Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.phala.com/llms.txt

Use this file to discover all available pages before exploring further.

Endpoint

GET https://api.redpill.ai/v1/attestation/report?model={model_id}&nonce={nonce}&signing_address={address}
The attestation report proves a model endpoint is backed by TEE hardware and provides the evidence needed for hardware, software, and signer binding checks.
Always include a fresh random nonce when fetching attestations for security-sensitive verification. A nonce prevents replay of an older valid attestation.

Parameters

model
string
required
Model ID to attest.Examples: phala/qwen3.5-27b, phala/qwen-2.5-7b-instruct, openai/gpt-oss-120b, z-ai/glm-5.
nonce
string
Fresh 32-byte random value encoded as 64 hex characters. The nonce is embedded in the TEE report data.
signing_address
string
Ethereum address or public key used to filter attestations in multi-server deployments. Use this when binding a response signature to a specific TEE signer.

Examples

NONCE=$(openssl rand -hex 32)

curl "https://api.redpill.ai/v1/attestation/report?model=phala/qwen3.5-27b&nonce=$NONCE" \
  -H "Authorization: Bearer <API_KEY>"

Response Formats

The response format depends on the provider behind the model.

Phala / NearAI Two-Layer Format

Models may return separate gateway and model attestations: 
{
  "gateway_attestation": {
    "signing_address": "0x...",
    "signing_algo": "ecdsa",
    "intel_quote": "hex-encoded-tdx-quote",
    "event_log": [],
    "report_data": "...",
    "request_nonce": "...",
    "info": {
      "vm_config": "..."
    }
  },
  "model_attestations": [
    {
      "model_name": "phala/qwen3.5-27b",
      "signing_address": "0x...",
      "signing_algo": "ecdsa",
      "intel_quote": "hex-encoded-tdx-quote",
      "nvidia_payload": "{...json gpu attestation...}",
      "event_log": [],
      "info": {
        "tcb_info": "{...app_compose...}",
        "vm_config": "..."
      }
    }
  ]
}

Chutes Format

Some models return Chutes-style instance attestations: 
{
  "attestation_type": "chutes",
  "nonce": "...",
  "all_attestations": [
    {
      "instance_id": "uuid",
      "nonce": "...",
      "intel_quote": "base64-encoded-tdx-quote",
      "gpu_evidence": [
        { "certificate": "...", "evidence": "...", "arch": "HOPPER" }
      ],
      "e2e_pubkey": "..."
    }
  ]
}

Flat Format

Older Phala-native responses may expose fields at the top level: 
{
  "signing_address": "0x...",
  "signing_algo": "ecdsa",
  "request_nonce": "...",
  "intel_quote": "hex-encoded-tdx-quote",
  "nvidia_payload": "{...}",
  "info": {
    "tcb_info": "{\"app_compose\":\"...\"}"
  }
}

Important Fields

FieldDescription
signing_addressAddress or key used by the TEE to sign responses
signing_algoSignature algorithm, commonly ecdsa
request_nonce / nonceNonce included in the attestation
intel_quoteIntel TDX quote for CPU TEE verification
nvidia_payloadNVIDIA GPU attestation payload
event_logBoot event log for software stack verification
info.vm_configVM configuration evidence
info.tcb_info.app_composeDocker Compose application evidence
gateway_attestationGateway TEE attestation
model_attestationsOne or more model runtime attestations
all_attestationsProvider-specific list of model instance attestations

Verification Flow

  1. Generate a fresh nonce.
  2. Fetch an attestation report for the exact model.
  3. Verify the Intel TDX quote.
  4. Verify GPU evidence when nvidia_payload or gpu_evidence is present.
  5. Confirm the report data binds the nonce and expected signing address.
  6. Verify application measurements such as compose hash and image provenance when available.
For a walkthrough, see Verify Attestation.