Update ledgers/ccf/README.md

Co-authored-by: Bruno Vavala <[email protected]> Signed-off-by: prakashngit <[email protected]>
hyperledger-labs · Mar 14, 2024 · 9e460ff · 9e460ff
1 parent 8ce49e8
commit 9e460ff
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/ledgers/ccf/README.md b/ledgers/ccf/README.md
@@ -231,7 +231,11 @@ verify enclave attestation reports. We note that PDO currently supports EPID
 attestation verification, and while running in SGX HW mode, the eservice submits
 IAS attestation report to the TP as part of contract enclave
 registration with TP. To help the TP verify the IAS attestation report, the TP
-must be programmed with expected `MREnclave`, enclave `basename` and `ias_public_key`.
+must be programmed with the following SGX-defined expected values:
+* `MREnclave`, a unique identifier of the contract enclave code;
+* `basename`, which contains (and is directly derived from) the SPID in EPID attestations;
+* `ias_public_key`, which is the IAS public key for verifying attestation reports.
+At contract enclave registration time, the TP verifies that an attestation report is correctly signed by IAS and includes the expected values.
 Further, the CCF TP governance consortium is permitted to change the
 values of these parameters, subject to TP consortium governance rules.