Skip to content
/ automata-on-chain-pccs Public

Solidity Implementation of On-Chain PCCS used for Intel DCAP Attestations

License

MIT license
13 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

automata-network/automata-on-chain-pccs

BranchesTags

Repository files navigation

Automata On Chain PCCS

Automata On Chain PCCS

Summary

This repo consists of Solidity implementation for an on-chain PCCS (Provisioning Certificate Caching Service) used in Intel DCAP (Data Center Attestation Primitives).

On-chain PCCS provides an open and permissionless service where users can freely contribute and be given easy access to collaterals for quote verification.

Contracts

ℹ️ UPDATE (March 2025): The EVM contracts for both Automata On Chain PCCS and Automata DCAP Attestation have been fully audited by Trail of Bits.

Click here to view the audit report.

There are two sets of contracts, i.e. the Helper and Base.

Helper Contracts

The Helper contracts provide APIs for parsing collaterals and converting into Solidity structs, i.e. QEIdentity.json, TCBInfo.json, basic DER-decoder for PCK X509 leaf certificate and extensions and X509 CRLs.

Testnet

Network Address
EnclaveIdentityHelper.sol Automata Testnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Ethereum Sepolia 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Ethereum Holesky 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Base Sepolia 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
OP Sepolia 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Arbitrum Sepolia 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
World Sepolia 0x95175096a9B74165BE0ac84260cc14Fc1c0EF5FF
Avalanche C-Chain Fuji 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
BSC Testnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Polygon Amoy 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Hoodi Testnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
FmspcTcbHelper.sol Automata Testnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Ethereum Sepolia 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Ethereum Holesky 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Base Sepolia 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
OP Sepolia 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Arbitrum Sepolia 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
World Sepolia 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Avalanche C-Chain Fuji 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
BSC Testnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Polygon Amoy 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Hoodi Testnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
PCKHelper.sol Automata Testnet 0xeD75bb6543c53d49f4445055Ba18380068025370
Ethereum Sepolia 0xeD75bb6543c53d49f4445055Ba18380068025370
Ethereum Holesky 0xeD75bb6543c53d49f4445055Ba18380068025370
Base Sepolia 0xeD75bb6543c53d49f4445055Ba18380068025370
OP Sepolia 0xeD75bb6543c53d49f4445055Ba18380068025370
Arbitrum Sepolia 0xeD75bb6543c53d49f4445055Ba18380068025370
World Sepolia 0xeD75bb6543c53d49f4445055Ba18380068025370
Avalanche C-Chain Fuji 0xeD75bb6543c53d49f4445055Ba18380068025370
BSC Testnet 0xeD75bb6543c53d49f4445055Ba18380068025370
Polygon Amoy 0xeD75bb6543c53d49f4445055Ba18380068025370
Hoodi Testnet 0xeD75bb6543c53d49f4445055Ba18380068025370
X509CRLHelper.sol Automata Testnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Ethereum Sepolia 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Ethereum Holesky 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Base Sepolia 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
OP Sepolia 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Arbitrum Sepolia 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
World Sepolia 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Avalanche C-Chain Fuji 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
BSC Testnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Polygon Amoy 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Hoodi Testnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C

Mainnet

Network Address
EnclaveIdentityHelper.sol Automata Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Ethereum Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Base Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
OP Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
World Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Arbitrum Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Polygon PoS Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
BSC Mainnet 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
Avalanche C-Chain 0x635A8A01e84cDcE1475FCeB7D57FEcadD3d1a0A0
FmspcTcbHelper.sol Automata Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Ethereum Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Base Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
OP Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
World Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Arbitrum Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Polygon PoS Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
BSC Mainnet 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
Avalanche C-Chain 0x181dc716922c84554aeA8bafa07c906F4e4C15B2
PCKHelper.sol Automata Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
Ethereum Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
Base Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
OP Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
World Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
Arbitrum Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
Polygon PoS Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
BSC Mainnet 0xeD75bb6543c53d49f4445055Ba18380068025370
Avalanche C-Chain 0xeD75bb6543c53d49f4445055Ba18380068025370
X509CRLHelper.sol Automata Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Ethereum Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Base Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
OP Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
World Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Arbitrum Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Polygon PoS Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
BSC Mainnet 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C
Avalanche C-Chain 0xA454FB9522631D586f3A790c6CDc6f1B70Ca903C

Base libraries and Automata DAO contracts

The base contracts are libraries that provide the Data Access Object (DAO) APIs with similar designs inspired from the Design Guide for Intel SGX PCCS.

Base contracts are dependent on Helper contracts to parse collaterals, and contains implementation of basic collateral authenticity check functions for upserts. Smart contract developers are encouraged to extend the base contracts to build their own custom implementation of on-chain PCCS.

Our DAO implementation can be found in the automata_pccs directory.

Testnet

Network Address
AutomataEnclaveIdentityDao.sol Automata Testnet 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
Ethereum Sepolia 0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9
Ethereum Holesky 0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9
Base Sepolia 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
OP Sepolia 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
Arbitrum Sepolia 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
World Sepolia 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
Avalanche C-Chain Fuji 0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9
BSC Testnet 0xd74e880029cd3B6b434f16beA5F53A06989458E
Polygon Amoy 0xd74e880029cd3B6b434f16beA5F53A06989458E
Hoodi Testnet 0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9
AutomataFmspcTcbDao.sol Automata Testnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Ethereum Sepolia 0x63eF330eAaadA189861144FCbc9176dae41A5BAf
Ethereum Holesky 0x63eF330eAaadA189861144FCbc9176dae41A5BAf
Base Sepolia 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
OP Sepolia 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Arbitrum Sepolia 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
World Sepolia 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Avalanche C-Chain Fuji 0x63eF330eAaadA189861144FCbc9176dae41A5BAf
BSC Testnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Polygon Amoy 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Hoodi Testnet 0x63eF330eAaadA189861144FCbc9176dae41A5BAf
AutomataPckDao.sol Automata Testnet 0xa4615C2a260413878241ff7605AD9577feB356A5
Ethereum Sepolia 0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36
Ethereum Holesky 0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36
Base Sepolia 0xa4615C2a260413878241ff7605AD9577feB356A5
OP Sepolia 0xa4615C2a260413878241ff7605AD9577feB356A5
Arbitrum Sepolia 0xa4615C2a260413878241ff7605AD9577feB356A5
World Sepolia 0xa4615C2a260413878241ff7605AD9577feB356A5
Avalanche C-Chain Fuji 0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36
BSC Testnet 0xa4615C2a260413878241ff7605AD9577feB356A5
Polygon Amoy 0xa4615C2a260413878241ff7605AD9577feB356A5
Hoodi Testnet 0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36
AutomataPcsDao.sol Automata Testnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Ethereum Sepolia 0x45CF7485A0D394130153a3630EA0729999511C2e
Ethereum Holesky 0x45CF7485A0D394130153a3630EA0729999511C2e
Base Sepolia 0xB270cD8550DA117E3accec36A90c4b0b48daD342
OP Sepolia 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Arbitrum Sepolia 0xB270cD8550DA117E3accec36A90c4b0b48daD342
World Sepolia 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Avalanche C-Chain Fuji 0x45CF7485A0D394130153a3630EA0729999511C2e
BSC Testnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Polygon Amoy 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Hoodi Testnet 0x45CF7485A0D394130153a3630EA0729999511C2e

Mainnet

Network Address
AutomataEnclaveIdentityDao.sol Automata Mainnet 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
Ethereum Mainnet 0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9
Base Mainnet 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
OP Mainnet 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
World Mainnet 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
Arbitrum Mainnet 0xd74e880029cd3B6b434f16beA5F53A06989458Ee
Polygon PoS Mainnet 0xd74e880029cd3B6b434f16beA5F53A06989458EeC
BSC Mainnet 0xd74e880029cd3B6b434f16beA5F53A06989458EeC
Avalanche C-Chain 0xc3ea5Ff40263E16cD2f4413152A77e7A6b10B0C9
AutomataFmspcTcbDao.sol Automata Mainnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Ethereum Mainnet 0x63eF330eAaadA189861144FCbc9176dae41A5BAf
Base Mainnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
OP Mainnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
World Mainnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Arbitrum Mainnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Polygon PoS Mainnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
BSC Mainnet 0xd3A3f34E8615065704cCb5c304C0cEd41bB81483
Avalanche C-Chain 0x63eF330eAaadA189861144FCbc9176dae41A5BAf
AutomataPckDao.sol Automata Mainnet 0xa4615C2a260413878241ff7605AD9577feB356A5
Ethereum Mainnet 0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36
Base Mainnet 0xa4615C2a260413878241ff7605AD9577feB356A5
OP Mainnet 0xa4615C2a260413878241ff7605AD9577feB356A5
World Mainnet 0xa4615C2a260413878241ff7605AD9577feB356A5
Arbitrum Mainnet 0xa4615C2a260413878241ff7605AD9577feB356A5
Polygon PoS Mainnet 0xa4615C2a260413878241ff7605AD9577feB356A5
BSC Mainnet 0xa4615C2a260413878241ff7605AD9577feB356A5
Avalanche C-Chain 0x75A2BafFfb2096990246F1a2dA65801Ea2A00b36
AutomataPcsDao.sol Automata Mainnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Ethereum Mainnet 0x45CF7485A0D394130153a3630EA0729999511C2e
Base Mainnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
OP Mainnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
World Mainnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Arbitrum Mainnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Polygon PoS Mainnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
BSC Mainnet 0xB270cD8550DA117E3accec36A90c4b0b48daD342
Avalanche C-Chain 0x45CF7485A0D394130153a3630EA0729999511C2e

#BUIDL 🛠️

  1. Install Foundry

  2. Install the dependencies

forge install
  1. Compile the contracts
forge build
  1. Run tests
forge test

To view gas report, pass the --gas-report flag.

Deployment

Before you begin, it is HIGHLY recommended that you store and encrypt wallet keys using Cast.

cast wallet import --keystore-dir ./keystore dcap_prod --interactive

If you had decided against taking the .env pledge, you can (but shouldn't) pass your wallet key to the PRIVATE_KEY environmental variable.

Once you have set up your wallet, you may run the following script to deploy the PCCS Contracts.

make deploy-all RPC_URL=<rpc-url>

You may also pass SIMULATE=true at the end of the command to run the script without broadcasting the transactions.

After deploying the contracts, run the commands below to verify contracts on the explorer.

Etherscan:

make verify-all RPC_URL=<rpc-url> ETHERSCAN_API_KEY=<etherscan-api-key>

Blockscout:

make verify-all RPC_URL=<rpc-url> VERIFIER=blockscout VERIFIER_URL=<explorer-api-url>

To see all available commands, run:

make help

About

Solidity Implementation of On-Chain PCCS used for Intel DCAP Attestations

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

13 stars

Watchers

8 watching

Forks

7 forks
Report repository

Releases 3

v1.0.0 Latest
Apr 2, 2025
+ 2 releases

Contributors 4

  •  
  •  
  •  
  •  

Languages