We perform standard cryptographic verification to ensure the integrity of your Confidential Computing environment.
We extract the signature from the attestation report and verify it against the Versioned Chip Endorsement Key (VCEK) certificate chain rooted in AMD's hardware root of trust.
We validate the CURRENT_TCB against the COMMITTED_TCB to ensure the platform firmware is up-to-date and not vulnerable to known exploits.
We check the POLICY field to confirm that debug modes are disabled and that the guest page migration is restricted as expected.
While the steps above are technically sound, you should not be reading this page.
Verification of an attestation report implies a zero-trust model. By sending your report to a third-party service (like us) for verification, you are introducing a trusted intermediary, which completely negates the purpose of Confidential Computing.
Naturally, you should never entrust verification procedures to strangers like us. Download the certificates and verify the signature locally on your own machine.