Intel Data Center Attestation Primitives Quote Verification Library (DCAP QVL) implemented in pure Rust.
This library is currently integrated into a RiscZero Guest Program that provides users the option to attest DCAP quotes directly on-chain, by publishing and verifying ZK SNARK proofs in the AutomataDCAPAttestation contract.
To try out the demo of the DCAP RiscZero Program, we recommend checking out the DCAP Bonsai CLI Demo.
This library supports verification of the following quotes:
- V3 SGX Quotes
- V4 TDX and SGX Quotes
To use dcap-rs, add the following to Cargo.toml:
[dependencies]
dcap-rs = { git = "https://github.com/automata-network/dcap-rs.git" }
This library can be compiled with the acclerated p256 crate, to optimize the cycle costs for ECDSA Verification in the RiscZero Guest program. Check out this repo and doc to learn more about the accelerated p256 crate.
To fully optimize your Guest program, make sure to:
- turn off the default feature, and enable the
acceleratedfeature - include the following patch statements in
Cargo.toml:
[dependencies]
dcap-rs = { git = "https://github.com/automata-network/dcap-rs.git" , default-features = false, features = ["accelerated"] }
[patch.crates-io]
sha2 = { git = "https://github.com/risc0/RustCrypto-hashes", tag = "sha2-v0.10.6-risczero.0" }
crypto-bigint = { git = "https://github.com/risc0/RustCrypto-crypto-bigint", tag = "v0.5.2-risczero.0" }
Before You Contribute:
- Raise an Issue: If you find a bug or wish to suggest a feature, please open an issue first to discuss it. Detail the bug or feature so we understand your intention.
- Pull Requests (PR): Before submitting a PR, ensure:
- Your contribution successfully builds.
- It includes tests, if applicable.
Apache License