Attested Builds

Attested builds are a new approach to verifiable software distribution. Source code is compiled inside hardware-isolated environments that produce cryptographic proof linking binaries to their exact inputs.Powered by Kettle, Lunal's open-source implementation.

POST /build

Submit a build and receive all build outputs as a gzipped tarball. Supports Cargo and Nix projects via auto-detection.

Parameters

ParameterTypeDescription
sourcefileZIP file containing source code (mutually exclusive with repo_url)
repo_urlstringGit repository URL to clone (mutually exclusive with source)
refstringGit ref — branch, tag, or commit. Only used with repo_url
Submit a build. Returns a job_id immediately; the build runs asynchronously. Use the job_id with GET /build/{id}/events to track progress and GET /build/{id}/result to download the outputs.

Supports Cargo and Nix projects via auto-detection.

Request

Content-Type: application/json

The body is a JSON object:

FieldTypeDescription
noncestringRequired. Hex-encoded nonce, at most 16 bytes (32 hex chars). Bound into the attestation.
repo_urlstringGit repository URL to clone. Provide this or source_data.
repo_refstringGit ref — branch, tag, or commit. Only used with repo_url.
source_datastringBase64-encoded source archive (ZIP or gzip tarball). Provide this or repo_url.
source_namestringOriginal filename of the uploaded archive. Used to name the output directory when the archive has no single top-level directory. Optional, only relevant with source_data.

Exactly one of repo_url or source_data must be present.

Examples

From a git repo

curl -X POST https://build.confidential.ai/build \
  -H 'content-type: application/json' \
  -d '{
    "nonce": "0a1b2c3d4e5f60718293a4b5c6d7e8f9",
    "repo_url": "https://github.com/burntsushi/ripgrep",
    "repo_ref": "main"
  }'

From an uploaded archive

# Base64-encode a source archive and submit it inline.
SOURCE=$(base64 -w0 my-project.zip)
curl -X POST https://build.confidential.ai/build \
  -H 'content-type: application/json' \
  -d "{
    \"nonce\": \"0a1b2c3d4e5f60718293a4b5c6d7e8f9\",
    \"source_name\": \"my-project.zip\",
    \"source_data\": \"$SOURCE\"
  }"

Response

Success (200)

Returns a gzipped tarball (application/gzip) containing:

build.tar.gz
├── artifacts/
│   └── computational-graph     # compiled binary
├── build-config/
│   └── Cargo.lock              # lockfile
├── provenance.json             # build provenance
├── manifest.json               # build manifest
└── evidence.json               # attestation evidence (TEE report)

Extract the result:

mkdir -p build-output && tar -xzf build.tar.gz -C build-output

Failure (400 or 500)

{
  "job_id": "a1b2c3d4-5678-90ab-cdef-1234567890ab"
}

Errors

StatusCondition
400 Bad RequestNonce is not valid hex, nonce exceeds 16 bytes, or neither/both of repo_url and source_data were provided.
409 ConflictThis CVM has already accepted a build. Each instance accepts exactly one build.

Error responses have a plain-text body describing the problem.