Verify that a TEE is running a certain docker-compose file.
- Go to https://rtmr3-calculator.vercel.app/
- Paste docker-compose file that your app provider claims to have used
- Paste other required values produced by the TEE
- Generate RTMR3 value
- Get a remote attestation quote from a running app and verify it here: https://proof.t16z.com/
- Compare RTMR3 field encoded within the quote with the one generated by this calculator. If they match, the app was deployed with the same docker-compose file.
Make sure you have Node.js installed.
Clone the repo and run npm start.
Alternatively, just use a simple Python script. Put your values in ./src/rtmr3.py and run it.
The only code that really matters for verification is in ./src/rtmr3.tsx. Everything else is just stuff needed to make it a web app.
The same logic is also implemented in a cleaner file and easier to understand Python script ./src/rtmr3.py.
You can also find references to DStack code there.
- Phala Cloud: https://cloud.phala.network/
- RTMR3 explanation: https://phala.network/posts/truth-of-AI-Agent
- How RTMR3 is calculated on DStack (framework powering Phala Cloud): https://github.com/Dstack-TEE/dstack/blob/master/tdxctl/src/fde_setup.rs#L437