Supported runtimes

Marblerun strives to be runtime-agnostic. Currently, supported runtimes are described below. More will follow in the future.


EGo is the preferred way for writing confidential Go applications from scratch as well as porting existing ones. Usage is very similar to conventional Go programming. Continue with our building a service with EGo hands-on to use it with Marblerun.

Edgeless RT

With Edgeless RT you can create confidential C++ applications with a low TCB. Please follow the build instructions provided in our C++ sample to use it with Marblerun.


Graphene is a popular choice for wrapping unmodified applications into enclaves. This approach is commonly known as “lift and shift” facilitates the process of bringing existing applications into the confidential space. Graphene further adds support for dynamically linked libraries and multi-process applications in SGX. Running a Graphene app with Marblerun requires minor changes to its manifest.


Occlum is another popular solution Graphene which allows wrapping existing applications with minimal to no changes inside an enclave, requiring you to at best recompile existing applications with the provided toolset with support for common languages such as C, C++, Go, Java and Rust. With its core being written in the memory-safe programming language Rust and a separated environment under which your application is running, it provides a safe yet powerful way to build your applications. Running an Occlum app with Marblerun requires minor changes to its manifest.