7 releases (4 breaking)
| 0.5.1 | Oct 14, 2025 |
|---|---|
| 0.5.0 | Oct 8, 2025 |
| 0.4.0 | Oct 2, 2025 |
| 0.3.1 | Sep 11, 2025 |
| 0.1.0 | Oct 16, 2024 |
#39 in #cycle
52KB
696 lines
CosmWasm SGX TcbInfo Smart Contract
Standalone smart contract for storage and verification of TcbInfos for Intel SGX. The contract ensures that
TcbInfos are kept up-to-date so other contracts can query the latest TcbInfo state using the quote's fmspc during
remote attestation verification to ensure the attesting enclave setup is up-to-date.
Overview
The contract provides the following functionalities:
- Instantiate: Initialize the contract with a root certificate.
- Execute: Store and verify TcbInfo along with the provided certificate and optional timestamp.
- Query: Retrieve the latest TcbInfo using the FMSPC.
Usage (with wasmd)
- Submit a new
TcbInfofor a specificfmspc
export EXECUTE='{
"tcb_info": "{\"tcbInfo\":{ /* ... */ },\"signature\":\"647bac99371750892415557b838237839e52b02afe027a43322fe661f4a1a693b04a82717120d74bccf2b3787bf7e9ecbe44caa06e6e532b7a68a21b2765663d\"}
"certificate": "-----BEGIN CERTIFICATE-----\\n /* ... */ \\n-----END CERTIFICATE-----"
}'
wasmd tx wasm execute "$CONTRACT" "$EXECUTE" --from alice --chain-id testing -y
- Query the latest
TcbInfobyfmspc
wasmd query wasm contract-state smart "$CONTRACT" '{"get_tcb_info": {"fmspc": "00906ED50000"}}'
Dependencies
~17–34MB
~592K SLoC