> ## Documentation Index
> Fetch the complete documentation index at: https://docs.phala.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Attestation Report
> Fetch the gateway TEE attestation report, bound to a caller-supplied nonce.
## Endpoint
```bash theme={"system"}
GET https://inference.phala.com/v1/aci/attestation?nonce={nonce}
```
This endpoint returns the ACI gateway's attestation report. The report proves which TEE workload serves the API and publishes the public keyset used for receipts and end-to-end encryption.
Always pass a fresh random `nonce` when verifying an attestation report. The gateway binds the nonce into the quote's report data so old reports cannot be replayed as fresh evidence.
## Parameters
Fresh random value, for example 16 or 32 bytes encoded as hex.
## Example
```bash cURL theme={"system"}
NONCE=$(openssl rand -hex 16)
curl "https://inference.phala.com/v1/aci/attestation?nonce=$NONCE" \
-H "Authorization: Bearer "
```
```python Python theme={"system"}
import secrets
import requests
nonce = secrets.token_hex(16)
response = requests.get(
"https://inference.phala.com/v1/aci/attestation",
params={"nonce": nonce},
headers={"Authorization": "Bearer "},
)
report = response.json()
```
## Response
`200 OK`, `application/json`. The response is the bare attestation report.
### Top-level fields
| Field | Type | Description |
| ------------------------ | ------ | ------------------------------------------------------------------------ |
| `api_version` | string | ACI version token, for example `aci/1`. |
| `workload_id` | string | `sha256:...` identity of the running gateway workload. |
| `workload_keyset_digest` | string | `sha256:...` digest over the published keyset. |
| `attestation` | object | TEE evidence, source provenance, and keyset data. |
| `all_attestations` | array | Full attestation objects for each server in a multi-instance deployment. |
| `service_capabilities` | object | Runtime capabilities such as supported E2EE versions. |
### `attestation` object
| Field | Type | Description |
| -------------------- | ------ | --------------------------------------------------------------------------------------------- |
| `tee_type` | string | TEE technology, for example `tdx`. |
| `vendor` | string | Deployment vendor tag. |
| `report_data` | string | Value bound into the quote. It commits to your nonce and the keyset. |
| `freshness` | object | `fetched_at` and `stale_after` timestamps. |
| `source_provenance` | object | Source repo, commit, image digest, and image provenance when available. |
| `workload_keyset` | object | Workload identity, receipt signing keys, E2EE public keys, TLS public keys, and keyset epoch. |
| `keyset_endorsement` | object | Signature over the keyset under the workload identity key. |
| `evidence` | object | TDX quote, quote report data, event log, VM config, and key custody details. |
```json theme={"system"}
{
"api_version": "aci/1",
"workload_id": "sha256:3def476b...",
"workload_keyset_digest": "sha256:3eff0836...",
"attestation": {
"tee_type": "tdx",
"vendor": "phala-confidential-ai",
"report_data": "7b7daf62...",
"freshness": {
"fetched_at": 1781589476,
"stale_after": 1781593076
},
"source_provenance": {
"repo_url": "https://github.com/Dstack-TEE/private-ai-gateway.git",
"repo_commit": "9d45c7e3d48d2f74c31cd85f1fb5c6cee1435ef3",
"image_digest": null,
"image_provenance": null
},
"workload_keyset": {
"workload_identity": { "public_key": { "algo": "ecdsa-secp256k1", "public_key": "04d3b5..." } },
"receipt_signing_keys": [
{ "key_id": "dstack-kms-receipt-v1", "algo": "ecdsa-secp256k1", "public_key": "04211c..." }
],
"e2ee_public_keys": [
{ "key_id": "dstack-kms-e2ee-v1", "algo": "secp256k1-aes-256-gcm-hkdf-sha256", "public_key": "04943c..." }
],
"tls_public_keys": [],
"keyset_epoch": { "version": 1, "not_after": 18446744073709551615 }
},
"keyset_endorsement": { "algo": "ecdsa-secp256k1", "value": "a91bff..." },
"evidence": {
"quote": "040002008100...",
"quote_report_data": "7b7daf...",
"event_log": "[{...}]",
"vm_config": "{...}",
"key_custody": { "provider": "dstack-kms", "keys": [] }
}
},
"all_attestations": [],
"service_capabilities": { "supported_e2ee_versions": ["2"] }
}
```
## Verification Flow
1. Verify `attestation.evidence.quote` against Intel DCAP collateral.
2. Confirm the quote report data binds your `nonce` and the `workload_keyset`.
3. Verify `keyset_endorsement` under `workload_keyset.workload_identity`.
4. Confirm `workload_id` and `workload_keyset_digest` match the receipts you verify.
5. Confirm `freshness.stale_after` is in the future.
6. For production policy, confirm `source_provenance` matches the release you trust.
The end-to-end walkthrough is in [Verify a Response](/phala-cloud/confidential-ai/verify/verify-signature).
## Legacy Alias
`GET /v1/attestation/report` remains available as a compatibility alias for earlier clients. It returns the same gateway attestation, wrapped for older response shapes with top-level signer fields.
## Related
Fetch the signed per-response receipt.
Learn what each attestation field proves.