Skip to content

attestation: redesign V1 with msgpack wire format and report_data payload#629

Merged
kvinwang merged 4 commits intomasterfrom
feat/tdx-quote-payload-variant
Apr 7, 2026
Merged

attestation: redesign V1 with msgpack wire format and report_data payload#629
kvinwang merged 4 commits intomasterfrom
feat/tdx-quote-payload-variant

Conversation

@kvinwang
Copy link
Copy Markdown
Collaborator

@kvinwang kvinwang commented Apr 2, 2026
edited
Loading

Summary

  • Redesign AttestationV1 as a direct platform/stack schema with adjacently-tagged serde enums
  • Use msgpack (rmp-serde) instead of CBOR for V1 wire format, consistent with existing msgpack usage in ra-tls for AppInfo
  • Carry report_data_payload inside a new DstackPod stack variant for dstack-k8s
  • Harden wire format detection, SCALE encode/decode with size limits, and V1 version checking

Changes

  • dstack-attest: new v1.rs module with Attestation/PlatformEvidence/StackEvidence types, msgpack serialization via to_vec_named
  • Wire format detection covers msgpack fixmap (0x80..=0x8f), map16 (0xde), map32 (0xdf)
  • Extract AttestationV1::with_report_data() method to deduplicate report_data patching across simulator and guest-agent tests
  • Fix size_hint in SCALE Encode impl to avoid double serialization
  • SCALE Encode/Decode restored with 10 MiB size limit

Test plan

  • cargo test -p dstack-attest --all-features — 6 tests pass
  • cargo check -p dstack-attest -p ra-tls -p dstack-guest-agent -p dstack-guest-agent-simulator

@kvinwang kvinwang force-pushed the feat/tdx-quote-payload-variant branch from 317c6dd to ac6a3d0 Compare April 2, 2026 10:28
@kvinwang kvinwang changed the title attestation: carry report_data payload in TDX quote variant attestation: redesign V1 as direct CBOR platform/stack schema Apr 2, 2026
@kvinwang kvinwang force-pushed the feat/tdx-quote-payload-variant branch 6 times, most recently from 68e62dc to 9799aa0 Compare April 2, 2026 15:00
@kvinwang kvinwang force-pushed the feat/tdx-quote-payload-variant branch from 9799aa0 to ae8a935 Compare April 2, 2026 15:08
kvinwang added 3 commits April 7, 2026 00:59
@kvinwang
fix: harden attestation V1 wire format and verification
98f03f8 
- Fix is_cbor_map_prefix to cover full CBOR map range (0xa0..=0xbf)
- Remove SCALE Encode/Decode impls for VersionedAttestation to avoid
  consuming all remaining input on decode
- Remove ambiguous 0x01 prefix fallback in from_bytes
- Change to_bytes to return Result instead of panicking via or_panic
- Add report_data_payload binding validation in verify_with_time
@kvinwang
fix: restore SCALE Encode/Decode with size limit, fix formatting
011ab37 
- Restore Encode/Decode impls for VersionedAttestation (needed by
  CertSigningRequestV2), with a 10 MiB size limit to prevent OOM
  on untrusted input
- Add size check in from_bytes for direct callers
- Document that VersionedAttestation must be the last field in SCALE
  containers due to the consume-all-remaining decode strategy
- Fix prek formatting
@kvinwang
fix: use or_panic instead of expect, fix formatting
dca6a90
@kvinwang kvinwang merged commit dd8d9cd into master Apr 7, 2026
15 checks passed
@kvinwang kvinwang changed the title attestation: redesign V1 as direct CBOR platform/stack schema attestation: redesign V1 with msgpack wire format and report_data payload Apr 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kvinwang