Skip to main content

Confidential inputs

This sub-section assumes that you are trying to create a Type-2 Market that supports confidential inputs and that your Generator enclave containing the proof verification logic is ready. It also assumes that you have kalypso-sdk set up correctly.

The steps below will use kalypso-sdk to help you connect the proof verification logic in the Generator enclave with the rest of Kalypso contracts so that proofs can be verified and Requests can be settled correctly.

Steps

  • Fetch the attestation of the enclave

    const generatorAttestationData = await kalypso.Generator().GeneratorEnclaveConnector().getAttestation();

  • Extract PCRs from the Attesatation Data

    const generatorImagePcrs = KalypsoSdk.getRlpedPcrsFromAttestation(generatorAttestationData.attestation_document);

  • Finally broadcast the transaction to create the TeeVerifier

    const data = await kalypso
        .MarketPlace()
        .createTeeVerifier(await wallet.getAddress(), kalypsoConfig.tee_verifier_deployer, kalypsoConfig.attestation_verifier, generatorImagePcrs);

    Note down the transaction hash. The transaction will create a new contract whose address can be found on a chain explorer.

    todo! (programmatically fetch the tee proof verifier address)

kalypso-tutorial/index.ts
    <!--  Existing Code Setup -->
    const generatorAttestationData = await kalypso.Generator().GeneratorEnclaveConnector().getAttestation();
    console.log({ generator_enclave_key: generatorAttestationData.secp_key });
    const generatorPubKey = PublicKey.fromHex(generatorAttestationData.secp_key as string);
    console.log({ generator_compressed: generatorPubKey.compressed.toString("hex") });

    const generatorImagePcrs = KalypsoSdk.getRlpedPcrsFromAttestation(generatorAttestationData.attestation_document);
    console.log({ generatorImagePcrs });

    const data = await kalypso
        .MarketPlace()
        .createTeeVerifier(await wallet.getAddress(), kalypsoConfig.tee_verifier_deployer, kalypsoConfig.attestation_verifier, generatorImagePcrs);

    console.log("Tee Verifier Creation Receipt hash", data.hash);

Verify the enclave key

Finally verify the enclave key of the deployed enclave

kalypso-tutorial/index.ts
// Existing Code
const data = await kalypso
.MarketPlace()
.verifyTeeKey(teeVerifier, generatorAttestationData.attestation_document);
console.log("Tee Verifier VerifyKey tx receipt hash", data.hash);
  • teeVerifier: Address of the teeVerifier contract

If the transaction hash is successfully received, it implies that the verification was successful. The function reverts otherwise.