feat: build iapp by martin (#15)

Author: akugone

.vitepress/sidebar.ts

@@ -345,7 +345,11 @@ export function getSidebar() {
             text: '📖 Guides',
             items: [
               {
-                text: 'Manage Your iApps',
+                text: 'Build and Deploy your iApps',
+                link: '/build-iapp/guides/build-&-deploy-iapp',
+              },
+              {
+                text: 'Manage your iApps',
                 link: '/build-iapp/guides/manage-iapp',
               },
               {

src/build-iapp/guides/ai-frameworks.md

@@ -0,0 +1,115 @@
+---
+title: Build and Deploy an iApp?
+description:
+  How to build an confidential iexec application and deploy it on iexec protocol
+---
+
+## iApp Generator: Your Development Tool
+
+Bootstrap TEE-compatible applications in minutes without any hardcoding skills,
+iApp Generator handles all the low-level complexity for you.
+
+- **Access to TEEs easily** - No need to dive into low-level requirements, build
+  iApps that connect to TEEs in minutes.
+- **Check and deploy iApps quickly** - iApp Generator checks that your iApp
+  complies with the iExec Framework and streamlines its deployment.
+- **Select your project mode & language** - Get started with either a basic or
+  advanced setup, depending on your experience with the iExec framework. You can
+  use Python or JavaScript—whichever you prefer!
+
+```bash
+# Create your iApp (Python or Node.js supported)
+iapp init my-privacy-app
+cd my-privacy-app
+
+# Develop and test locally (simulates TEE environment)
+iapp test
+# Deploy to the network
+iapp deploy
+```
+
+<div class="bg-gradient-to-r from-blue-400/10 to-blue-400/5 rounded-[6px] p-4 border-l-4 border-blue-600 mb-6">
+  <p class="m-0! text-sm"><strong>Note:</strong> iApp Generator currently supports Python and Node.js, but iApps can be built in any language that runs in Docker.</p>
+</div>
+
+## Real Examples
+
+Here are some real-world examples of iApps to help you understand how they work
+in practice.
+
+**Email Notification iApp**
+
+This iApp lets you send updates to your contacts without ever seeing their email
+addresses, privacy is preserved by design.
+
+::: code-group
+
+```python [Python]
+# User runs: "Send updates to my contacts about my project"
+contacts = load_protecteddata()  # User's protected contact list
+for contact in contacts:
+   send_email(contact, project_update_message)
+# → Emails sent directly, you never see the addresses
+```
+
+```js [Node.js]
+/* User runs: "Send updates to my contacts about my project" */
+const contacts = loadProtectedData(); // User's protected contact list
+contacts.forEach((contact) => {
+  sendEmail(contact, projectUpdateMessage);
+});
+// → Emails sent directly, you never see the addresses
+```
+
+:::
+
+**Oracle Update iApp**
+
+This iApp securely updates a price oracle using private trading data, ensuring
+sensitive information stays confidential.
+
+::: code-group
+
+```python [Python]
+# User runs: "Update price oracle with my private trading data"
+trading_data = load_protecteddata()  # User's protected trading history
+average_price = calculate_weighted_average(trading_data)
+update_oracle_contract(average_price)
+# → Oracle updated with real data, trading history stays private
+```
+
+```js [Node.js]
+/* User runs: "Update price oracle with my private trading data" */
+const tradingData = loadProtectedData(); // User's protected trading history
+const averagePrice = calculateWeightedAverage(tradingData);
+updateOracleContract(averagePrice);
+// → Oracle updated with real data, trading history stays private
+```
+
+:::
+
+**Automated Transactions iApp**
+
+This iApp automates monthly payments using protected payment details, so
+financial information remains private.
+
+::: code-group
+
+```python [Python]
+# User runs: "Automate payments every month"
+payment_info = load_protecteddata()  # User's payment details
+for month in range(12):
+   process_payment(payment_info)
+# → Payments processed, payment details stay private
+```
+
+```js [Node.js]
+/* User runs: "Automate payments every month" */
+const paymentInfo = loadProtectedData(); // User's payment details
+for (let month = 0; month < 12; month++) {
+  processPayment(paymentInfo);
+}
+// → Payments processed, payment details stay private
+```
+
+:::

src/build-iapp/guides/build-&-deploy-iapp.md

@@ -112,6 +112,12 @@ with open(f"{os.environ['IEXEC_OUT']}/computed.json", 'w') as f:
     json.dump(computed, f)
 ```
 
+### ⚠️ **Dataset type unmatching**
+
+- **Cause**: The dataset type specified in the frontend (protectData) does not
+  match with the dataset type specified in the iApp
+- **Solution**: Check both dataset types
+
 ## Best Practices
 
 ### 🔍 **Input Validation**

src/build-iapp/guides/debugging-your-iapp.md

@@ -275,23 +275,6 @@ environment.
 **When to use:** Processing user's sensitive information like personal data,
 financial records, health data.
 
-### How Users Provide Protected Data
-
-Users specify the protected data address when executing your iApp:
-
-```ts twoslash
-import { IExecDataProtectorCore, getWeb3Provider } from '@iexec/dataprotector';
-
-const web3Provider = getWeb3Provider('PRIVATE_KEY');
-const dataProtectorCore = new IExecDataProtectorCore(web3Provider);
-// ---cut---
-// User provides their protected data for processing
-const response = await dataProtectorCore.processProtectedData({
-  protectedData: '0x123abc...', // Address of their protected data
-  app: '0x456def...', // Your iApp address
-});
-```
-
 ### How to Access Protected Data
 
 Protected data is available in the `IEXEC_IN` directory as decrypted files:
@@ -345,6 +328,23 @@ try {
 
 :::
 
+### How Users Provide Protected Data
+
+Users specify the protected data address when executing your iApp:
+
+```ts twoslash
+import { IExecDataProtectorCore, getWeb3Provider } from '@iexec/dataprotector';
+
+const web3Provider = getWeb3Provider('PRIVATE_KEY');
+const dataProtectorCore = new IExecDataProtectorCore(web3Provider);
+// ---cut---
+// User provides their protected data for processing
+const response = await dataProtectorCore.processProtectedData({
+  protectedData: '0x123abc...', // Address of their protected data
+  app: '0x456def...', // Your iApp address
+});
+```
+
 ### Working with Multiple Protected Datasets
 
 When multiple datasets are provided, they're available as separate files:

src/build-iapp/guides/inputs-and-outputs.md

@@ -38,6 +38,15 @@ technology, different from the default SGX implementation.
 - ❌ **Limited worker availability**
 - ❌ **Not production ready**
 
+| Feature                  | Intel SGX                                                                           | Intel TDX                                    |
+| ------------------------ | ----------------------------------------------------------------------------------- | -------------------------------------------- |
+| Release Year             | 2015                                                                                | 2023                                         |
+| Enclave Scope            | Application level                                                                   | Virtual machine level                        |
+| Code Adaptation Required | Yes - needs redesign of app's logic                                                 | No - supports lift-and-shift of full systems |
+| Memory Size              | Limited                                                                             | Extensive (multi-GB+)                        |
+| Integration Complexity   | Higher (more dev work)                                                              | Lower (VM legacy code)                       |
+| Best Fit For             | Lightweight, high-assurance modules (e.g. wallets, crypto key ops, small AI models) | Heavier AI workloads, legacy apps, databases |
+
 ## Enabling TDX in iApp Generator
 
 ### Environment Variable Method
@@ -53,6 +62,15 @@ iapp deploy
 iapp run <app-address>
 ```
 
+:::warning Environment Variable Declaration
+
+The syntax for setting environment variables differs between operating systems:
+
+- **Mac/Linux**: `export EXPERIMENTAL_TDX_APP=true`
+- **Windows**: `set EXPERIMENTAL_TDX_APP=true`
+
+:::
+
 ### Per-Command Method
 
 **Enable TDX for specific commands**:
@@ -77,6 +95,30 @@ EXPERIMENTAL_TDX_APP=true iapp debug <taskId>
 iexec app show <app-address>
 ```
 
+###
+
+⚠️ **To use** the iExec DataProtector SDK with TDX support, you must configure
+the SDK with the right SMS endpoint.
+
+```jsx
+const dataProtector = new IExecDataProtector(web3Provider, {
+  iexecOptions: {
+    smsURL: 'https://sms.labs.iex.ec',
+  },
+});
+```
+
+⚠️**You need** to change the default worker pool in your protected Data
+declaration
+
+```jsx
+await dataProtector.core.processProtectedData({
+  protectedData: protectedData.address,
+  workerpool: 'tdx-labs.pools.iexec.eth',
+  app: '0x1919ceb0c6e60f3B497936308B58F9a6aDf071eC',
+});
+```
+
 ## Protected Data Compatibility
 
 :::warning Protected Data Requirements

src/build-iapp/guides/manage-iapps.md

@@ -6,7 +6,7 @@ Before using the iApp Generator, make sure you have:
 
 \- [**Node.js**](https://nodejs.org/en/) version 20 or higher
 
-\- **Docker**
+\- **Docker / Docker hub account**
 
 \- **Docker Buildx** _(for macOS users, check AMD64 compatibility)_