The Attesteer is an API to the decentralized remote attestation on the Integritee Network. Remote attestation is a crucial aspect of deploying software within a TEE. It verifies the integrity and genuineness of the TEE and the software it is executing. The Attesteer ensures that a specific service is:
- running inside a genuine TEE enclave (guaranteed by manufacturer)
- on a fully updated system with the latest security patches applied
- genuine: that the software has not been tampered with or modified in any way.
Instead of registering with Intel, operators of TEE technology can use Integritee’s Attesteer service, which carries out remote attestation regularly. It is relevant to any user of TEEs seeking to benefit from public auditability and an effortless, seamlessly integrable service. While the information obtained using Attesteer is the same as with Intel’s remote attestation service (see 1-3 above), it becomes available on Integritee’s public unpermissioned network. In contrast to Intel’s offering, where only registered clients can verify the integrity of the TEE and process, Attesteer makes the process available and verifiable to any third party – a significant benefit, e.g., for institutions that want to prove data security and sovereignty to their customers or in case of data sharing collaborations between multiple parties.
The main benefits in brief of using Attesteer are:
- Verifiable Computing: The integrity of the processes running within TEEs is verified and registered on our public network, fostering transparency and user trust.
- Technology-Agnostic: The Attesteer aims to attest any type of enclave that supports remote attestation and implements its interface. Be it web3, web2 or enterprise infrastructure. In the near future, the Attesteer will also be able to verify the integrity of other manufacturers' TEEs (e.g., AMD SEV).
If you want to start using the API, check out the integration guide in section 4.5 .