This repo serves as a code base for the Intel Data Center Attestation Primitive (DCAP) Web3-based Quote Verification program for both EVM and Solana.
Currently on the EVM, users can verify DCAP quotes with either full on-chain execution or using SNARK proofs by executing DCAP zkVM Programs on zkVMs, such as RiscZero or Succinct SP1. We plan to add support for more zkVMs in the future.
The Solana program currently only supports SNARK proofs verification.
These identifiers are a required parameter for SNARK proof verifications, to show that the proofs are generated by the intended zkVM Program.
The ImageID currently for the DCAP RiscZero Guest Program is c2eafe1ba01610f3b71281f9dd3280b33d97370bb68d3ada2925d391be245e10.
The VKEY currently for the DCAP SP1 Program is
004be684aaf90b70fb2d8f586ec96c36cee5f6533850b14e8b5568f4dbf31f8e.
It consists of three smart contracts:
-
PCCS Router: A central contract to read collaterals from
automata-on-chain-pccs -
Automata DCAP Attestation: This is the entrypoint contract for users to submit a quote to be verified. This contract parses the Quote header to identify the version, which then forwards the quote to the respective QuoteVerifier contract.
-
Quote Verifier(s): This contract provides the full implementation to verify a given quote specific to its version. This contract is intended to be called only from the Automata DCAP Attestation contract.
Automata DCAP Attestation contract implements two attestation methods available to users. Here is a quick comparison:
| On-Chain | Groth16 Proof Verification with RiscZero v1.2.1 | Groth16 Proof Verification with SP1 V4 | Plonk Proof Verification with SP1 V4 | |
|---|---|---|---|---|
| Quote Verification Time | Instant | Proving takes <2 minutes, instant verification | Proving takes ~3 minutes, instant verification | Proving takes ~5 minutes, instant verification |
| Gas Cost | ~4-5M gas (varies by collateral size) | 360k gas | 333k gas | 419k gas |
| Execution | Runs fully on-chain | Execution proven by remote prover Bonsai | Execution proven by the SP1 Network | Execution proven by the SP1 Network |
ℹ️ Note:
The deployment addresses shown here are currently based on the latest changes made.
To view deployments on the previous version (will be deprecated soon), you may refer to this branch.
The following diagram illustrates an overview of the execution flow of the DCAP Solana Program.
- Invokes the
CreateDcapOutputAccountinstruction on the DCAP Program. - Reads the current count from DCAP Counter, which is used as seed to derive the address of the
VerifiedOutputPDA. - Writes data to the
VerifiedOutputPDA. - Increments the current count in DCAP Counter, which completes the
CreateDcapOutputAccountinstruction. - Invokes the
VerifyDcapProofinstruction on the DCAP Program. - Reads the output from the provided
VerifiedOutputPDA address. - The output is pre-processed and converted into a Groth16 public input, then submitted along with the proofs to be verified with the corresponding zkVM verifier program.
- Updates the data in
VerifiedOutputPDA to indicate the status showing successful verification. - Downstream programs consume the data directly from the
VerifiedOutputPDA.
Depending on which zkVM programs that the user has chosen, the Automata DCAP Solana Program sends the processed VerifiedOutput along with proofs to one of the following programs:
-
RiscZero Groth16 Verifier, this is a general-purpose Groth16 Verifier built by RiscZero that can be called by any Solana programs to perform Groth16 Verifications.
-
DCAP SP1 Solana Program, this is a wrapper verifier program to be called only by the Automata DCAP Solana Program because it hardcodes the vkey. This program imports the SP1 Solana Library.
The DCAP Solana Program and Counter account have both been deployed to devnet at:
- DCAP Program:
DcapE9GZZ2KSu6udeW1pVdmqBAHP9NMBLBrxUUYdw1Qk - DCAP Counter:
DcapH8Bt1y6MQHE1hR2Rp1WEBeWfog2Kh9UxtG8UMaNu