User Guide

Overview

The C API of nvat is located here This document follows the terminology and architectural concepts defined in the Remote Attestation Procedures Architecture (RATS) RFC.

The API is divided into high level and low level APIs.

The high level API offers a pluggable interface to perform end-to-end system attestation, which includes collecting evidence from an attester, submitting the evidence to a verifier to obtain attestation results, and applying appraisal policies to attestation results. The entrypoint for the high level APIs is nvat_attest_device().

The SDK also provides low-level APIs for advanced or custom attestation workflows. These APIs allow you to directly collect evidence, verify evidence, and evaluate attestation results as needed. For example, you can use nvat_gpu_evidence_collect() to gather GPU evidence from a system. This function is useful if you need to submit evidence to a custom verifier or save it for auditing. Similarly, nvat_verify_gpu_evidence() can be used to verify evidence that was collected elsewhere or at a different time.

Check API groups to see all the api’s, categorized by their functionality.

Conventions

• Allocations:

  • All structures besides return codes, primitive flags, and bitmaps are opaque and cannot be allocated on the stack. For example, nvat_sdk_opts_t is defined as typedef nvat_sdk_opts_st* nvat_sdk_opts_t. nvat_sdk_opts_st is forward declared and cannot be directly used outside the SDK. The rest of this document will omit this detail for brevity.

  • All structures are allocated on the heap using functions named nvat_<type>_create and released using nvat_<type>_destroy.

  • Most objects internally implement reference counting, so the user must free the objects created by SDK. Any exceptions will be called out in the API documentation.

• Error handling:

  • All fallible errors return nvat_rc_t (NVAT_RC_OK to indicate the success case) .

  • Return values are communicated to callers using out parameters which are always the last parameter of a function signature.

Examples

The NVIDIA Attestation SDK provides a simple C API for performing hardware attestation of NVIDIA GPUs and switches. This guide links to examples which cover the most common use cases.

The attestation examples below will work for the following GPU architectures and configurations:

• Hopper Single GPU

• Blackwell Single GPU

• Blackwell Multi GPU

If attestation is successful, the examples print the detached EAT and the claims. For more details on the structure of both of those, please see here.

For an example of doing attestation on Hopper PPCIE, please refer to this. The docs for Hopper PPCIE verifier are here

Basic GPU Attestation

View Source Code

This example demonstrates how to perform basic GPU attestation using the NVIDIA Attestation SDK. This is the most common use case - verifying the integrity and authenticity of NVIDIA GPU hardware and firmware using a complete end-to-end attestation workflow with a relying party policy. It combines features from other specific examples into a unified demonstration.

• API References

  • Complete attestation workflow: nvat_attest_device() (related: attestation context APIs)

  • Error handling: return_codes()

  • SDK initialization: nvat_sdk_init()

  • Attestation context: nvat_attestation_ctx_create()

Local Attestation

View Source Code

Perform attestation where the verification logic runs locally on the same device.

Remote Attestation

View Source Code

Perform attestation using a remote verification service (NRAS).

Attesting with an appraisal policy for attestation results

View Source Code

Learn how to apply a custom OPA Rego policy to the attestation results. This allows you to define specific security criteria that must be met.

Attestation without any appraisal policy

View Source Code

Run attestation without applying any specific relying party policy.

Evidence Collection

View Source Code

Understand how to collect attestation evidence and perform verification using lower-level APIs. This example demonstrates how to manually collect GPU evidence, set up verification components, and process attestation results. This approach provides more control over the attestation process compared to the simplified nvat_attest_device() workflow.

• API References

  • Evidence collection: nvat_gpu_evidence_collect()

  • Evidence sources: nvat_gpu_evidence_source_nvml_create()

  • Nonce generation: nvat_nonce_create()

  • Verification: nvat_verify_gpu_evidence()

  • Local verifier: nvat_gpu_local_verifier_create()

Custom Logger

View Source Code

Learn how to integrate custom logging functionality with the attestation SDK. The SDK provides flexible logging capabilities that can be customized to integrate with your application’s logging system. You can define custom callbacks for log message handling, filtering, and flushing.

• API References

  • Custom logger creation: nvat_logger_callback_create()

  • Logger configuration: nvat_sdk_opts_set_logger()

  • SDK initialization: nvat_sdk_init()

  • Error handling: return_codes()

Next Steps

Explore the Full API

• Complete API Reference: Browse the API groups for detailed descriptions of all SDK functions, types, and constants

• Advanced Configuration: See here to learn more about configuring the attestation process