#quote #dcap #sgx #tdx #datacenter #rust

dcap-rs

Intel Data Center Attestation Primitives (DCAP) Quote Verification Library (QVL) implemented in pure Rust

1 unstable release

new 0.1.0 Dec 12, 2024

#265 in Hardware support

Download history 126/week @ 2024-12-09

126 downloads per month

Apache-2.0

175KB
2K SLoC

Automata DCAP Rust Library

Automata DCAP Rust Library

Intel Data Center Attestation Primitives Quote Verification Library (DCAP QVL) implemented in pure Rust.

This library can be integrated into zkVM programs that provide users the ability to attest DCAP quotes directly on-chain, by publishing and verifying ZK SNARK proofs in the AutomataDCAPAttestation contract.

This library supports verification of the following quotes:

  • V3 SGX Quotes
  • V4 TDX and SGX Quotes

Usage

To use dcap-rs, add the following to Cargo.toml:

[dependencies]
dcap-rs = { git = "https://github.com/automata-network/dcap-rs.git" }

zkVM Patches

zkVM programs provide patches, which are simply modified Rust crates that can help reducing execution cycle costs in the VM.

We have tested dcap-rs with both RiscZero and SP1 zkVMs, and we would happily work with more zkVMs in the future.

Read the section(s) below to learn about how patches can be applied towards corresponding zkVM programs.

RiscZero Accelerators

Patches applied:

  • crypto-bigint
  • sha2
  • Our attempt at accelerating p256.

Make sure to include the following patches into your Guest's cargo.toml.

[patch.crates-io]
sha2 = { git = "https://github.com/risc0/RustCrypto-hashes", tag = "sha2-v0.10.6-risczero.0" }
crypto-bigint = { git = "https://github.com/risc0/RustCrypto-crypto-bigint", tag = "v0.5.2-risczero.0" }
p256 = { git = "https://github.com/automata-network/RustCrypto-elliptic-curves.git" }

Click here to learn more about RiscZero accelerators.

SP1 Precompiles

Patches applied:

  • crypto-bigint
  • sha2

Make sure to include the following patches into your workspace cargo.toml.

[patch.crates-io]
sha2 = { git = "https://github.com/sp1-patches/RustCrypto-hashes", branch = "patch-sha2-v0.10.8" }
crypto-bigint = { git = "https://github.com/sp1-patches/RustCrypto-bigint", branch = "patch-v0.5.5" }

Click here to learn more about SP1 Precompiles.


Contributing

Before You Contribute:

  • Raise an Issue: If you find a bug or wish to suggest a feature, please open an issue first to discuss it. Detail the bug or feature so we understand your intention.
  • Pull Requests (PR): Before submitting a PR, ensure:
    • Your contribution successfully builds.
    • It includes tests, if applicable.

License

Apache License

Dependencies

~15MB
~264K SLoC