securefederatedai
diff --git a/‎openfl-docker/gramine_app/fx.manifest.template‎
Lines changed: 1 addition & 0 deletions b/‎openfl-docker/gramine_app/fx.manifest.template‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎openfl-workspace/workspace/plan/defaults/network.yaml‎
Lines changed: 1 addition & 0 deletions b/‎openfl-workspace/workspace/plan/defaults/network.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎openfl/interface/aggregator.py‎
Lines changed: 24 additions & 0 deletions b/‎openfl/interface/aggregator.py‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎openfl/interface/collaborator.py‎
Lines changed: 23 additions & 0 deletions b/‎openfl/interface/collaborator.py‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎openfl/utilities/attestation/__init__.py‎ b/‎openfl/utilities/attestation/__init__.py‎
@@ -71,4 +71,5 @@ sgx.allowed_files = [
   "file:{{ workspace_root }}/plan/cols.yaml",
   "file:{{ workspace_root }}/plan/data.yaml",
   "file:{{ workspace_root }}/plan/plan.yaml",
+  "file:{{ workspace_root }}/attestation",
 ]
@@ -4,6 +4,7 @@ settings:
     agg_port                   : auto
     hash_salt                  : auto
     use_tls                    : True
+    enable_remote_attestation  : False
     client_reconnect_interval  : 5
     require_client_auth        : True
     cert_folder                : cert
 
@@ -32,6 +32,7 @@
 from openfl.federated import Plan
 from openfl.interface.cli_helper import CERT_DIR
 from openfl.utilities import click_types
+from openfl.utilities.attestation import attestation_utils as attestation_utils
 from openfl.utilities.path_check import is_directory_traversal
 from openfl.utilities.utils import getfqdn_env
 
@@ -91,6 +92,29 @@ def start_(plan, authorized_cols, task_group):
         parsed_plan.config["assigner"]["settings"]["selected_task_group"] = task_group
         logger.info(f"Setting aggregator to assign: {task_group} task_group")
 
+    if isinstance(parsed_plan, dict):
+        # Check if remote attestation is enabled in the plan configuration
+        if "network" in parsed_plan.config and "settings" in parsed_plan.config["network"]:
+            if parsed_plan.config["network"]["settings"].get("enable_remote_attestation", False):
+                # Fetch remote attestation environment variables
+                attestation_env = attestation_utils.fetch_attestation_env_vars()
+                if attestation_env is not None:
+                    attestation_manager = attestation_utils.AttestationManager(
+                        "aggregator",
+                        attestation_env["ATTESTATION_REPORT_PATH"],
+                        attestation_env["ITA_API_KEY"],
+                        attestation_env["AVS_URL"],
+                    )
+                    # Generate and store the attestation report
+                    attestation_manager.get_attested_identity()
+                    logger.info("Remote attestation report fetched successfully.")
+                else:
+                    logger.error("Failed to fetch remote attestation environment variables.")
+            else:
+                logger.info(
+                    "Remote attestation is not enabled. Skipping attestation report generation."
+                )
+
     logger.info("🧿 Starting the Aggregator Service.")
 
     parsed_plan.get_server().serve()
 
@@ -23,6 +23,7 @@
 from openfl.cryptography.participant import generate_csr
 from openfl.federated import Plan
 from openfl.interface.cli_helper import CERT_DIR
+from openfl.utilities.attestation import attestation_utils as attestation_utils
 from openfl.utilities.path_check import is_directory_traversal
 from openfl.utilities.utils import rmtree
 
@@ -77,6 +78,28 @@ def start_(plan, collaborator_name, data_config):
     )
 
     # TODO: Need to restructure data loader config file loader
+    # print plan object
+    # check if plan is dict
+    if isinstance(plan, dict):
+        # Check if remote attestation is enabled in the plan configuration
+        if "network" in plan.config and "settings" in plan.config["network"]:
+            if plan.config["network"]["settings"].get("enable_remote_attestation", False):
+                # Fetch remote attestation environment variables
+                attestation_env = attestation_utils.fetch_attestation_env_vars()
+                if attestation_env is not None:
+                    attestation_manager = attestation_utils.AttestationManager(
+                        collaborator_name,
+                        attestation_env["ATTESTATION_REPORT_PATH"],
+                        attestation_env["ITA_API_KEY"],
+                        attestation_env["AVS_URL"],
+                    )
+                    # Generate and store the attestation report
+                    attestation_manager.get_attested_identity()
+                    logger.info("Remote attestation report stored successfully.")
+                else:
+                    logger.error("Remote attestation environment variables not set.")
+            else:
+                logger.info("Remote attestation is not enabled in the plan configuration.")
 
     echo(f"Data = {plan.cols_data_paths}")
     logger.info("🧿 Starting a Collaborator Service.")
Original file line number	Diff line number	Diff line change
`@@ -71,4 +71,5 @@ sgx.allowed_files = [`
`71`	`71`	`"file:{{ workspace_root }}/plan/cols.yaml",`
`72`	`72`	`"file:{{ workspace_root }}/plan/data.yaml",`
`73`	`73`	`"file:{{ workspace_root }}/plan/plan.yaml",`
	`74`	`+ "file:{{ workspace_root }}/attestation",`
`74`	`75`	`]`