Automata Docs
  • Understanding Automata
    • What is Automata?
      • TEE Coprocessor
      • Proof of Machinehood
        • Optimistic Attestation
        • Zero Knowledge Proof
        • Modular Trust
    • Key terms
  • TEE Overview
    • TEE Prover
    • Multi-Prover AVS (EigenLayer)
      • Operator guide
        • Installation
        • Deposit strategies
        • Opt in to run AVS
        • FAQ
    • TEE Compile
      • Getting Started
      • Vendorizing
      • Attestation Report
    • TEE Builder
      • Block Builder Architecture
      • Stateless Executor
    • Verifiable Random Function
      • Why Automata VRF
      • How does Automata VRF work
      • Attestation
  • Build with PoM
    • Introduction
      • Smart contract libraries
      • Attestations on Verax
      • Frequently asked questions
    • Attestation module
      • Machine Attestation
        • Intel SGX
        • AWS Nitro Enclaves
        • Miscellaneous
      • Device Attestation
        • Yubikey
        • Andriod
        • Apple
        • Windows
        • FIDO U2F Authenticator
      • WebAuthn Attestation
        • WebAuthn Attestation Types
        • Attestation Statements & Privacy Impacts
  • Backed by PoM
    • 1RPC
    • L2Faucet
      • Frequently asked questions
  • Protocol
    • App-Specific Rollup
    • Mainnet
    • Testnet
    • Bridge
      • Bridging Native Tokens from L1 to L2
      • Bridging Native Tokens from L2 to L1
    • Explorer
    • Specification
      • Attestation
      • Attestor
      • Smart Contract
  • Research
    • Account Abstraction
    • Decentralized Randomness
    • Maximal Extractable Value
    • Reproducible Build
    • Lightpaper
Powered by GitBook
On this page
  • Integrate Proof of Machinehood
  • Attestation Statements

Was this helpful?

  1. Build with PoM
  2. Introduction

Smart contract libraries

PreviousIntroductionNextAttestations on Verax

Last updated 1 year ago

Was this helpful?

Proof of Machinehood (PoM) libraries enable developers to implement on-chain machine attestation validations for integration with smart contracts. Open-source smart contract libraries as such provide reusable code components that simplify the development process.

Integrate Proof of Machinehood

PoM integration as straightforward as importing AttestationVerificationBase.sol to the smart contract. This is independent of the machine (or device type) that the project supports.

Start by adding this line to the smart contract:

import {AttestationVerificationBase} from "@automata-network/proof-of-machinehood-contracts/AttestationVerificationBase.sol";

Upon importing the Proof of Machinehood libraries, the smart contract can invoke the verifyAttStmt() method. In doing so, the expected challenge and attestation data generated by the user's device via the is passed on to the function. This returns a boolean value that indicates the validity of the provided attestation.

The attestation format contains two parameters:

  • Attestation Object - Includes authenticator data and Attestation Statement. Different devices have pre-defined attestation statements, which is covered in the next section.

  • Client data - Stored as JSON string in an ArrayBuffer

The open-source code for Proof of Machinehood smart contract libraries can be found .


Attestation Statements

Verification of Android device attestation

Below is the Attestation Statement from an Android device, verified by this library, along with a detailed explanation of each field.

struct AttStmt {
    ISigVerifyLib.Algorithm alg;
    string jwtHeader;
    string jwtPayload;
    string jwtSignature;
    ISigVerifyLib.Certificate[] x5c;
}
  • alg: The algorithm used to generate the signature(jwtSignature) for the JWT (JSON Web Token).

  • jwtHeader: The header of the JWT obtained from Google's SafetyNet Service. This field contains a certificate chain that can be used to verify the identity of the device.

  • jwtPayload: The payload of the JWT from Google's SafetyNet Service. It includes fields such as ctsProfileMatch and basicIntegrity, which help in checking the device's integrity.

  • jwtSignature: The signature part of the JWT from Google's SafetyNet Service, which is signed using the first certificate in the x5c array.

  • x5c: The certificate chain included in the jwtHeader. This field is added to simplify the on-chain implementation process. Technically, it's possible to extract the certificate chain directly from the jwtHeader.

Verification of Windows device attestation

Below is the Attestation statement from a Windows device, verified by this library, along with a detailed explanation of each field.

struct AttStmt {
    ISigVerifyLib.Algorithm alg;
    bytes sig;
    ISigVerifyLib.Certificate[] x5c;
    bytes certInfo;
}
  • alg: The algorithm used to generate the signature sig.

  • sig: The signature created using the first certificate in x5c. It provides cryptographic proof of various properties of the device and the credential.

  • x5c: The certificate chain that verifies the identity of the device.

Verification of YubiKey attestation

Below is the attestation statement from a YubiKey, verified by this library, along with a detailed explanation of each field.

struct AttStmt {
    ISigVerifyLib.Algorithm alg;
    bytes signature;
    ISigVerifyLib.Certificate[] x5c;
}
  • alg: The algorithm used to generate the signature sig.

  • sig: The signature created using the first certificate in x5c. It provides cryptographic proof of specific properties of the device and the credential.

  • x5c: The certificate chain that verifies the identity of the device.

Refer to the for exact details.

certInfo: This is the data that is signed and represents a defined by Microsoft.

Refer to the for exact details.

Refer to the for exact details.

complete verification procedure
complex structure
complete verification procedure
complete verification procedure
Web Authentication API
here
GitHub - automata-network/proof-of-machinehood-contracts: Solidity library integration with third party smart contracts to perform on-chain verification on Proof of Machinehood attestations.GitHub
Logo