No description available.
tid
Timestamp-based ID
Properties
attestedAt
string
datetime
Required
An RFC 3339 formatted timestamp.
authenticatedRootEnabled
boolean
Required
No description available.
binaryHash
string
Required
SHA-256 hex of the cocore-provider binary that produced this attestation.
maxLength: 64 bytesminLength: 64 byteschipName
string
Required
No description available.
maxLength: 64 bytesencryptionPubKey
string
Required
X25519 public key (base64) bound to the same Secure Enclave identity. Proves a single device controls both signing and request-encryption keys.
maxLength: 128 bytesexpiresAt
string
datetime
Required
Receipts that strong-ref this attestation are only considered fresh if completedAt < expiresAt. Default 24h after attestedAt.
hardwareModel
string
Required
DMI string, e.g. 'Mac15,8'.
maxLength: 64 bytesmdaCertChain
array
of
bytes
Optional
Optional Apple Managed Device Attestation certificate chain (DER), leaf first. Present when trustLevel is 'hardware-attested'. Verifiers MUST: (1) verify every adjacent link to the embedded Apple Enterprise Attestation Root CA, enforcing BasicConstraints (non-leaf certs are CAs, the leaf is an end-entity); and (2) require the leaf's P-256 public key to EQUAL this record's `publicKey` — i.e. the chain is BOUND to the receipt-signing key. Without (2) a valid Apple chain for one device could be stapled onto an unrelated signing key, so a chain that verifies but isn't bound MUST NOT earn 'hardware-attested'. Producers (the MDA provisioning tool) MUST therefore attest the signing key itself.
maxLength: 8 itemsosVersion
string
Required
No description available.
maxLength: 64 bytespublicKey
string
Required
P-256 public key (base64). MUST equal the attestationPubKey of the provider record under the signing DID.
maxLength: 256 bytesrdmaDisabled
boolean
Optional
No description available.
secureBootEnabled
boolean
Required
No description available.
secureEnclaveAvailable
boolean
Required
No description available.
selfSignature
bytes
Required
Secure Enclave P-256 signature (DER) over a sorted-key canonical JSON of every other field in this record. Verifiers MUST reconstruct the canonical JSON byte-for-byte before checking.
maxLength: 256serialNumberHash
string
Required
SHA-256 hex of (serialNumber || providerDID). Hashed so the public record never leaks raw serials. When an mdaCertChain is present, the serialNumber MUST be the one the verified MDA leaf attests (not a self-reported value), so the hashed device identity is anchored to the chain.
maxLength: 64 bytesminLength: 64 bytessipEnabled
boolean
Required
No description available.
View raw schema
{
"key": "tid",
"type": "record",
"record": {
"type": "object",
"required": [
"publicKey",
"encryptionPubKey",
"chipName",
"hardwareModel",
"serialNumberHash",
"osVersion",
"binaryHash",
"sipEnabled",
"secureBootEnabled",
"secureEnclaveAvailable",
"authenticatedRootEnabled",
"selfSignature",
"attestedAt",
"expiresAt"
],
"properties": {
"chipName": {
"type": "string",
"maxLength": 64
},
"expiresAt": {
"type": "string",
"format": "datetime",
"description": "Receipts that strong-ref this attestation are only considered fresh if completedAt < expiresAt. Default 24h after attestedAt."
},
"osVersion": {
"type": "string",
"maxLength": 64
},
"publicKey": {
"type": "string",
"maxLength": 256,
"description": "P-256 public key (base64). MUST equal the attestationPubKey of the provider record under the signing DID."
},
"attestedAt": {
"type": "string",
"format": "datetime"
},
"binaryHash": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "SHA-256 hex of the cocore-provider binary that produced this attestation."
},
"sipEnabled": {
"type": "boolean"
},
"mdaCertChain": {
"type": "array",
"items": {
"type": "bytes",
"maxLength": 8192
},
"maxLength": 8,
"description": "Optional Apple Managed Device Attestation certificate chain (DER), leaf first. Present when trustLevel is 'hardware-attested'. Verifiers MUST: (1) verify every adjacent link to the embedded Apple Enterprise Attestation Root CA, enforcing BasicConstraints (non-leaf certs are CAs, the leaf is an end-entity); and (2) require the leaf's P-256 public key to EQUAL this record's `publicKey` — i.e. the chain is BOUND to the receipt-signing key. Without (2) a valid Apple chain for one device could be stapled onto an unrelated signing key, so a chain that verifies but isn't bound MUST NOT earn 'hardware-attested'. Producers (the MDA provisioning tool) MUST therefore attest the signing key itself."
},
"rdmaDisabled": {
"type": "boolean"
},
"hardwareModel": {
"type": "string",
"maxLength": 64,
"description": "DMI string, e.g. 'Mac15,8'."
},
"selfSignature": {
"type": "bytes",
"maxLength": 256,
"description": "Secure Enclave P-256 signature (DER) over a sorted-key canonical JSON of every other field in this record. Verifiers MUST reconstruct the canonical JSON byte-for-byte before checking."
},
"encryptionPubKey": {
"type": "string",
"maxLength": 128,
"description": "X25519 public key (base64) bound to the same Secure Enclave identity. Proves a single device controls both signing and request-encryption keys."
},
"serialNumberHash": {
"type": "string",
"maxLength": 64,
"minLength": 64,
"description": "SHA-256 hex of (serialNumber || providerDID). Hashed so the public record never leaks raw serials. When an mdaCertChain is present, the serialNumber MUST be the one the verified MDA leaf attests (not a self-reported value), so the hashed device identity is anchored to the chain."
},
"secureBootEnabled": {
"type": "boolean"
},
"secureEnclaveAvailable": {
"type": "boolean"
},
"authenticatedRootEnabled": {
"type": "boolean"
}
}
}
}