Trusted Components for Attestation and Secret Management

Trustee contains tools and components for attesting confidential guests and providing secrets to them. Collectively, these components are known as Trustee. Trustee typically operates on behalf of the “workload provider” / “data owner” and interacts remotely with guest components.

Trustee is developed for the Confidential Containers project, but can be used with a wide variety of applications and hardware platforms.


Trustee is flexible and can be deployed in several different configurations. This figure shows one common way to deploy these components in conjunction with certain guest components.

flowchart LR
    AA -- attests guest ----> KBS
    CDH -- requests resource --> KBS
    subgraph Guest
        CDH <.-> AA
    subgraph Trustee
        KBS -- validates evidence --> AS
        RVPS -- provides reference values--> AS
    client-tool -- configures --> KBS


  • CDH: Confidential Data Hub
  • AA: Attestation Agent
  • KBS: Key Broker Service
  • RVPS: Reference Value Provider Service
  • AS: Attestation Service

Key Broker Service (KBS)

This service facilitates remote attestation and secret delivery

Attestation Service (AS)

This service verifies TEE evidence

Reference Value Provider Service (RVPS)

This service manages reference values used to verify TEE evidence

KBS Client Tool

Simple tool to test or configure Key Broker Service and Attestation Service