Atlas uses policies to define how TEE attestation should be verified. Policies determine which measurements to verify, what TCB statuses to accept, and which security checks to enforce.
Policy types Atlas supports TEE-specific policy types:
DstackTdx - Intel TDX attestation via Dstack (production-ready)SEV-SNP support planned for future releases
Loading policies from JSON Policies can be serialized and loaded from JSON configuration files:
{ "type" : "dstack_tdx" , "allowed_tcb_status" : [ "UpToDate" ], "grace_period" : 2592000 , "expected_bootchain" : { "mrtd" : "b24d3b24e9e3c16012376b52362ca09856c4adecb709d5fac33addf1c47e193da075b125b6c364115771390a5461e217" , "rtmr0" : "24c15e08c07aa01c531cbd7e8ba28f8cb62e78f6171bf6a8e0800714a65dd5efd3a06bf0cf5433c02bbfac839434b418" , "rtmr1" : "6e1afb7464ed0b941e8f5bf5b725cf1df9425e8105e3348dca52502f27c453f3018a28b90749cf05199d5a17820101a7" , "rtmr2" : "89e73cedf48f976ffebe8ac1129790ff59a0f52d54d969cb73455b1a79793f1dc16edc3b1fccc0fd65ea5905774bbd57" }, "os_image_hash" : "86b181377635db21c415f9ece8cc8505f7d4936ad3be7043969005a8c4690c1a" , "app_compose" : { "runner" : "docker-compose" , "docker_compose_file" : "version: '3' \n services: \n app: \n image: myapp:latest \n ..." } }
Load the policy in your application:
use atlas_rs :: Policy ; let policy_json = std :: fs :: read_to_string ( "policy.json" ) ? ; let policy : Policy = serde_json :: from_str ( & policy_json ) ? ;
Development vs production policies Development policy For testing and development, use relaxed verification:
use atlas_rs :: { Policy , DstackTdxPolicy }; // Accepts multiple TCB statuses, disables runtime verification let policy = Policy :: DstackTdx ( DstackTdxPolicy :: dev ());
Development policies disable critical security checks. Never use dev() or disable_runtime_verification: true in production.
Production policy Production policies require all runtime verification fields:
use atlas_rs :: { Policy , DstackTdxPolicy , ExpectedBootchain }; use serde_json :: json; let policy = Policy :: DstackTdx ( DstackTdxPolicy { expected_bootchain : Some ( ExpectedBootchain { mrtd : "b24d3b24..." . into (), rtmr0 : "24c15e08..." . into (), rtmr1 : "6e1afb74..." . into (), rtmr2 : "89e73ced..." . into (), }), os_image_hash : Some ( "86b18137..." . into ()), app_compose : Some ( json! ({ "runner" : "docker-compose" , "docker_compose_file" : "..." })), allowed_tcb_status : vec! [ "UpToDate" . into ()], grace_period : Some ( 30 * 24 * 60 * 60 ), // 30 days .. Default :: default () });
Runtime verification requirements By default, Atlas requires all runtime verification fields to be provided:
Field Required Purpose expected_bootchainYes Verifies MRTD and RTMR0-2 measurements os_image_hashYes Verifies the Dstack OS image integrity app_composeYes Verifies the application configuration
Missing any required field will cause a configuration error:
// This will fail - missing runtime fields let policy = DstackTdxPolicy :: default (); let result = policy . into_verifier (); assert! ( result . is_err ()); // Configuration error
To explicitly skip runtime verification (not recommended):
let policy = DstackTdxPolicy { disable_runtime_verification : true , allowed_tcb_status : vec! [ "UpToDate" . into ()], .. Default :: default () };
Next steps
DstackTdx policy Configure Intel TDX attestation policies
TCB status values Understanding TCB security levels
Computing measurements Generate bootchain measurements for your deployment