Provider attestation — GET /v1/providers/attestation
GET /v1/providers/attestation — public attestation data. No auth required. Returns trust level, SE public key, and MDA chain for independent verification.
The attestation endpoint returns cryptographic attestation data for every provider currently connected to the network. No authentication is required — this data is intentionally public so that any third party can independently verify the hardware and security posture of the providers that are serving inference requests.For hardware-attested providers, the response includes the full Apple Managed Device Attestation (MDA) certificate chain. You can verify this chain against Apple’s Enterprise Attestation Root CA to confirm that Apple has certified the device properties independently of Darkbloom.
"self_signed" — Secure Enclave signature and periodic challenge-response verified. The coordinator confirms the device is running an unmodified binary with SIP and Secure Boot active.
"hardware" — All of the above, plus Apple MDM cross-verification and an Apple MDA certificate chain signed by Apple’s Enterprise Attestation Root CA.
The provider’s Secure Enclave P-256 public key in base64. Use this to verify the x-se-signature and x-response-hash values from inference responses, confirming that the response was produced by this specific device.
DER-encoded certificates in the MDA chain, each base64-encoded. Present only for mda_verified: true providers. Decode each entry from base64 to DER, then verify the chain against Apple’s Enterprise Attestation Root CA (see below).