examples/device_attestation.py
| 1 | """Produce and verify a DeviceAttestation for an artifact stored in an enclave vault. |
| 2 | |
| 3 | Walks through: |
| 4 | 1. Creating a vault and storing a sample INT8 LoRA adapter. |
| 5 | 2. Signing a DeviceAttestation that commits to the artifact's content hash. |
| 6 | 3. Verifying the attestation (valid path). |
| 7 | 4. Tampering with the signature and showing verification fails. |
| 8 | """ |
| 9 | |
| 10 | from __future__ import annotations |
| 11 | |
| 12 | from quantumshield.identity.agent import AgentIdentity |
| 13 | |
| 14 | from pqc_enclave_sdk import ( |
| 15 | ArtifactKind, |
| 16 | DeviceAttester, |
| 17 | EnclaveVault, |
| 18 | InMemoryEnclaveBackend, |
| 19 | ) |
| 20 | |
| 21 | |
| 22 | def main() -> None: |
| 23 | backend = InMemoryEnclaveBackend( |
| 24 | device_id="iphone-carol-demo", |
| 25 | device_model="iphone-15-pro", |
| 26 | ) |
| 27 | vault = EnclaveVault(backend=backend) |
| 28 | vault.unlock() |
| 29 | |
| 30 | enc = vault.put_artifact( |
| 31 | name="jailbreak-safety-lora", |
| 32 | kind=ArtifactKind.LORA_ADAPTER, |
| 33 | content=b"\x11" * 4096, |
| 34 | version="2.0.1", |
| 35 | ) |
| 36 | print(f"[put] artifact_id={enc.metadata.artifact_id}") |
| 37 | print(f"[hash] sha3={enc.content_hash}") |
| 38 | |
| 39 | device_identity = AgentIdentity.create("device-attester") |
| 40 | attester = DeviceAttester( |
| 41 | identity=device_identity, |
| 42 | device_id=backend.device_id, |
| 43 | device_model=backend.device_model, |
| 44 | enclave_vendor=backend.enclave_vendor, |
| 45 | ) |
| 46 | att = attester.attest( |
| 47 | artifact_id=enc.metadata.artifact_id, |
| 48 | content_hash=enc.content_hash, |
| 49 | ) |
| 50 | print(f"[attest] signer_did={att.signer_did}") |
| 51 | print(f"[attest] algorithm={att.algorithm}") |
| 52 | print(f"[verify] valid={DeviceAttester.verify(att)}") |
| 53 | |
| 54 | # Tamper with the signature to show the PQC signature is load-bearing. |
| 55 | original_signature = att.signature |
| 56 | tampered = bytearray.fromhex(att.signature) |
| 57 | tampered[0] ^= 0xFF |
| 58 | att.signature = tampered.hex() |
| 59 | print(f"[tamper] valid_after_tamper={DeviceAttester.verify(att)}") |
| 60 | |
| 61 | # Restore and confirm verification is back to true. |
| 62 | att.signature = original_signature |
| 63 | print(f"[restore] valid_after_restore={DeviceAttester.verify(att)}") |
| 64 | |
| 65 | |
| 66 | if __name__ == "__main__": |
| 67 | main() |
| 68 | |