Intel SGX/TDX DCAP

Verification of Intel SGX and Intel TDX attestations onchain requires two core components:

• Automata Onchain PCCS

• Automata DCAP Attestation

Both components are designed to be used directly by end-users or integrated into higher-level smart contracts.

Automata Onchain PCCS

In the DCAP (Data Center Attestation Primitives) model, verifiers obtain attestation collateral from the Provisioning Certification Caching Service (PCCS), but typically rely on locally-run or centralized PCCS instances. These deployments introduce several issues: operational overhead, inconsistent collateral updates, trust dependencies, and a lack of transparency.

Automata Onchain PCCS removes constraints by establishing a decentralized repository that stores, maintains, and caches DCAP attestation collateral directly onchain. This involves a collection of data access object contracts that manage X509 Certificates, Certificate Revocation Lists, and signed collaterals, all crucial for quote verifications.

The library ensures all collaterals are validated and updated routinely, guaranteeing that Intel DCAP quotes are produced from systems compliant with Intel security standards. Different parties in the attestation process (provers, verifiers, and contributors) can all interact with attestation collateral in a deterministic and trust-minimized manner.

Automata DCAP Attestation

Automata DCAP Attestation provides the quote verification layer for Intel SGX and TDX. This library functions like the Intel QVL, allowing users to verify their DCAP quotes onchain. Users have the flexibility to select between two verification paths:

• Full onchain execution for maximum transparency

• Verifying zero-knowledge proofs with significantly reduced gas consumption across multiple proving programs from Risc Zero, Succinct and Brevis

Automata DCAP Attestation is the most widely deployed onchain library for Intel SGX and TDX attestations, supporting over 20+ networks (EVM and Solana), and being utilized by projects including Flashtestations by the Flashbots team, Jovay Network by Ant Digital, Espresso, Phala Network, Secret Network, Oasis Network, t1 protocol, and Stoffel MPC (non-exhaustive).

v1.1 introduces new changes, including:

• Transitioning to a public monorepo that provides a unified repository for the entire DCAP Attestation workflow

• Added support for zk proofs generated by Pico zkVM for increased proving diversity

• Full Intel Quote V5 verification for long-term compatibility across SGX and TDX attestations

• Granular TCB Recovery controls for more precise policy enforcement by protocols

• Support for EIP-7951 precompile to reduce onchain verification costs with the upcoming Fusaka upgrade on Ethereum

The diagram below illustrates the overall architecture.