Automata FMSPC TCB DAO

Summary

The FmspcTcbDao contract manages onchain storage and retrieval of Intel SGX TCBInfo collateral (TCBInfo.json). It handles TCB (Trusted Computing Base) information for both SGX and TDX platforms, indexed by FMSPC (Firmware/Manufacturing Security Version PC), providing methods to upsert and query TCB data with signature verification against Intel's TCB Signing Certificate.

Methods

TCB_EVALUATION_NUMBER

function TCB_EVALUATION_NUMBER() external view returns (uint32)

Returns:

• TCB_EVALUATION_NUMBER (uint32) - The TCB Evaluation Data Number that the specific contract is assigned for retrieval.

getTcbInfo

function getTcbInfo(uint256 tcbType, string calldata fmspc, uint256 version)
    external
    view
    returns (TcbInfoJsonObj memory tcbObj)

Queries TCB Info for the given FMSPC, TCB type, and version.

Parameters:

• tcbType (uint256): TCB type - 0: SGX; 1: TDX
• fmspc (string): FMSPC identifier as hex string
• version (uint256): TCB Info version (v2 or v3)

Returns:

• tcbObj (TcbInfoJsonObj): The TCB Info JSON string representation and signature

upsertFmspcTcb

function upsertFmspcTcb(TcbInfoJsonObj calldata tcbInfoObj) external returns (bytes32 attestationId)

Upserts (inserts or updates) TCB Info data on-chain with signature verification and rollback protection.

Parameters:

• tcbInfoObj (TcbInfoJsonObj): The TCB Info JSON string and signature

Returns:

• attestationId (bytes32): The attestation ID returned by the resolver

getTcbIssuerChain

function getTcbIssuerChain() external view returns (bytes memory signingCert, bytes memory rootCert)

Fetches the certificate chain used to sign TCB Info data.

Returns:

• signingCert (bytes): DER encoded Intel TCB Signing Certificate
• rootCert (bytes): DER encoded Intel SGX Root CA

Reverts