Overview
Intel TDX attestation library for binding arbitrary inputs and outputs to a hardware-backed quote.
livy-tee is the cryptographic core of the Livy stack. It provides the Rust primitives that let any program running inside an Intel TDX enclave prove — to anyone, without trusting Livy — exactly what it computed.
The crate has two layers:
- High-level API —
Livy+AttestBuilder+Attestation. Three lines to commit your inputs and outputs, one call to verify. Designed for application developers. - Low-level API — raw quote generation, REPORTDATA serialization, and local field extraction. For custom protocols and verifiers.
What it proves
Every attestation contains a TDX DCAP quote whose 64-byte REPORTDATA field commits to:
- A hash of all values your program chose to make public (
payload_hash). - The binary that ran (
build_id+mrtdin the quote header). - A nonce for replay protection.
The quote itself is signed by the CPU hardware via Intel's Quoting Enclave. The signature chains to Intel's root CA. Any third party can verify the chain without any Livy infrastructure.
Feature flags
| Feature | Default | Description |
|---|---|---|
| (none) | yes | TSM configfs quote generation — requires TDX hardware (Linux kernel ≥ 6.7) |
mock-tee | no | Correctly-shaped DCAP quote stub — no TDX hardware required, for development |
ita-verify | no | Intel Trust Authority REST API client + high-level Livy API |
# Development (no hardware)
livy-tee = { path = "../livy-tee", features = ["mock-tee"] }
# Production with ITA verification
livy-tee = { path = "../livy-tee", features = ["ita-verify"] }Install
[dependencies]
livy-tee = { path = "../livy-tee", features = ["ita-verify"] }
tokio = { version = "1", features = ["rt-multi-thread", "macros"] }Three-line quick start
use livy_tee::Livy;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Reads ITA_API_KEY from the environment.
let livy = Livy::from_env()?;
let input = b"the request your program received";
let output = b"the result your program produced";
let attestation = livy.attest()
.commit(&input.to_vec())
.commit(&output.to_vec())
.finalize()
.await?;
println!("mrtd: {}", attestation.mrtd);
println!("tcb_status: {}", attestation.tcb_status);
println!("payload_hash: {}", attestation.payload_hash_hex());
// Verify locally — no network, no hardware required.
assert!(attestation.verify()?);
Ok(())
}Run inside a TDX VM:
ITA_API_KEY=<your-key> ./your-binaryDevelopment without TDX hardware
Build and test with the mock-tee feature. All local extraction and REPORTDATA operations work identically on mock and real quotes. ITA verification is skipped (mock quotes are rejected by real ITA), so ita_token is empty.
# Build
cargo build -p livy-tee --features mock-tee
# Test
cargo test -p livy-tee --features mock-tee