Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Is attestation meant to be end-user verifiable?



I've read the documentation and whitepaper on the SGX Attestation and it looks to me that it's more like a thing that myself (owner and runner of the code) can use to make sure my HW nor enclave had been tampered with, rather than being used as a way for my clients to be sure I'm not doing "evil" things (like running a different code than I should -- assuming it's public).

I like how SGX aids on preventing the code's memory from snooping. Is there any way for my end-user, assuming my code is public, to be able to build that same code, and somehow (hashing?) verify that it's the same code that's running on the enclave?

Thanks in advance!

0 Kudos
0 Replies