forked from GrapheneOS/AttestationServer
-
-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Dmitry Sorokin (@sorydima) edited this page Nov 19, 2024
·
1 revision
- Overview of the Attestation Server project.
- Core functionalities and goals.
- Links to relevant resources.
- Description of key features.
- Integration capabilities and supported platforms.
- Prerequisites for running the Attestation Server.
- Step-by-step setup guide.
- How to configure the server for different use cases.
- Environment variables, configuration files, and advanced options.
- Endpoints provided by the Attestation Server.
- Authentication mechanisms and usage examples.
- Deployment strategies (local, cloud, or hybrid).
- Best practices for scaling and monitoring.
- Security features and compliance.
- Recommendations for maintaining a secure server setup.
- How to contribute to the project.
- Coding standards and submission guidelines.
- Common questions and troubleshooting tips.
- Details about the licensing of the project.
- Recognition of contributors and utilized technologies.
# Welcome to the Attestation Server Wiki
The Attestation Server is a key component of the Katya-Incorporated ecosystem, designed to provide reliable and secure attestation services. It ensures the integrity of software, hardware, and identity-related processes.
## Key Objectives
- Support secure communication and data integrity.
- Verify and validate system or entity attestations.
- Provide API endpoints for seamless integration.
## Related Repositories
- [Infrastructure](https://github.com/Katya-Incorporated/infrastructure.git)
- [GrapheneOS Network](https://github.com/Katya-Incorporated/grapheneos.network.git)# Features
## Core Features
1. **Secure Attestation**
- Verifies the integrity of devices and applications.
- Supports TPM and TEE-based attestations.
2. **API Integration**
- RESTful API for seamless integration.
- JSON and protobuf formats supported.
3. **Scalability**
- Optimized for high-throughput environments.
- Horizontal and vertical scaling supported.
4. **Auditing**
- Logs all attestation requests and responses for transparency.
## Supported Platforms
- Linux
- Windows
- macOS
- Cloud providers (AWS, Azure, GCP)# Installation Guide
## Prerequisites
- Node.js (v18+)
- PostgreSQL (v14+)
- Docker (optional for containerized setups)
## Steps
1. Clone the repository:
```bash
git clone https://github.com/Katya-Incorporated/AttestationServer.git
cd AttestationServer-
Install dependencies:
npm install
-
Set up the database:
psql -U postgres -c "CREATE DATABASE attestation_server;" -
Start the server:
npm run start
-
Access the server:
- Default port:
http://localhost:3000
- Default port:
---
### **Configuration.md**
```markdown
# Configuration Guide
## Environment Variables
- `DB_HOST`: Database host (default: `localhost`).
- `DB_USER`: Database username (default: `postgres`).
- `DB_PASSWORD`: Password for the database user.
- `SERVER_PORT`: Port for the server (default: `3000`).
## Configuration File
Create a `.env` file in the root directory with the following content:
```env
DB_HOST=localhost
DB_USER=postgres
DB_PASSWORD=yourpassword
SERVER_PORT=3000
- Modify
config.jsonfor advanced settings. - See the documentation in
docs/config.mdfor more details.
---
### **API_Reference.md**
```markdown
# API Reference
## Endpoints
### 1. `/attest`
- **Method**: POST
- **Description**: Perform an attestation.
- **Request Body**:
```json
{
"deviceId": "string",
"attestationData": "base64-encoded string"
}
-
Response:
{ "status": "success", "verificationResult": true }
- Method: GET
- Description: Check server status.
-
Response:
{ "status": "online", "uptime": "12345 seconds" }
Refer to docs/api.md for a complete list of endpoints.
---
### **Deployment.md**
```markdown
# Deployment Guide
## Local Deployment
1. Install dependencies:
```bash
npm install
-
Start the server:
npm run start
-
Verify the server:
curl http://localhost:3000/status
-
Set up a cloud environment (AWS/GCP/Azure).
-
Use Docker for deployment:
docker build -t attestation-server . docker run -p 3000:3000 attestation-server -
Configure scaling and monitoring using cloud-native tools.
For advanced deployments, see docs/deployment.md.
---
### **Security.md**
```markdown
# Security
## Key Features
1. **Data Encryption**
- Uses TLS for secure communication.
- Database encryption at rest.
2. **Authentication**
- API token-based authentication.
- OAuth 2.0 support (optional).
3. **Access Control**
- Role-based access control (RBAC).
- Audit trails for sensitive actions.
## Recommendations
- Rotate API keys regularly.
- Enable multi-factor authentication (MFA) for administrators.
# Contribution Guidelines
We welcome contributions to enhance the Attestation Server. Here's how you can help:
## Steps
1. Fork the repository.
2. Create a feature branch:
```bash
git checkout -b feature/new-feature-
Test your changes:
npm test -
Submit a pull request with detailed descriptions.
- Follow Node.js best practices.
- Include unit and integration tests for new features.
---
### **FAQ.md**
```markdown
# FAQ
### Q: What types of attestation are supported?
A: Currently, we support TPM and TEE-based attestations.
### Q: How do I monitor the server?
A: Use tools like Prometheus and Grafana for monitoring. Logs are stored in `/logs`.
### Q: Can I use a different database?
A: Yes, configure the `DB_HOST` and related variables in `.env`.
# License
This project is licensed under the MIT License. See the [LICENSE](https://github.com/Katya-Incorporated/AttestationServer/blob/main/LICENSE) file for details.# Acknowledgements
We thank:
- The Katya-Incorporated team for their efforts.
- Open-source tools and libraries like Node.js, PostgreSQL, and Docker.
Together, we ensure secure and reliable attestations.