Attestation
Attestation
Attestation is a security process used to verify that a system is running trusted software inside a trusted environment.
In Cube AI, attestation ensures that the confidential computing environment (CVM) has not been tampered with before Cube AI services start running.
Cube AI performs attestation both internally during the boot sequence of the confidential virtual machine (CVM) and via a user-facing endpoint that allows clients to verify trust guarantees.
Powered by Cocos AI
Cube AI utilizes the Cocos AI attestation stack to provide robust, hardware-backed security guarantees. By building on Cocos, Cube AI benefits from established attestation mechanisms without reinventing the wheel.
While Cocos AI primarily focuses on providing tools for Secure Multi-Party Computation (SMPC), Cube AI leverages this foundation specifically to secure Large Language Models (LLMs) running inside Trusted Execution Environments (TEEs).
For deep technical details on the underlying attestation mechanisms, we refer you to the excellent Cocos documentation:
- Measured Boot: How the system state is measured using vTPM and Linux IMA before workloads run.
- Attestation Reports: The structure and validation of hardware-backed reports (AMD SEV-SNP, Intel TDX).
- Attested TLS (aTLS): How secure communication channels are established based on successful attestation.
How Cube AI Uses Attestation Today
Cube AI runs inside hardware-backed Confidential Virtual Machines (CVMs) based on AMD SEV-SNP and Intel TDX.
These confidential computing technologies provide:
- Full memory encryption
- Protection from a malicious hypervisor or cloud provider
- Integrity verification of the VM state
- Hardware-enforced measurement of what software boots inside the VM
During startup:
- The CVM performs hardware attestation using platform-specific attestation mechanisms (AMD SEV-SNP or Intel TDX).
- Measurements are validated internally before Cube AI components start.
- If the environment does not match expected measurements, the system refuses to start.
Because this attestation happens before any workloads run, Cube AI ensures that:
- The AI backend (Ollama or vLLM) is running on trusted code
- The proxy and API services are verified
- Sensitive data and model prompts are protected from host-level access
Why Attestation Matters
Confidential Computing provides strong isolation, but attestation ensures:
- The VM truly has confidential computing protections enabled
- The system hasn’t been modified by the cloud provider
- No unauthorized code is executed inside the confidential environment
- All model prompts and responses remain protected even from the host
This is essential for:
- Enterprise deployments
- Regulated industries (healthcare, finance, defense, R&D)
- Zero-trust security architectures
- Protecting sensitive AI inputs and outputs
User-Facing Attestation
Cube AI allows users to verify they are interacting with a trusted instance either programmatically via the API or directly through the web interface.
🔹 Web UI
Users can view the system's Attestation Report and the current Attestation Policy directly from the Chat interface. This provides a convenient, human-readable way to verify the trust guarantees of the current domain.
Furthermore, you can download both the Attestation Report and the Attestation Policy to perform local, offline validation. You can use the Cocos CLI to cryptographically verify the downloaded report matches the downloaded policy. This ensures end-to-end trust that hasn't been tampered with by the web interface.
cocos-cli attestation validate <path-to-downloaded-report> --policy <path-to-downloaded-policy>🔹 Attestation Endpoint
Applications can programmatically request an attestation report using:
POST /attestationThe returned attestation data can be validated by the client to ensure that the Cube AI instance is running inside a trusted confidential computing environment.