Introduction

What is Corelib?

Corelib is an NVIDIA library that enables GPU attestation evidence collection outside of Confidential Computing (CC) mode. It provides direct access to GPU attestation capabilities through SPDM (Security Protocol and Data Model) interfaces, allowing attestation workflows without CC mode enablement.

Key Features

• Non-CC Mode Operation: Collect attestation evidence from GPUs without requiring Confidential Computing mode

• Direct SPDM Access: Communicates directly with GPU firmware via SPDM protocol

• Blackwell GPU Support: Designed for and tested with NVIDIA Blackwell architecture GPUs

Architecture Overview

Corelib operates at the firmware level, providing:

1. Device Discovery: Automatically detects and enumerates NVIDIA GPUs via in-band communication

2. SPDM Session Management: Establishes secure SPDM sessions with GPU firmware

3. Evidence Collection: Retrieves attestation reports, measurements, and certificate chains

The evidence collected includes:

• GPU attestation reports with firmware measurements

• Device certificate chains for verification

• GPU architecture and version information

• Nonce-bound measurements for replay protection

Compatibility

Supported GPU Architectures

• Blackwell

Supported Operating Systems

• Ubuntu 22.04 (x86-64, aarch64)

• Ubuntu 24.04 (x86-64, aarch64)

• Other Linux distributions (check downloads for availability)

Supported Platforms

• x86-64

• aarch64

Next Steps

• Getting Started: Install and configure Corelib

• License: End-user license agreement and terms

For C API documentation, see the NVIDIA Attestation SDK C API Reference.