Skip to content
Attestation Service
/
/
Bring Data On-Chain
Last updated

Overview

Blocky Attestation Service (Blocky AS) allows you to run custom functions in a Trusted Execution Environment (TEE) and receive attestations over their execution. In this guide, we show you how to verify attestations in a smart contract. Thus allowing it to take on-chain actions based on the attested function output.

Bring Data On-Chain

  1. Clone the Blocky AS examples repository and navigate to the on_chain directory:
git clone --branch main git@github.com:blocky/attestation-service-examples.git
cd attestation-service-examples/on_chain
  1. Install project dependencies by running:
npm install

  1. In the Attesting a Function Calls tutorial, we used Blocky AS to attest a simple "Hello, World!" function call and saved the attestations to out.json. Copy yours, or download ours into the on_chain directory by running:

    curl -o out.json https://docs.blocky.rocks/v0.1.0-beta.13/out.json

  2. Create a smart contract to verify an attested function call. For this example, we have created a simple user contract in contracts/User.sol to verify a transitive attestation over a function call and emit its output.

contract User {
    event AttestedFunctionCallOutput(string output);

    address private enclAttAppPubKeyAddress;

    function setEnclaveAttestedAppPubKey(
        bytes calldata enclAttAppPubKey
    )
    public
    {
        enclAttAppPubKeyAddress = TAParserLib.publicKeyToAddress(
            enclAttAppPubKey
        );
    }

    function processTransitiveAttestedFunctionCall(
        bytes calldata transitiveAttestation
    )
    public
    {
        TAParserLib.FnCallClaims memory claims;

        claims = TAParserLib.verifyTransitiveAttestedFnCall(
            enclAttAppPubKeyAddress,
            transitiveAttestation
        );

        emit AttestedFunctionCallOutput(string(claims.Output));
    }
}

The User contract complements process of verifying function execution, where verify the properties of a Blocky AS server and its enclave attested application public key used to sign transitive attestations. The setEnclaveAttestedAppPubKey converts an enclave attested application public key into an address and stores it in the enclAttAppPubKeyAddress variable. Once the enclave attested application public key is set, the processTransitiveAttestedFunctionCall function uses the TAParserLib.verifyTransitiveAttestedFnCall function to verify that the transitiveAttestation was signed by enclAttAppPubKeyAddress and to parse out its claims. Finally, the processTransitiveAttestedFunctionCall emits claims.Output through the AttestedFunctionCallOutput event. At this point, you can extend the User contract to use the value of claims.Output to take further onchain actions.

Note that you can extend setEnclaveAttestedAppPubKey function to set other elements of the verification process your smart contract will accept such as, hash_of_code or function name. The processTransitiveAttestedFunctionCall can then check these against the verified claims of the transitiveAttestation.

  1. To verify the output of the WASM function call in a smart contract, we extract the enclave attested application public key of the Blocky AS server and the transitive attestation of the function call from out.json. Then we pass them to the User contract. You can test this out by running:

    TA_FILE=$(realpath out.json) npx hardhat test --grep "User contract"
    which outputs
    [dotenv@17.2.2] injecting env (1) from .env -- tip: ⚙️  enable debug logging with { debug: true }
Compiled 3 Solidity files successfully (evm target: paris).


  User contract test
	processTransitiveAttestedFunctionCall emitted AttestedFunctionCallOutput(Hello, World!)
    ✔ Verify transitive attested function call (53ms)


  1 passing (55ms)

···································································································································
|  Solidity and Network Configuration
··············································|·················|···············|·················|································
|  Solidity: 0.8.28                           ·  Optim: false   ·  Runs: 200    ·  viaIR: false   ·     Block: 30,000,000 gas
··············································|·················|···············|·················|································
|  Methods
··············································|·················|···············|·················|················|···············
|  Contracts / Methods                        ·  Min            ·  Max          ·  Avg            ·  # calls       ·  usd (avg)
··············································|·················|···············|·················|················|···············
|  User                                       ·
··············································|·················|···············|·················|················|···············
|      processTransitiveAttestedFunctionCall  ·              -  ·            -  ·         51,003  ·             2  ·           -
··············································|·················|···············|·················|················|···············
|      setEnclaveAttestedAppPubKey            ·              -  ·            -  ·         69,642  ·             1  ·           -
··············································|·················|···············|·················|················|···············
|  Deployments                                                  ·                                 ·  % of limit    ·
··············································|·················|···············|·················|················|···············
|  User                                       ·              -  ·            -  ·        875,565  ·         2.9 %  ·           -
··············································|·················|···············|·················|················|···············
|  Key
···································································································································
|  ◯  Execution gas for this method does not include intrinsic gas overhead
···································································································································
|  △  Cost was non-zero but below the precision setting for the currency display (see options)
···································································································································
|  Toolchain:  hardhat
···································································································································

    The test will "deploy" our User contract and pass it the enclave attested application public key and transitive attestation extracted from out.json. The test then checks that the contract emits the AttestedFunctionCallOutput event containing our function output "Hello, World!".

Next Steps

You can bring your function outputs on-chain in a way that is verifiable by you or any other third party. This means that you can build Data Oracles for coin prices, game results, and more!

Previous page
Next page
Copyright © Blocky, Inc.