Automata Docs
  • Understanding Automata
    • What is Automata?
      • TEE Coprocessor
      • Proof of Machinehood
        • Optimistic Attestation
        • Zero Knowledge Proof
        • Modular Trust
    • Key terms
  • TEE Overview
    • TEE Prover
    • Multi-Prover AVS (EigenLayer)
      • Operator guide
        • Installation
        • Deposit strategies
        • Opt in to run AVS
        • FAQ
    • TEE Compile
      • Getting Started
      • Vendorizing
      • Attestation Report
    • TEE Builder
      • Block Builder Architecture
      • Stateless Executor
    • Verifiable Random Function
      • Why Automata VRF
      • How does Automata VRF work
      • Attestation
  • Build with PoM
    • Introduction
      • Smart contract libraries
      • Attestations on Verax
      • Frequently asked questions
    • Attestation module
      • Machine Attestation
        • Intel SGX
        • AWS Nitro Enclaves
        • Miscellaneous
      • Device Attestation
        • Yubikey
        • Andriod
        • Apple
        • Windows
        • FIDO U2F Authenticator
      • WebAuthn Attestation
        • WebAuthn Attestation Types
        • Attestation Statements & Privacy Impacts
  • Backed by PoM
    • 1RPC
    • L2Faucet
      • Frequently asked questions
  • Protocol
    • App-Specific Rollup
    • Mainnet
    • Testnet
    • Bridge
      • Bridging Native Tokens from L1 to L2
      • Bridging Native Tokens from L2 to L1
    • Explorer
    • Specification
      • Attestation
      • Attestor
      • Smart Contract
  • Research
    • Account Abstraction
    • Decentralized Randomness
    • Maximal Extractable Value
    • Reproducible Build
    • Lightpaper
Powered by GitBook
On this page
  • Introduction of Android SafetyNet
  • Android SafetyNet Attestation

Was this helpful?

  1. Build with PoM
  2. Attestation module
  3. Device Attestation

Andriod

Introduction of Android SafetyNet

Android SafetyNet is a set of services and APIs provided by Google to help developers ensure the security of their apps running on Android devices. SafetyNet offers a range of features, including device attestation, which allows developers to verify the integrity and compatibility of the devices their apps are running on. This is particularly important for apps that handle sensitive information or perform critical operations, as it helps prevent tampering and fraud.

Android SafetyNet Attestation

Android SafetyNet Attestation is a process that allows developers to verify the authenticity and integrity of an Android device. The process involves several steps:

  1. Signature Verification: The first step involves verifying the JSON Web Token (JWT) signature in the attestation statement. This is done by checking the signature against the public key in the first certificate (x5c[0]) included in the JWT. This ensures that the attestation statement was generated by the SafetyNet Attestation API and has not been tampered with.

  2. Nonce Verification: The next step is to verify the nonce field in the JWT payload. The nonce should be equal to the hash of the concatenation of the authData and clientDataJSON. This step ensures that the attestation statement corresponds to the original authentication request.

  3. Certificate Chain Verification: The third step involves verifying the certificate chain included in the JWT. This is done by checking that each certificate in the chain is signed by the next certificate, establishing a chain of trust. Additionally, the validity of each certificate in the chain should be checked, including the expiration date, issuer, and other relevant fields. This step ensures the authenticity and validity of the attestation certificate.

  4. CA Verification: The final step is to verify that the last certificate in the certificate chain is issued by a trusted Certificate Authority (CA). In the case of SafetyNet Attestation, this should be a Google-owned CA. This step confirms that the attestation statement comes from a genuine Android device.

In conclusion, utilizing Android SafetyNet Attestation in conjunction with on-chain verification offers a powerful and transparent approach to device authentication. By storing and verifying attestation statements on the blockchain, we can create a tamper-proof and publicly accessible record of device integrity. This decentralized approach enhances the trustworthiness of the attestation process and provides a higher level of assurance that the device is genuine and uncompromised.

PreviousYubikeyNextApple

Last updated 1 year ago

Was this helpful?