Notes on using TPM - tearust/tee-on-mac GitHub Wiki

1. Sign using TPM's primary key before sending out anything that require others to verify, including -PCR -Transactions to blockchain

In order to reduce the slow hardware single thread cost, we only sign the most important information.

2. Verify others using CPU not TPM For obvious reason, we do not need TPM to verify the other's signature. This can be done using CPU. TPM is used for the tasks that need TPM's internal non-disclosure keys.

3. The null key hierarchy reset everytime it boots. So as long as it boots, others will know the null key changed. others will require RA the PCR because it booted just now.

4. the user key hierarchy changes when resell to new user. The user can be an account in blockchain. one user can own multiple machines. Since user is anonymous, we cannot assume two users are not a same person.

5. Read PCR using quotes. See https://google.github.io/tpm-js/#pg_pcrs

6. Since we do not have a real hardware yet, I do not know how to do the measured boot. we can discuss this in our meeting

7. We can skip authorization at this moment. We assume the system boot from trusted source by verifying PCR.