enclave attestation

get

/api/enclaves/{id}/attestation

Retrieve cryptographic attestation document and verification details for a deployed enclave

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idstringRequired

Enclave ID

Example: enc_1234567890_abc123

Responses

200

Attestation document and verification details

application/json

400

Attestation not available (enclave not deployed)

application/json

404

Enclave not found

application/json

500

Internal server error

application/json

get

/api/enclaves/{id}/attestation

GET /api/enclaves/{id}/attestation HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "enclaveId": "enc_1234567890_abc123",
  "attestationDocument": {
    "moduleId": "nitro-enclave-enc_1234567890_abc123",
    "digest": "sha384:abc123def456...",
    "timestamp": 1702642200000,
    "pcrs": {
      "0": "a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef",
      "1": "b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef12",
      "2": "c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234",
      "8": "d4e5f67890abcdef1234567890abcdef1234567890abcdef123456"
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIB...\n-----END CERTIFICATE-----",
    "cabundle": [
      "-----BEGIN CERTIFICATE-----\nMIIB...",
      "-----BEGIN CERTIFICATE-----\nMIIC..."
    ],
    "publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBg...\n-----END PUBLIC KEY-----",
    "userData": "custom-user-data",
    "nonce": "a1b2c3d4e5f6"
  },
  "verification": {
    "isValid": true,
    "trustLevel": "HIGH",
    "verificationStatus": "VERIFIED",
    "integrityScore": 98.5,
    "lastVerified": "2024-12-15T10:30:00Z",
    "errors": []
  },
  "endpoints": {
    "verificationUrl": "https://app.trezalabs.com/api/enclaves/enc_123456/attestation/verify",
    "apiEndpoint": "https://app.trezalabs.com/api/enclaves/enc_123456/attestation",
    "webhookUrl": "https://app.trezalabs.com/api/enclaves/enc_123456/attestation/webhook"
  }
}

Get verification status

get

/api/enclaves/{id}/attestation/verify

Get quick verification status for an enclave

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idstringRequired

Enclave ID

Example: enc_1234567890_abc123

Responses

200

Verification status

application/json

404

Enclave not found

application/json

500

Internal server error

application/json

get

/api/enclaves/{id}/attestation/verify

GET /api/enclaves/{id}/attestation/verify HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "enclaveId": "enc_1234567890_abc123",
  "isVerified": true,
  "status": "DEPLOYED",
  "lastVerified": "2024-12-15T10:30:00Z",
  "trustLevel": "HIGH"
}

Verify attestation document

post

/api/enclaves/{id}/attestation/verify

Perform comprehensive verification of an attestation document

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idstringRequired

Enclave ID

Example: enc_1234567890_abc123

Body

attestationDocumentstringOptional

Base64 encoded attestation document (optional)

noncestringOptional

Nonce for replay attack protection

Example: a1b2c3d4e5f6

challengestringOptional

Challenge string for additional verification

Example: verify_12345

Responses

200

Verification result

application/json

400

Cannot verify (enclave not deployed)

application/json

404

Enclave not found

application/json

500

Internal server error

application/json

post

/api/enclaves/{id}/attestation/verify

POST /api/enclaves/{id}/attestation/verify HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 80

{
  "attestationDocument": "text",
  "nonce": "a1b2c3d4e5f6",
  "challenge": "verify_12345"
}

{
  "isValid": true,
  "trustLevel": "HIGH",
  "verificationDetails": {
    "pcrVerification": true,
    "certificateChain": true,
    "timestampValid": true,
    "nonceMatches": false,
    "signatureValid": true
  },
  "complianceChecks": {
    "soc2": false,
    "hipaa": false,
    "fips": true,
    "commonCriteria": true
  },
  "riskScore": 5,
  "recommendations": [
    "Enclave attestation is valid and secure",
    "All PCR measurements match expected values",
    "Certificate chain verification successful"
  ],
  "verifiedAt": "2024-12-15T10:30:00Z"
}

Search Docker Hub or get repository tags

get

/api/docker/search

Search Docker Hub for images or get tags for a specific repository

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

qstringOptional

Search query for Docker images

Example: hello-world

repostringOptional

Repository name to get tags for (e.g., 'library/node')

Example: library/node

Responses

200

Search results or repository tags

application/json

Responseone of

or

400

Missing required query parameter (q or repo)

application/json

500

Internal server error or Docker Hub API error

application/json

get

/api/docker/search

GET /api/docker/search HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "count": 150,
  "results": [
    {
      "name": "hello-world",
      "description": "Hello World! (an example of minimal Dockerization)",
      "stars": 1500,
      "official": true,
      "automated": false,
      "owner": "library"
    }
  ]
}

Get available providers

get

/api/providers

Retrieve all available enclave providers or a specific provider by ID

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

idstringOptional

Specific provider ID to retrieve

Example: aws-nitro

Responses

200

Provider(s) retrieved successfully

application/json

Responseone of

or

404

Provider not found (when requesting specific provider)

application/json

500

Internal server error

application/json

get

/api/providers

GET /api/providers HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "providers": [
    {
      "id": "aws-nitro",
      "name": "AWS Nitro Enclaves",
      "description": "Secure isolated compute environments using AWS Nitro technology",
      "regions": [
        "us-east-1",
        "us-west-2",
        "eu-west-1"
      ],
      "configSchema": {
        "dockerImage": {
          "type": "string",
          "label": "Docker Image",
          "required": true,
          "description": "Container image to deploy"
        },
        "cpuCount": {
          "type": "number",
          "label": "CPU Count",
          "defaultValue": 2,
          "validation": {
            "min": 1,
            "max": 8
          }
        }
      }
    }
  ]
}

Initiate GitHub OAuth flow

get

/api/github/auth

Get GitHub OAuth authorization URL

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

statestringOptional

Optional state parameter for OAuth flow

Responses

200

GitHub OAuth URL generated

application/json

500

GitHub client ID not configured

application/json

get

/api/github/auth

GET /api/github/auth HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "authUrl": "https://github.com/login/oauth/authorize?client_id=...",
  "state": "abc123"
}

Exchange OAuth code for access token

post

/api/github/auth

Exchange GitHub OAuth authorization code for access token

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

codestringRequired

OAuth authorization code from GitHub

Example: abcdef123456

statestringOptional

State parameter from OAuth flow

Example: abc123

Responses

200

Access token obtained successfully

application/json

400

Invalid authorization code or other OAuth error

application/json

500

GitHub OAuth not configured or internal error

application/json

post

/api/github/auth

POST /api/github/auth HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 40

{
  "code": "abcdef123456",
  "state": "abc123"
}

{
  "access_token": "gho_xxxxxxxxxxxxxxxxxxxx",
  "user": {
    "id": 12345,
    "login": "username",
    "name": "John Doe",
    "avatar_url": "https://avatars.githubusercontent.com/u/12345"
  }
}

GitHub OAuth callback

get

/api/github/callback

Handle GitHub OAuth callback and redirect to platform

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

codestringOptional

OAuth authorization code

statestringOptional

OAuth state parameter

errorstringOptional

OAuth error if any

Responses

302

Redirect to platform page with success or error parameters

get

/api/github/callback

GET /api/github/callback HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

302

Redirect to platform page with success or error parameters

No content

Get user repositories

get

/api/github/repositories

Fetch GitHub repositories for authenticated user

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

tokenstringRequired

GitHub access token

Example: gho_xxxxxxxxxxxxxxxxxxxx

Responses

200

List of repositories

application/json

400

Access token required

application/json

401

Invalid access token

application/json

500

Internal server error

application/json

get

/api/github/repositories

GET /api/github/repositories?token=gho_xxxxxxxxxxxxxxxxxxxx HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "repositories": [
    {
      "id": 123456,
      "name": "my-repo",
      "fullName": "username/my-repo",
      "description": "A sample repository",
      "private": false,
      "defaultBranch": "main",
      "language": "TypeScript",
      "updatedAt": "2024-01-15T00:00:00Z",
      "htmlUrl": "https://github.com/username/my-repo"
    }
  ]
}

Get repository branches

post

/api/github/repositories

Fetch branches for a specific repository

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

accessTokenstringRequiredExample: gho_xxxxxxxxxxxxxxxxxxxx

repositorystringRequiredExample: username/repo-name

Responses

200

List of branches

application/json

400

Missing required fields

application/json

401

Invalid access token

application/json

500

Internal server error

application/json

post

/api/github/repositories

POST /api/github/repositories HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 76

{
  "accessToken": "gho_xxxxxxxxxxxxxxxxxxxx",
  "repository": "username/repo-name"
}

{
  "branches": [
    {
      "name": "main",
      "commit": {
        "sha": "abc123def456",
        "url": "https://api.github.com/repos/username/repo/commits/abc123def456"
      }
    }
  ]
}

Get API keys

get

/api/api-keys

Retrieve all API keys for the authenticated user

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

walletstringRequired

Wallet address to filter API keys

Example: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

List of API keys

application/json

400

Missing wallet address

application/json

500

Internal server error

application/json

get

/api/api-keys

GET /api/api-keys?wallet=0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "apiKeys": [
    {
      "id": "key_123456",
      "name": "Production API Key",
      "key": "api_key_example_12345",
      "keyHash": "sha256_hash_of_key",
      "permissions": [
        "enclaves:read",
        "tasks:read"
      ],
      "status": "active",
      "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
      "createdAt": "2024-01-15T00:00:00Z",
      "updatedAt": "2024-01-15T00:00:00Z",
      "lastUsed": "2024-01-15T12:30:00Z"
    }
  ]
}

Create API key

post

/api/api-keys

Create a new API key with specified permissions

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

namestringRequiredExample: Production API Key

walletAddressstringRequiredExample: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

201

API key created successfully

application/json

400

Missing required fields or invalid permissions

application/json

500

Internal server error

application/json

post

/api/api-keys

POST /api/api-keys HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 135

{
  "name": "Production API Key",
  "permissions": [
    "enclaves:read",
    "tasks:read"
  ],
  "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB"
}

{
  "apiKey": {
    "id": "key_123456",
    "name": "Production API Key",
    "key": "api_key_example_12345",
    "keyHash": "sha256_hash_of_key",
    "permissions": [
      "enclaves:read",
      "tasks:read"
    ],
    "status": "active",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "lastUsed": "2024-01-15T12:30:00Z"
  }
}

Update API key

put

/api/api-keys

Update an existing API key

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

idstringRequiredExample: key_123456

namestringOptionalExample: Updated API Key Name

statusstring · enumOptionalExample: activePossible values:

walletAddressstringRequiredExample: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

API key updated successfully

application/json

400

Missing required fields or invalid permissions

application/json

404

API key not found or access denied

application/json

500

Internal server error

application/json

put

/api/api-keys

PUT /api/api-keys HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 177

{
  "id": "key_123456",
  "name": "Updated API Key Name",
  "permissions": [
    "enclaves:read",
    "enclaves:write"
  ],
  "status": "active",
  "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB"
}

{
  "apiKey": {
    "id": "key_123456",
    "name": "Production API Key",
    "key": "api_key_example_12345",
    "keyHash": "sha256_hash_of_key",
    "permissions": [
      "enclaves:read",
      "tasks:read"
    ],
    "status": "active",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "lastUsed": "2024-01-15T12:30:00Z"
  }
}

Delete API key

delete

/api/api-keys

Delete an existing API key

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

idstringRequired

API key ID to delete

Example: key_123456

walletstringRequired

Wallet address for authorization

Example: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

API key deleted successfully

application/json

400

Missing required parameters

application/json

404

API key not found or access denied

application/json

500

Internal server error

application/json

delete

/api/api-keys

DELETE /api/api-keys?id=key_123456&wallet=0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "message": "API key deleted successfully"
}

Submit ZK proof for KYC verification

post

/api/kyc/proof

Submit a zero-knowledge proof for KYC verification. The proof is validated, stored in DynamoDB, and optionally submitted to the blockchain for immutable verification.

Authentication: None required (open endpoint)

Rate Limiting: Recommended 10 requests/hour per IP

Security: Cryptographic proof validation prevents fake submissions

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

userIdstringRequired

User identifier

Example: user_abc123

Responses

201

Proof submitted successfully

application/json

400

Invalid request or proof verification failed

application/json

500

Internal server error

application/json

post

/api/kyc/proof

POST /api/kyc/proof HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 352

{
  "userId": "user_abc123",
  "proof": {
    "commitment": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
    "proof": "0x1234567890abcdef...proof_data_here...987654321fedcba",
    "publicInputs": [
      "0x1234567890abcdef",
      "0xfedcba0987654321"
    ],
    "timestamp": "2024-12-15T10:30:00Z",
    "algorithm": "Pedersen-SHA256"
  },
  "deviceInfo": {
    "platform": "iOS",
    "version": "17.0"
  }
}

{
  "proofId": "550e8400-e29b-41d4-a716-446655440000",
  "blockchainProofId": "0x1234567890abcdef",
  "verificationUrl": "/api/kyc/proof/550e8400-e29b-41d4-a716-446655440000",
  "expiresAt": "2024-12-22T10:30:00Z",
  "chainTxHash": "0xabcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890"
}

Get proof details

get

/api/kyc/proof/{proofId}

Retrieve details for a specific KYC proof by ID. By default returns public data only.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

proofIdstring · uuidRequired

Proof ID (UUID)

Example: 550e8400-e29b-41d4-a716-446655440000

Query parameters

includePrivatebooleanOptional

Include private proof data (requires authentication)

Default: falseExample: true

Responses

200

Proof details retrieved successfully

application/json

404

Proof not found

application/json

500

Internal server error

application/json

get

/api/kyc/proof/{proofId}

GET /api/kyc/proof/{proofId} HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "proofId": "550e8400-e29b-41d4-a716-446655440000",
  "commitment": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
  "publicInputs": [
    "0x1234567890abcdef",
    "0xfedcba0987654321"
  ],
  "algorithm": "Pedersen-SHA256",
  "verifiedAt": "2024-12-15T10:30:00Z",
  "expiresAt": "2024-12-22T10:30:00Z",
  "proof": "0x1234567890abcdef...proof_signature_here...",
  "timestamp": "2024-12-15T10:30:00Z"
}

Verify a proof by ID

get

/api/kyc/proof/{proofId}/verify

Verify the validity of a KYC proof, checking expiration and blockchain status

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

proofIdstring · uuidRequired

Proof ID (UUID)

Example: 550e8400-e29b-41d4-a716-446655440000

Responses

200

Verification result

application/json

404

Proof not found

application/json

410

Proof expired

application/json

500

Internal server error

application/json

get

/api/kyc/proof/{proofId}/verify

GET /api/kyc/proof/{proofId}/verify HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "proofId": "550e8400-e29b-41d4-a716-446655440000",
  "isValid": true,
  "publicInputs": [
    "0x1234567890abcdef",
    "0xfedcba0987654321"
  ],
  "verifiedAt": "2024-12-15T10:30:00Z",
  "chainVerified": true,
  "expiresAt": "2024-12-22T10:30:00Z"
}

Get tasks

get

/api/tasks

Retrieve tasks for the authenticated user, optionally filtered by enclave

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

walletstringRequired

Wallet address to filter tasks

Example: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

enclavestringOptional

Optional enclave ID to filter tasks

Example: enc_123456

Responses

200

List of tasks

application/json

400

Missing wallet address

application/json

500

Internal server error

application/json

get

/api/tasks

GET /api/tasks?wallet=0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "tasks": [
    {
      "id": "task_123456",
      "name": "Daily Price Monitor",
      "description": "Monitor cryptocurrency prices and send alerts",
      "enclaveId": "enc_123456",
      "status": "pending",
      "schedule": "0 9 * * *",
      "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
      "createdAt": "2024-01-15T00:00:00Z",
      "updatedAt": "2024-01-15T00:00:00Z",
      "lastRun": "2024-01-15T09:00:00Z"
    }
  ]
}

Create task

post

/api/tasks

Create a new task within an enclave

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

namestringRequiredExample: Daily Price Monitor

descriptionstringRequiredExample: Monitor cryptocurrency prices and send alerts

enclaveIdstringRequiredExample: enc_123456

schedulestringRequired

Cron-style schedule expression

Example: 0 9 * * *

walletAddressstringRequiredExample: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

201

Task created successfully

application/json

400

Missing required fields

application/json

500

Internal server error

application/json

post

/api/tasks

POST /api/tasks HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 201

{
  "name": "Daily Price Monitor",
  "description": "Monitor cryptocurrency prices and send alerts",
  "enclaveId": "enc_123456",
  "schedule": "0 9 * * *",
  "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB"
}

{
  "task": {
    "id": "task_123456",
    "name": "Daily Price Monitor",
    "description": "Monitor cryptocurrency prices and send alerts",
    "enclaveId": "enc_123456",
    "status": "pending",
    "schedule": "0 9 * * *",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "lastRun": "2024-01-15T09:00:00Z"
  }
}

Update task

put

/api/tasks

Update an existing task

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

idstringRequiredExample: task_123456

namestringOptionalExample: Updated Task Name

descriptionstringOptionalExample: Updated task description

schedulestringOptionalExample: 0 */6 * * *

statusstring · enumOptionalExample: runningPossible values:

walletAddressstringRequiredExample: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

Task updated successfully

application/json

400

Missing required fields

application/json

404

Task not found or access denied

application/json

500

Internal server error

application/json

put

/api/tasks

PUT /api/tasks HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 193

{
  "id": "task_123456",
  "name": "Updated Task Name",
  "description": "Updated task description",
  "schedule": "0 */6 * * *",
  "status": "running",
  "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB"
}

{
  "task": {
    "id": "task_123456",
    "name": "Daily Price Monitor",
    "description": "Monitor cryptocurrency prices and send alerts",
    "enclaveId": "enc_123456",
    "status": "pending",
    "schedule": "0 9 * * *",
    "walletAddress": "0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB",
    "createdAt": "2024-01-15T00:00:00Z",
    "updatedAt": "2024-01-15T00:00:00Z",
    "lastRun": "2024-01-15T09:00:00Z"
  }
}

Delete task

delete

/api/tasks

Delete an existing task

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

idstringRequired

Task ID to delete

Example: task_123456

walletstringRequired

Wallet address for authorization

Example: 0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB

Responses

200

Task deleted successfully

application/json

400

Missing required parameters

application/json

404

Task not found or access denied

application/json

500

Internal server error

application/json

delete

/api/tasks

DELETE /api/tasks?id=task_123456&wallet=0x4B0897b0513fdc7C541B6d9D7E929C4e5364D2dB HTTP/1.1
Host: app.trezalabs.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "message": "Task deleted successfully"
}