Automata AMD SEV-SNP Attestation SDK is the most-feature complete SDK for AMD SEV-SNP development, it consists of two parts:
- SEV-SNP library: it helps developers to generate the AMD SEV-SNP Attestation Report in different cloud service providers (CSP).
- Risc0 and Succinct ZK host and guest programs to interact with the corresponding zkVM servers to generate the proofs, and constructs the Automata AMD SEV-SNP Attestation contract calls to perform the on-chain verification.
Refer to SEV-SNP to setup the AMD SEV-SNP CVM in different cloud service providers (CSP).
Use SEV-SNP to generate the AMD SEV-SNP Attestation Report with VEK Cert, you can find an example in sev_snp_attestation.
Combining the Attestation Generation and the ZK Optimization, you can generate an either Risc0 or SP1 ZK proof with the AMD SEV-SNP Attestation Report and the VEK Cert output, and verify it via verifyAndAttestWithZKProof method.
/**
* @param output the zkVM output.
* @param zkCoprocessor 1 - RiscZero, 2 - Succinct.
* @param proofBytes the zk proof.
*/
function verifyAndAttestWithZKProof(
bytes calldata output,
ZkCoProcessorType zkCoprocessor,
bytes calldata proofBytes
)The ImageID currently used for the DCAP RiscZero Guest Program is 2d103c1cf21571889427523c0933e1cdc99c1c9474fb6f829999964b1ce820d5.
The VKEY currently used for the DCAP SP1 Program is
0000e024beed46a1ff7ae986500393a8c0f84921a0b95369b98e16295b0b05b6.
To get started, you need to have the following installed:
Note: To request an API key complete the form here.
With the Bonsai proving service, you can produce a [Groth16 SNARK proof] that is verifiable on-chain. You can get started by setting the following environment variables with your API key and associated URL.
export BONSAI_API_KEY="YOUR_API_KEY" # see form linked above
export BONSAI_API_URL="BONSAI_URL" # provided with your api keyTo get started, you need to have the following installed:
Note: To request an whitelisted address, complete the form here.
With the SP1 Proving Network, you can produce a [Groth16 SNARK proof] or [Plonk SNARK proof] that is verifiable on-chain. You can get started by setting the following environment variables with your whitelisted address and associated Proving Network.
export SP1_PROVER=network
export SP1_PRIVATE_KEY=""We would like to acknowledge the projects below whose previous work has been instrumental in making this project a reality.
- virtee/sev, an implementation of the AMD Secure Encrypted Virtualization (SEV) APIs and the SEV Secure Nested Paging Firmware (SNP) ABIs.
This project is under development. All source code and features are not production ready.