tf-proxy
tf-proxy is the TrustForge enforcement reverse proxy. It sits in front of an
upstream HTTP/HTTPS service, asks tf-daemon whether each request should be
allowed, and forwards or denies the request based on the decision.
This crate is experimental and not production-ready.
Topology
flowchart LR
Client["Client (browser, app, agent)"] -->|"HTTP/1.1 or TLS"| Proxy["tf-proxy<br/>:443"]
Proxy -->|"POST /v1/decide"| Daemon["tf-daemon<br/>:8642"]
Daemon -->|"decision JSON"| Proxy
Proxy -->|"forward (allow / log-only)"| Upstream["upstream service<br/>:8081"]
Upstream -->|"HTTP response"| Proxy
Proxy -->|"403 / 202 / forwarded body"| Client
For each incoming request, tf-proxy:
- Extracts a host token from
Authorization: Bearer ..., or from a__session=or__Secure-next-auth.session-token=cookie. - POSTs
/v1/decidetotf-daemonwith{actor, host_token, host_token_kind, action, target, context, trace_id}. - Acts on the response:
allow— forward upstream, copy response back.deny(enforce mode) — return403 ForbiddenwithWWW-Authenticate: TrustForge realm="...", reason="..."and a JSON body{error, reason, proof_id}.deny(observe-only mode) — forward upstream and emit a proof-event log.approval-required— return202 AcceptedwithLocation: <daemon>/v1/approval/<approval_id>and{status, approval_id}.log-only— forward upstream and emit a proof-event log.
WebSocket upgrade requests are decided once with action connect. If
allowed, tf-proxy splices the client and upstream TCP streams together so
the upgrade and subsequent frames flow transparently.
Install
Build from source:
The binary lands at target/release/tf-proxy.
Usage
CLI flags:
| Flag | Default | Purpose |
|---|---|---|
--listen |
0.0.0.0:8080 |
Address to bind for client connections. |
--upstream |
required | Upstream service base URL. |
--daemon |
http://127.0.0.1:8642 |
tf-daemon base URL. |
--admin-token |
env TF_ADMIN_TOKEN |
Sent as X-Admin-Token header to the daemon. |
--profile |
tf-home-compatible |
Profile name advertised in proof events. |
--mode |
observe-only |
Either observe-only or enforce. |
--tls-cert |
none | PEM cert path. Requires --tls-key. |
--tls-key |
none | PEM key path. Requires --tls-cert. |
Set both --tls-cert and --tls-key to terminate TLS at the proxy. The
proxy decrypts inbound traffic, runs the same decision logic, and forwards
plaintext to the upstream.
Testing
The tests bring up a mock tf-daemon and a mock upstream and drive the
proxy via reqwest.