Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Seidl__Jan
Beginner
108 Views

Is attestation meant to be end-user verifiable?

Hi, 

I've read the documentation and whitepaper on the SGX Attestation and it looks to me that it's more like a thing that myself (owner and runner of the code) can use to make sure my HW nor enclave had been tampered with, rather than being used as a way for my clients to be sure I'm not doing "evil" things (like running a different code than I should -- assuming it's public).

I like how SGX aids on preventing the code's memory from snooping. Is there any way for my end-user, assuming my code is public, to be able to build that same code, and somehow (hashing?) verify that it's the same code that's running on the enclave?

Thanks in advance!

0 Kudos
0 Replies
Reply