Skip to main content
GET
/
attestation
/
report
Attestation Report
curl --request GET \
  --url https://api.redpill.ai/v1/attestation/report \
  --header 'Authorization: Bearer <token>'

Documentation Index

Fetch the complete documentation index at: https://docs.redpill.ai/llms.txt

Use this file to discover all available pages before exploring further.

Get Attestation Report

Returns cryptographic proof of TEE execution with hardware-signed measurements. 
GET https://api.redpill.ai/v1/attestation/report?model={model_id}&nonce={nonce}&signing_address={address}
Try it now! Click the “Try it” button above to test the API in the playground. You’ll need:
  1. Your API key (add it when prompted)
  2. The model parameter is pre-filled with phala/qwen-2.5-7b-instruct
  3. Optionally add nonce for replay protection
Security Best Practice: Always include a fresh random nonce when fetching attestations to prevent replay attacks. Generate a 32-byte random value (64 hex characters) for each request.

Parameters

model
string
default:"phala/qwen-2.5-7b-instruct"
Model ID for TEE attestation (required for Phala confidential models)Examples: z-ai/glm-5.1, z-ai/glm-5, phala/qwen3.5-27b, phala/qwen-2.5-7b-instruct, openai/gpt-oss-120b
nonce
string
Random 32-byte value (64 hex characters) to prevent replay attacks. The nonce will be embedded in the TEE attestation report data.Example: a1b2c3d4e5f6... (64 hex characters)Security: Generate fresh nonce for each request using secrets.token_hex(32) in Python or openssl rand -hex 32 in bash.
signing_address
string
Ethereum address (ECDSA) or Ed25519 public key to filter attestations in multi-server deployments.Use case: When verifying signatures, provide the signing address recovered from the signature to get attestation for that specific TEE instance.Example: 0x1234567890abcdef... (ECDSA address)

Example

Basic Request (without nonce)

curl "https://api.redpill.ai/v1/attestation/report?model=phala/qwen-2.5-7b-instruct" \
  -H "Authorization: Bearer YOUR_API_KEY"

# Generate fresh nonce
NONCE=$(openssl rand -hex 32)

curl "https://api.redpill.ai/v1/attestation/report?model=phala/qwen-2.5-7b-instruct&nonce=$NONCE" \
  -H "Authorization: Bearer YOUR_API_KEY"

With Signing Address (for signature verification)

NONCE=$(openssl rand -hex 32)
SIGNING_ADDRESS="0x1234567890abcdef..."

curl "https://api.redpill.ai/v1/attestation/report?model=phala/qwen-2.5-7b-instruct&nonce=$NONCE&signing_address=$SIGNING_ADDRESS" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

The response format depends on the provider backing the model. The verifier auto-detects and handles all formats.

Phala / NearAI (Two-Layer Format)

Models backed by Phala or NearAI return separate gateway and model attestations: 
{
  "gateway_attestation": {
    "signing_address": "0x...",
    "signing_algo": "ecdsa",
    "intel_quote": "hex-encoded-tdx-quote",
    "event_log": [...],
    "report_data": "...",
    "request_nonce": "...",
    "info": { "vm_config": "..." }
  },
  "model_attestations": [{
    "model_name": "openai/gpt-oss-120b",
    "signing_address": "0x...",
    "signing_algo": "ecdsa",
    "intel_quote": "hex-encoded-tdx-quote",
    "nvidia_payload": "{...json gpu attestation...}",
    "event_log": [...],
    "info": { "tcb_info": "{...app_compose...}", "vm_config": "..." }
  }]
}

Chutes Format

Models backed by Chutes return a different structure with base64-encoded quotes: 
{
  "attestation_type": "chutes",
  "nonce": "...",
  "all_attestations": [{
    "instance_id": "uuid",
    "nonce": "...",
    "intel_quote": "base64-encoded-tdx-quote",
    "gpu_evidence": [
      { "certificate": "...", "evidence": "...", "arch": "HOPPER" }
    ],
    "e2e_pubkey": "..."
  }]
}

Phala Native (Flat Format, older models)

Some Phala-native models return fields at the top level: 
{
  "signing_address": "0x...",
  "signing_algo": "ecdsa",
  "request_nonce": "...",
  "intel_quote": "hex-encoded-tdx-quote",
  "nvidia_payload": "{...}",
  "info": {
    "tcb_info": "{\"app_compose\": \"...\"}"
  }
}

Response Fields

FieldTypeDescription
signing_addressstringEthereum address (ECDSA) or Ed25519 public key used for signing
signing_algostringSignature algorithm: "ecdsa" or "ed25519"
request_noncestringThe nonce you provided or the nonce embedded in TEE report data
intel_quotestringIntel TDX quote (hex or base64 encoded) for CPU TEE verification
nvidia_payloadstringNVIDIA GPU attestation payload (JSON string)
event_logarrayBoot event log for dstack deep verification
info.vm_configstringVM configuration for dstack verification
info.tcb_info.app_composestringDocker compose configuration (JSON string)
gateway_attestationobjectTEE gateway attestation (Phala/NearAI)
model_attestationsarrayModel inference TEE attestations (Phala/NearAI)
all_attestationsarrayAll instance attestations (Chutes)
attestation_typestringProvider type: "chutes" (Chutes only)
Provider auto-detection: The RedPill Verifier SDK automatically detects the response format and applies the correct verification logic for each provider.

Attestation Guide

Learn how to verify attestation →