https://community.intel.com/t5/Intel-Software-Guard-Extensions/Is-attestation-meant-to-be-end-user-verifiable/m-p/1156408#M2748 <P>Hi,&nbsp;</P><P>I've read the documentation and whitepaper on the SGX Attestation and it looks to me that it's more like a thing that myself (owner and runner of the code) can use to make sure my HW nor enclave had been tampered with, rather than being used as a way for my clients to be sure I'm not doing "evil" things (like running a different code than I should -- assuming it's public).</P><P>I like how SGX aids on preventing the code's memory from snooping. Is there any way for my end-user, assuming my code is public, to be able to build that same code,&nbsp;and somehow (hashing?) verify that it's the same code that's running on the enclave?</P><P>Thanks in advance!</P> Tue, 03 Sep 2019 20:08:02 GMT Seidl__Jan 2019-09-03T20:08:02Z https://community.intel.com/t5/Intel-Software-Guard-Extensions/Is-attestation-meant-to-be-end-user-verifiable/m-p/1156408#M2748 <P>Hi,&nbsp;</P><P>I've read the documentation and whitepaper on the SGX Attestation and it looks to me that it's more like a thing that myself (owner and runner of the code) can use to make sure my HW nor enclave had been tampered with, rather than being used as a way for my clients to be sure I'm not doing "evil" things (like running a different code than I should -- assuming it's public).</P><P>I like how SGX aids on preventing the code's memory from snooping. Is there any way for my end-user, assuming my code is public, to be able to build that same code,&nbsp;and somehow (hashing?) verify that it's the same code that's running on the enclave?</P><P>Thanks in advance!</P> Tue, 03 Sep 2019 20:08:02 GMT https://community.intel.com/t5/Intel-Software-Guard-Extensions/Is-attestation-meant-to-be-end-user-verifiable/m-p/1156408#M2748 Seidl__Jan 2019-09-03T20:08:02Z