> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tinfoil.sh/llms.txt
> Use this file to discover all available pages before exploring further.

# Attestation document specifications

Tinfoil Enclaves serve the remote attestation document over HTTP at the well
known endpoint `/.well-known/tinfoil-attestation`.

The document is a JSON object containing a format identifier and a signed enclave
remote attestation payload.

## Schema

```json theme={"dark"}
{
  "format": "<PREDICATE_TYPE>",
  "body": "<ATTESTATION_BODY>"
}
```

## Fields

The attestation document is represented as a JSON object with the following fields:

`format` *string ([TypeURI](https://github.com/in-toto/attestation/blob/main/spec/v1/field_types.md#typeuri)), required*

> URI identifying the type of attestation format. This URI is identical
> to the predicate TypeURI field in the enclave's Sigstore attestations, conformant to [in-toto.io/Statement/v1](https://github.com/in-toto/attestation/blob/main/spec/v1/statement.md).

`body` *string, required*

> Base64 encoding of the gzip-compressed hardware attestation report.
> The report embeds user data whose structure depends on the format version:
>
> * **v1 formats**: 32-byte TLS public key fingerprint (SHA-256)
> * **v2 formats**: 32-byte TLS public key fingerprint + 32-byte HPKE public key
>
> Both v1 and v2 predicates use the same register format per below.

## Supported Formats

Tinfoil currently supports the following remote attestation formats:

### AMD SEV-SNP Guest Attestation

**Format URI:** `https://tinfoil.sh/predicate/sev-snp-guest/VERSION`

The attestation format is the base64 encoding of the attestation report structure defined by the [AMD SEV-SNP specification](https://www.amd.com/content/dam/amd/en/documents/developer/56860.pdf).

**Registers:**

* Register 0: SEV-SNP launch measurement

### Intel TDX Guest Attestation

**Format URI:** `https://tinfoil.sh/predicate/tdx-guest/VERSION`

The attestation format contains TDX-specific measurements including MRTD (Measurement Register of Trust Domain) and RTMRs (Runtime Measurement Registers).

**Registers:** ([follow TDX standard](https://www.intel.com/content/www/us/en/content-details/853294/intel-trust-domain-extensions-intel-tdx-module-base-architecture-specification.html))

* Register 0: MRTD
* Register 1: RTMR0
* Register 2: RTMR1
* Register 3: RTMR2
* Register 4: RTMR3 (empty)

### SNP-TDX Multi-Platform Attestation

**Format URI:** `https://tinfoil.sh/predicate/snp-tdx-multiplatform/VERSION`

A unified attestation format that supports both AMD SEV-SNP and Intel TDX platforms within a single measurement structure.
This format enables cross-platform verification and measurement comparison between
SEV-SNP and TDX hardware attestations.

**Registers:**

* Register 0: SEV-SNP launch measurement (equivalent to `https://tinfoil.sh/predicate/sev-snp-guest/v1` register 0)
* Register 1: TDX RTMR1
* Register 2: TDX RTMR2

### Hardware Measurements

**Format URI:** `https://tinfoil.sh/predicate/hardware-measurements/VERSION`

A generic hardware measurement format for attestation documents that contain
platform-specific measurement registers and verification data.
