Attestable

An MCP server that uses remote attestation to verify the code running on the server using RA-TLS and Intel SGX, ensuring trust and security for MCP clients.

Connections & Capabilities

Connects To

GitHubDocker

Capabilities

readwriteexec

Exposed MCP Tools (5)

safe

gramine-sgx-gen-private-key

Generates a private key for the Gramine SGX environment.

Generates a key, but does not expose it directly.

safe

gsc build-gramine

Builds the Gramine base image.

Builds an image, no network access or writes to sensitive locations.

safe

gsc build

Builds the attestable-mcp-server image.

Builds an image, no network access or writes to sensitive locations.

moderate

gsc sign-image

Signs the attestable-mcp-server image with the generated private key.

Signs the image, requires access to the private key.

safe

gsc info-image

Displays information about the signed image.

Read-only operation, no side effects.

Safety Assessment

The server's remote attestation features enhance security by verifying code integrity. However, reliance on specific hardware and the complexity of setup introduce potential risks. It is safe when the SGX environment is properly configured and maintained, but risky if the hardware or software components have vulnerabilities.

Remote attestation ensures code integrity.
Uses trusted execution environment (TEE) for secure operations.
Verification through SGX quote and certificate chain.
Signed artifacts provide independent verification.

Dependency on Intel SGX hardware.
Potential vulnerabilities in SGX implementation.
Complexity in setup and configuration.
Exposure of server on network.