Every response comes with cryptographic proof that it ran in a secure TEE. This proof is generated by the TEE and ensures the response is secure and trustworthy: Attestation(step 1 ~ 4) and Signature(step 5).
1

TEE Hardware

Verify the physical hardware (CPU/GPU) is genuine and running in a secure TEE.
2

Operating System

Verify that dstack OS is a valid trusted computing base with no backdoors.
3

Source Code

Verify that the docker compose file with application image and configuration is secure.
4

Distributed Root-of-Trust

Verify that KMS of dstack, ensuring no unauthorized access.
5

Signature

Verify the integrity of request and response content.

Verify Attestation

Learn how to verify TEE hardware, operating system, source code, and distributed root-of-trust attestations

Verify Signature

Learn how to verify cryptographic signatures to ensure request and response integrity