Are you an LLM? Read llms.txt for a summary of the docs, or llms-full.txt for the full context.
Skip to content
Open Source TEE Attestation SDK

Cryptographic proofyour code runs in a TEE.

One macro. Hardware-backed Ed25519 signatures on every HTTP response. No SGX expertise required.
Get StartedGitHub
cargo add guarantee
Add one attribute. That's it.
use guarantee::attest;
 
#[attest] 
async fn get_price() -> Json<PriceResponse> {
    Json(PriceResponse { price: oracle.latest() })
}
🛡

Hardware Attestation

Every response is signed with an Ed25519 key bound to an SGX enclave measurement via DCAP quotes.

🔒

Sealed State

Enclave-bound encrypted storage with automatic backup, restore, and schema versioning via the state! macro.

Zero Boilerplate

Works with axum out of the box. Same binary runs locally in dev mode and inside Gramine SGX in production.

🔐

Transparent Encryption

Derive Encrypted on any struct for automatic AES-256-GCM encryption. Works with Postgres, Redis, and any serde backend.

🔗

RA-TLS

Remote attestation baked into TLS handshakes. Verify enclave identity before sending a single byte of data.

Verifiable by Anyone

Callers independently verify the attestation chain — startup quote proves the enclave, response signature proves the data.

How it works

1

Enclave boots

Generates an ephemeral Ed25519 keypair inside SGX.

2

Startup quote

SGX hardware attests the public key is bound to the enclave measurement.

3

Every response signed

The #[attest] macro signs each response body with the enclave key.

4

Anyone verifies

Check the quote, then check the signature. Proof from silicon to JSON.

Start building with trust guarantees

From price oracles to key signers — if your users need to trust the output, Guarantee proves it.

Read the docsSee examples