Intel SGX Attestation Report verification on-chain.
The identity and validity of secure enclaves can be verified using the Intel Attestation Service. As a result of this process an Attestation Verification Report is generated. The smart contracts in this repository handle the verification of these reports on-chain.
The verification process looks like this:
- decoding and verifying the Report Signing Certificate Chain. Verifying that the chain is rooted in a trusted Report Signing CA Cerficiate (available from Intel).
- Verify the signature over the report using the Attestation Report Signing Certificate.
- Verify the content of the report.
Since these are all compute intensive steps, this code should be run on an L2.