Context
VisualSign self-hosted TEE deployments run inside an AWS Nitro Enclave whose runtime is provided by tkhq/qos. The qos git rev is pinned across ~8 qos_* workspace dependencies in src/Cargo.toml. To verify attestations from a deployment, wallet integrators need the PCR values (PCR0/PCR1/PCR2) of the corresponding qos enclave image.
Today, reproducing those PCR values is a manual sequence: read the rev out of Cargo.toml, clone qos, check out the rev, run make out/qos_enclave/index.json, then extract /nitro.pcrs from the resulting OCI image via skopeo + docker. The docs/wallet-integration/self-hosted-tee/getting-started.mdx page acknowledges this gap with a <Note> reading "Detailed instructions are coming soon."
Proposed change
Add a small bash tool at scripts/extract-nitro-pcrs.sh that automates the sequence:
- Read the qos rev from
src/Cargo.toml (asserting all qos_* deps agree).
- Clone tkhq/qos at that rev into an ephemeral
mktemp -d (overridable via --qos-dir).
- Run
make out/qos_enclave/index.json inside the qos checkout.
- Convert the OCI directory to a docker-archive tar by running
quay.io/skopeo/stable in a container — no host skopeo install needed.
docker load + docker cp /nitro.pcrs to the configured output path.- Print the PCR lines to stdout and clean up via
trap.
Also expand the self-hosted-tee getting-started doc with usage, options, a how-it-works walkthrough, and a reproducibility check, and update the attestation page's "Updating your allowlist" section to point at the new tool.
Acceptance criteria
Out of scope
- Wiring the script into CI (a separate change can add a job that runs it and asserts the expected hashes).
- Measuring
parser_app itself — these PCRs cover the qos enclave runtime only; parser_app is loaded into qos at runtime and is integrity-checked via the qos manifest (Level 3 attestation).
- Building parser_app into a custom EIF — VisualSign uses qos's loading model, not a bespoke EIF.
Context
VisualSign self-hosted TEE deployments run inside an AWS Nitro Enclave whose runtime is provided by tkhq/qos. The qos git rev is pinned across ~8
qos_*workspace dependencies insrc/Cargo.toml. To verify attestations from a deployment, wallet integrators need the PCR values (PCR0/PCR1/PCR2) of the corresponding qos enclave image.Today, reproducing those PCR values is a manual sequence: read the rev out of
Cargo.toml, clone qos, check out the rev, runmake out/qos_enclave/index.json, then extract/nitro.pcrsfrom the resulting OCI image viaskopeo+docker. Thedocs/wallet-integration/self-hosted-tee/getting-started.mdxpage acknowledges this gap with a<Note>reading "Detailed instructions are coming soon."Proposed change
Add a small bash tool at
scripts/extract-nitro-pcrs.shthat automates the sequence:src/Cargo.toml(asserting allqos_*deps agree).mktemp -d(overridable via--qos-dir).make out/qos_enclave/index.jsoninside the qos checkout.quay.io/skopeo/stablein a container — no hostskopeoinstall needed.docker load+docker cp /nitro.pcrsto the configured output path.trap.Also expand the self-hosted-tee getting-started doc with usage, options, a how-it-works walkthrough, and a reproducibility check, and update the attestation page's "Updating your allowlist" section to point at the new tool.
Acceptance criteria
scripts/extract-nitro-pcrs.shexists, ischmod +x, andshellcheck-clean.out/nitro.pcrscontaining PCR0/PCR1/PCR2 hex lines.docs/wallet-integration/self-hosted-tee/getting-started.mdxdocuments the tool.docs/wallet-integration/self-hosted-tee/attestation.mdxlinks to the new doc section from its allowlist-update flow.Out of scope
parser_appitself — these PCRs cover the qos enclave runtime only;parser_appis loaded into qos at runtime and is integrity-checked via the qos manifest (Level 3 attestation).