Verification
January 13, 2026 ยท View on GitHub
Attestation is cryptographic proof that your app runs in genuine TEE hardware with exactly the code you expect. No one can fake it.
What Attestation Proves
When you verify a dstack deployment, you're checking three things:
- Genuine hardware - Hardware vendor signatures confirm real TEE hardware generated the proof (Intel TDX, NVIDIA CC, or AMD SEV)
- Correct code - The compose-hash matches your docker-compose configuration
- Secure environment - OS and firmware measurements show no tampering
If any of these fail, the cryptographic proof won't verify.
How to Verify
Phala Cloud users: Every deployment gets an automatic Trust Center report. This verifies hardware, code, and environment without manual steps.
Programmatic verification: dstack provides several tools:
- dstack-verifier - HTTP service with
/verifyendpoint, also runs as CLI - dcap-qvl - Open source quote verification library (Rust, Python, JS/WASM, CLI)
- SDKs - JavaScript and Python SDKs include
replayRtmrs()for local RTMR verification
Learn More
- Attestation Documentation - Generating quotes, programmatic verification, RTMR3 replay
- Confidential AI Verification - GPU TEE attestation for AI workloads
- Domain Attestation - TLS certificates managed in TEE
See It Live
Visit chat.redpill.ai and click the shield icon next to any response. This shows attestation verification from a real confidential AI deployment.