History

Shoaib Ahmed 870c0223b7 release: v0.1.0 (#255 )		2024-10-16 23:13:15 +04:00
..
.cargo	refactor: refactor repo as standard rust monorepo (#222 )	2024-09-30 23:33:22 +04:00
data	refactor: refactor repo as standard rust monorepo (#222 )	2024-09-30 23:33:22 +04:00
msgs	release: v0.1.0 (#255 )	2024-10-16 23:13:15 +04:00
src	Rename crates and subdirs (#231 )	2024-10-01 10:27:57 -04:00
.gitignore	refactor: refactor repo as standard rust monorepo (#222 )	2024-09-30 23:33:22 +04:00
Cargo.toml	LICENSE (#253 )	2024-10-15 22:58:06 +02:00
README.md	docs: Update docs to reflect crate reorg naming, and remove EPID docs (#233 )	2024-10-01 23:57:13 -04:00

README.md

CosmWasm SGX TcbInfo Smart Contract

Standalone smart contract for storage and verification of TcbInfos for Intel SGX. The contract ensures that TcbInfos are kept up-to-date so other contracts can query the latest TcbInfo state using the quote's fmspc during remote attestation verification to ensure the attesting enclave setup is up-to-date.

Overview

The contract provides the following functionalities:

Instantiate: Initialize the contract with a root certificate.
Execute: Store and verify TcbInfo along with the provided certificate and optional timestamp.
Query: Retrieve the latest TcbInfo using the FMSPC.

Usage (with wasmd)

Submit a new TcbInfo for a specific fmspc

export EXECUTE='{
  "tcb_info": "{\"tcbInfo\":{ /* ... */ },\"signature\":\"647bac99371750892415557b838237839e52b02afe027a43322fe661f4a1a693b04a82717120d74bccf2b3787bf7e9ecbe44caa06e6e532b7a68a21b2765663d\"}
  "certificate": "-----BEGIN CERTIFICATE-----\\n /* ... */ \\n-----END CERTIFICATE-----"
}'
wasmd tx wasm execute "$CONTRACT" "$EXECUTE" --from alice --chain-id testing -y

Query the latest TcbInfo by fmspc

wasmd query wasm contract-state smart "$CONTRACT" '{"get_tcb_info": {"fmspc": "00906ED50000"}}'