Skip to main content

Verifier

Repository

Github
Repositoryhttps://github.com/marlinprotocol/oyster-sdk-rs
Canonical branchmaster
Latest versionv1.0.0

The verifier is built as part of the Oyster SDK and verifies attestations generated using the ed25519 attestation server.

Usage

$ ./target/release/verifier --help
Oyster SDK

Usage: verifier --endpoint <ENDPOINT> --public <PUBLIC> --pcr0 <PCR0> --pcr1 <PCR1> --pcr2 <PCR2> --min-cpus <MIN_CPUS> --min-mem <MIN_MEM> --max-age <MAX_AGE>

Options:
-e, --endpoint <ENDPOINT> endpoint of the attestation server (http://<ip:port>)
-p, --public <PUBLIC> path to public key file
-p, --pcr0 <PCR0> expected pcr0
-p, --pcr1 <PCR1> expected pcr1
-p, --pcr2 <PCR2> expected pcr2
-m, --min-cpus <MIN_CPUS> minimum cpus
-m, --min-mem <MIN_MEM> minimum memory
-m, --max-age <MAX_AGE> maximum age of attestation
-h, --help Print help
-V, --version Print version

The verifier verifies that the attestation is valid, recent, the PCRs match the given PCR params and the enclave size is at least the given CPU/mem params. If the verification is successful, it stores the public key of the enclave in the given file path.

See also