RAVe is a set of smart contracts for verifying Intel SGX remote attestation reports signed by Intel's Attestation Service, adhering to the EPID specs. SGX devices can use these contracts to prove on-chain that they are running the expected enclave and have committed to some data, enabling new use cases like ZK-2FA.
At a high level RAVe verifies that the leaf x509 certificate used to sign the attestation report originates from Intel. The report is parsed, its enclave measurements are verified, and finally the 64 byte enclave committed data (e.g., a public key) is extracted.
curl -L https://foundry.paradigm.xyz | bashInstall Foundry:
foundryupInstall RAVe dependencies:
forge install
forge buildInstall RAVe dependencies:
forge install
forge buildSetup Python virtual environment to install script dependencies.
python3 -m venv ./env
source .env/bin/activate
pip install -r requirements.txtRun RAVe tests (Note some tests rely on scripts run via FFI that can fail if not run sequentially):
forge install
forge build
forge test --ffi