Skip to main content

TEE Verification

Verify that your API requests are processed in genuine TEE hardware. This guide covers programmatic verification for production systems.

Quick Start

# Clone the verifier
git clone https://github.com/redpill-ai/redpill-verifier.git
cd redpill-verifier
pip install requests eth-account

# Verify attestation (no API key needed)
python3 attestation_verifier.py --model phala/deepseek-chat-v3-0324

Attestation API

Get Attestation Report

Fetch a fresh attestation report with your nonce: 
# Generate nonce (must be hex-encoded)
NONCE=$(openssl rand -hex 32)

# Request attestation (no auth required)
curl "https://api.redpill.ai/v1/attestation/report?model=phala/deepseek-chat-v3-0324&nonce=$NONCE"
Response structure: 
{
  "signing_address": "0xf852123106C1E6452b175077053c52A61Ccb1194",
  "signing_algo": "ecdsa",
  "request_nonce": "c63c4bb155a84557...",
  "intel_quote": "hex-encoded-tdx-quote",
  "nvidia_payload": "{...json gpu attestation...}",
  "info": {
    "tcb_info": "{...docker compose manifest...}"
  },
  "all_attestations": [...]
}

Verify Attestation (Python)

from attestation_verifier import fetch_report, check_tdx_quote, check_gpu, check_report_data
import secrets

# Generate fresh nonce
nonce = secrets.token_hex(32)

# Fetch attestation
attestation = fetch_report("phala/deepseek-chat-v3-0324", nonce)

# Verify Intel TDX
intel_result = check_tdx_quote(attestation)
# Output: Intel TDX quote verified: True

# Verify report data binds signing key and nonce
check_report_data(attestation, nonce, intel_result)
# Output: Report data binds signing address: True
# Output: Report data embeds request nonce: True

# Verify NVIDIA GPU
check_gpu(attestation, nonce)
# Output: GPU payload nonce matches request_nonce: True
# Output: NVIDIA attestation verdict: True

Signature API

Get Request Signature

After making a chat completion, get the cryptographic signature: 
curl "https://api.redpill.ai/v1/signature/{chat_id}?model=phala/deepseek-chat-v3-0324" \
  -H "Authorization: Bearer $REDPILL_API_KEY"
Response: 
{
  "text": "request_hash:response_hash",
  "signature": "0xe56dcf782ec610e493d7254fdf60568f...",
  "signing_address": "0xf852123106C1E6452b175077053c52A61Ccb1194",
  "signing_algo": "ecdsa"
}

Verify Signature (Python)

from hashlib import sha256
from eth_account import Account
from eth_account.messages import encode_defunct

# Your request and response
request_body = '{"model": "phala/deepseek-chat-v3-0324", "messages": [...]}'
response_text = '{"id": "chatcmpl-...", ...}'

# Calculate hashes
request_hash = sha256(request_body.encode()).hexdigest()
response_hash = sha256(response_text.encode()).hexdigest()

# Get signature from API
signature_data = fetch_signature(chat_id, model)

# Verify hashes match
server_req_hash, server_resp_hash = signature_data["text"].split(":")
assert request_hash == server_req_hash, "Request hash mismatch!"
assert response_hash == server_resp_hash, "Response hash mismatch!"

# Recover signer from signature
message = encode_defunct(text=signature_data["text"])
recovered = Account.recover_message(message, signature=signature_data["signature"])

# Verify signer matches claimed address
assert recovered.lower() == signature_data["signing_address"].lower()
print("✅ Signature valid")

Complete Example

import json
import requests
import secrets
from hashlib import sha256
from eth_account import Account
from eth_account.messages import encode_defunct

API_KEY = "your-api-key"
MODEL = "phala/deepseek-chat-v3-0324"

# 1. Make chat completion
body = {
    "model": MODEL,
    "messages": [{"role": "user", "content": "Hello!"}],
    "max_tokens": 10
}
body_json = json.dumps(body)

response = requests.post(
    "https://api.redpill.ai/v1/chat/completions",
    headers={"Authorization": f"Bearer {API_KEY}", "Content-Type": "application/json"},
    data=body_json
)
chat_id = response.json()["id"]
response_text = response.text

# 2. Get signature
sig_resp = requests.get(
    f"https://api.redpill.ai/v1/signature/{chat_id}?model={MODEL}",
    headers={"Authorization": f"Bearer {API_KEY}"}
)
sig = sig_resp.json()

# 3. Verify hashes
request_hash = sha256(body_json.encode()).hexdigest()
response_hash = sha256(response_text.encode()).hexdigest()
server_req, server_resp = sig["text"].split(":")

print(f"Request hash matches: {request_hash == server_req}")
print(f"Response hash matches: {response_hash == server_resp}")

# 4. Verify signature
message = encode_defunct(text=sig["text"])
recovered = Account.recover_message(message, signature=sig["signature"])
print(f"Signature valid: {recovered.lower() == sig['signing_address'].lower()}")

# 5. Verify signing key is bound to TEE
nonce = secrets.token_hex(32)
attest_resp = requests.get(
    f"https://api.redpill.ai/v1/attestation/report?model={MODEL}&nonce={nonce}&signing_address={sig['signing_address']}"
)
attestation = attest_resp.json()
print(f"Signing address in attestation: {attestation['signing_address'] == sig['signing_address']}")

What You’re Verifying

CheckWhat It Proves
Intel TDX quoteCode runs in genuine Intel TDX CPU enclave
NVIDIA attestationGPU is genuine H100/H200 with confidential computing
Report data binds addressSigning key was generated inside TEE
Nonce embeddedAttestation is fresh, not replayed
mr_config matches composeRunning code matches published Docker compose
Request/response hashYour exact request was signed
Signature validResponse came from the claimed signing address

Available Models

Models supporting TEE verification: 
# Phala Network
phala/deepseek-chat-v3-0324
phala/qwen-2.5-7b-instruct
phala/gpt-oss-120b
phala/gpt-oss-20b
phala/qwen2.5-vl-72b-instruct
phala/gemma-3-27b-it

# Tinfoil
tinfoil/deepseek-r1
tinfoil/qwen3-coder-480b
tinfoil/llama-3.3-70b

# Near AI
nearai/deepseek-v3.1
nearai/glm-4.6

CI/CD Integration

# .github/workflows/verify-tee.yml
name: Verify TEE Attestation

on:
  schedule:
    - cron: '0 * * * *'  # Hourly
  workflow_dispatch:

jobs:
  verify:
    runs-on: ubuntu-latest
    steps:
      - name: Clone verifier
        run: |
          git clone https://github.com/redpill-ai/redpill-verifier.git
          pip install requests eth-account

      - name: Verify models
        run: |
          cd redpill-verifier
          python3 attestation_verifier.py --model phala/deepseek-chat-v3-0324 2>&1 | tee result.txt

      - name: Check results
        run: |
          if grep -q "False" redpill-verifier/result.txt; then
            echo "❌ TEE verification failed!"
            exit 1
          fi
          echo "✅ All checks passed"

Troubleshooting

Cause: Nonce contains non-hex characters.Fix: Use openssl rand -hex 32 or secrets.token_hex(32).
Cause: Quote validation failed against Intel certificates.Action: Retry. If persistent, report to [email protected].
Cause: Possible replay attack or stale attestation.Action: Generate new nonce and retry.
Cause: Response was modified or signing key mismatch.Action: Do not trust this response. Report to [email protected].

API Reference

Attestation Endpoint

Full attestation API reference

Signature Endpoint

Full signature API reference