feat: compat code for non x86_64-linux

- do not build packages, which require `x86_64-linux` - use Phala `dcap-qvl` crate for remote attestation, if possible - nix: exclude `nixsgx` on non `x86_64-linux` platforms Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
2025-07-21 23:23:57 +02:00 · 2025-03-20 10:25:24 +01:00 · 2025-03-20 10:25:24 +01:00 · eb39705ff1
commit eb39705ff1
parent ed808efd03
41 changed files with 1531 additions and 519 deletions
--- a/bin/verify-era-proof-attestation/src/verification/attestation.rs
+++ b/bin/verify-era-proof-attestation/src/verification/attestation.rs
@ -1,10 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0
 // Copyright (c) 2023-2025 Matter Labs

-use teepot::quote::{
-    error::QuoteContext, tee_qv_get_collateral, verify_quote_with_collateral,
-    QuoteVerificationResult,
-};
+use teepot::quote::{get_collateral, verify_quote_with_collateral, QuoteVerificationResult};

 use crate::error;

@ -15,10 +12,7 @@ impl AttestationVerifier {
    /// Verify an attestation quote
    pub fn verify_quote(attestation_quote_bytes: &[u8]) -> error::Result<QuoteVerificationResult> {
        // Get collateral for the quote
-        let collateral = QuoteContext::context(
-            tee_qv_get_collateral(attestation_quote_bytes),
-            "Failed to get collateral!",
-        )?;
+        let collateral = get_collateral(attestation_quote_bytes)?;

        // Get current time for verification
        let unix_time: i64 = std::time::SystemTime::now()
--- a/bin/verify-era-proof-attestation/src/verification/policy.rs
+++ b/bin/verify-era-proof-attestation/src/verification/policy.rs
@ -19,7 +19,7 @@ impl PolicyEnforcer {
        quote_verification_result: &QuoteVerificationResult,
    ) -> Result<()> {
        let quote = &quote_verification_result.quote;
-        let tcblevel = TcbLevel::from(quote_verification_result.result);
+        let tcblevel = quote_verification_result.result;

        match &quote.report {
            Report::SgxEnclave(report_body) => {
--- a/bin/verify-era-proof-attestation/src/verification/reporting.rs
+++ b/bin/verify-era-proof-attestation/src/verification/reporting.rs
@ -1,7 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0
 // Copyright (c) 2023-2025 Matter Labs

-use teepot::quote::{tcblevel::TcbLevel, QuoteVerificationResult};
+use teepot::quote::QuoteVerificationResult;

 /// Handles reporting and logging of verification results
 pub struct VerificationReporter;
@ -11,7 +11,7 @@ impl VerificationReporter {
    pub fn log_quote_verification_summary(quote_verification_result: &QuoteVerificationResult) {
        let QuoteVerificationResult {
            collateral_expired,
-            result,
+            result: tcblevel,
            quote,
            advisories,
            ..
@ -21,7 +21,6 @@ impl VerificationReporter {
            tracing::warn!("Freshly fetched collateral expired!");
        }

-        let tcblevel = TcbLevel::from(*result);
        let advisories = if advisories.is_empty() {
            "None".to_string()
        } else {