Explainer · 4 min read
Hardware-attested
AI energy.
Three trust postures live on every certificate. hardware_attested is the top tier — and it is earned, not asserted. A certificate cannot claim this posture; it can only carry the evidence that proves it.
The three postures
- self_reported — the operator declared the value. Honest, but uncorroborated.
- cross_checked — at least two independent sensors agree on the measurement (e.g. NVML × RAPL passes the cross-validator), or solo dual_source evidence is present.
- hardware_attested — three or more evidence flags are present and cross-validation passed. Trust score ≥ 0.80.
What it takes to reach the top tier
A certificate is promoted to hardware_attested only when its
trust score (0.0 – 1.0) reaches 0.80. The score is the sum of evidence weights:
dual_source = true+0.30
signed_exporter = true+0.30
machine_fingerprint_match = true+0.20
tee_attested = true+0.40
The realistic enterprise configuration without a TEE — dual-source + signed exporter + machine fingerprint — lands at exactly 0.80. The TEE pushes it to 1.00. Posture is upgrade-only: a certificate never silently degrades; it either keeps its tier or moves up.
The five evidence sources
- NVML telemetry — GPU energy and power from the driver, sampled sub-second.
- RAPL telemetry — CPU package + DRAM domain energy from the kernel's powercap interface.
- Signed exporter — a sidecar that Ed25519-signs every
/metricsresponse, with the public key registered per-tenant and revocable. - Machine fingerprint binding — the exporter exposes a
machine_idlabel and the backend checks it matches the agent's stable host fingerprint. - TEE attestation — an optional SGX / SEV-SNP / Nitro quote proving the exporter runs inside a trusted enclave.
Inspect a hardware_attested certificate
The verifier shows each evidence chip — green for present, red for failed.
Verify a certificate →
Why this tier exists
Auditors, regulators and counterparties need to know the difference between
a number an operator says is true and a number a chain of independent sensors
agrees is true. The trust posture string is the structured answer to that
question, and hardware_attested is its strongest assertion —
the only one Serial Alice will let a certificate carry when the math actually
supports it.