Skip to main content

Attestation verifier

The attestation verifier enclave is used to implement a chain of trust for attestation verification. Instead of verifying attestations on-chain every time for every enclave which is quite expensive, the attestation verifier enclave enables verification of itself once on-chain and a simple secp256k1 signature verification in order to verify other enclaves through a chain of trust.

The files below are from oyster-attestation-verifier-enclave.

Basic architecture

The core of the enclave is oyster-attestation-verifier. It accepts attestations in raw or hex-encoded form, verifies them and returns a signed response indicating that it has verified the attestation. This signature can then be submitted on-chain for further verification. The verifier needs a secp256k1 keypair to sign responses with, and it is generated and kept purely inside the enclave to ensure security for the chain of trust.

The enclave is built by customizing the default image templates (Dockerfile + setup.sh + supervisord.conf) with a list of modifications described below.

Dockerfile

# base image
FROM alpine:3.19

ARG TARGETARCH

# install dependency tools
RUN apk add --no-cache net-tools iptables iproute2 wget

# working directory
WORKDIR /app

# supervisord to manage programs
RUN wget -O supervisord http://public.artifacts.marlin.pro/projects/enclaves/supervisord_master_linux_$TARGETARCH
RUN chmod +x supervisord

# transparent proxy component inside the enclave to enable outgoing connections
RUN wget -O ip-to-vsock-transparent http://public.artifacts.marlin.pro/projects/enclaves/ip-to-vsock-transparent_v1.0.0_linux_$TARGETARCH
RUN chmod +x ip-to-vsock-transparent

# key generator to generate static keys
RUN wget -O keygen-ed25519 http://public.artifacts.marlin.pro/projects/enclaves/keygen-ed25519_v1.0.0_linux_$TARGETARCH
RUN chmod +x keygen-ed25519

# attestation server inside the enclave that generates attestations
RUN wget -O attestation-server http://public.artifacts.marlin.pro/projects/enclaves/attestation-server_v2.0.0_linux_$TARGETARCH
RUN chmod +x attestation-server

# proxy to expose attestation server outside the enclave
RUN wget -O vsock-to-ip http://public.artifacts.marlin.pro/projects/enclaves/vsock-to-ip_v1.0.0_linux_$TARGETARCH
RUN chmod +x vsock-to-ip

# dnsproxy to provide DNS services inside the enclave
RUN wget -O dnsproxy http://public.artifacts.marlin.pro/projects/enclaves/dnsproxy_v0.46.5_linux_$TARGETARCH
RUN chmod +x dnsproxy

# supervisord config
COPY supervisord.conf /etc/supervisord.conf

# setup.sh script that will act as entrypoint
COPY setup.sh ./
RUN chmod +x setup.sh

# your custom setup goes here

# key generator to generate secp256k1 keys
RUN wget -O keygen-secp256k1 http://public.artifacts.marlin.pro/projects/enclaves/keygen-secp256k1_v1.0.0_linux_$TARGETARCH
RUN chmod +x keygen-secp256k1

# attestation verifier
RUN wget -O attestation-verifier http://public.artifacts.marlin.pro/projects/enclaves/attestation-verifier_v2.0.1_linux_$TARGETARCH
RUN chmod +x attestation-verifier

# entry point
ENTRYPOINT [ "/app/setup.sh" ]

We make two customizations here. One is downloading a keypair generator for secp256k1 keys, since we want the verifier to sign verified responses using it. We then download the verifier itself.

setup.sh

#!/bin/sh

# setting an address for loopback
ifconfig lo 127.0.0.1
ifconfig

# adding a default route
ip route add default dev lo src 127.0.0.1
route -n

# iptables rules to route traffic to transparent proxy
iptables -A OUTPUT -t nat -p tcp --dport 1:65535 ! -d 127.0.0.1  -j DNAT --to-destination 127.0.0.1:1200
iptables -L -t nat

# generate identity key
/app/keygen-ed25519 --secret /app/id.sec --public /app/id.pub

# your custom setup goes here
/app/keygen-secp256k1 --secret /app/secp256k1.sec --public /app/secp256k1.pub

# starting supervisord
cat /etc/supervisord.conf
/app/supervisord

We use the secp256k1 keypair generator to generate a keypair.

supervisord.conf

[supervisord]
loglevel=debug
logfile=/dev/stdout
logfile_maxbytes=0

# attestation server
[program:attestation-server]
command=/app/attestation-server --ip-addr 127.0.0.1:1300 --pub-key /app/id.pub
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

# attestation server proxy
[program:attestation-proxy]
command=/app/vsock-to-ip --vsock-addr 88:1300 --ip-addr 127.0.0.1:1300
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

# transparent proxy component inside enclave
[program:ip-to-vsock-transparent]
command=/app/ip-to-vsock-transparent --vsock-addr 3:1200 --ip-addr 127.0.0.1:1200
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

# DNS-over-HTTPS provider
[program:dnsproxy]
command=/app/dnsproxy -u https://1.1.1.1/dns-query -v
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

# your custom programs go here

# attestation server
[program:attestation-server-secp256k1]
command=/app/attestation-server --ip-addr 127.0.0.1:1301 --pub-key /app/secp256k1.pub
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

[program:attestation-server-secp256k1-proxy]
command=/app/vsock-to-ip --vsock-addr 88:1301 --ip-addr 127.0.0.1:1301
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

# attestation server
[program:attestation-verifier]
command=/app/attestation-verifier --secp256k1-secret /app/secp256k1.sec --secp256k1-public /app/secp256k1.pub --ip 127.0.0.1 --port 1400
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

[program:attestation-verifier-proxy]
command=/app/vsock-to-ip --vsock-addr 88:1400 --ip-addr 127.0.0.1:1400
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stdout
stderr_logfile_maxbytes=0

We add 4 custom programs:

  • attestation-server-secp256k1 - A copy of the attestation server that includes the secp256k1 public key generated above in attestations
  • attestation-server-secp256k1-proxy - A proxy to expose the attestation server outside the enclave
  • attestation-verifier - The verifier program at the core of the enclave that used the keypair generated above
  • attestation-verifier-proxy - A proxy to expose the verifier outside the enclave

The proxies correspond to the ports of the respective services that we want exposed.