Every Capbot brain upgrade is signed inside an Intel TDX TEE, verified on-chain by the Capmon Anchor program. The receipts below are live, devnet, public. Click any TEE Attested badge to inspect the hardware quote.
Ed25519SigVerify precompile call signed by the registered upgrade authority, and a capmon-staking::upgrade_brain_v2 instruction that reads the signature out of the instructions sysvar and validates signer + asset + steps + freshness. The signing key is derived inside a Phala Cloud TDX enclave using deterministic key-management. Its private half never leaves the TEE. Every upgrade additionally generates an Intel TDX attestation quote, binding the signature to the specific code measurement of the Capbot server. No admin signature on the transaction itself. As of this week, every brain upgrade burns 50% of the Capbot's battle winnings as the cost of growth, making each receipt a verifiable proof of burn. See the implementation.
Auto-refreshes every 30 seconds.
This brain upgrade was signed inside an Intel TDX Trusted Execution Environment. The quote below is a hardware attestation from Intel that the signing code matches the registered enclave measurement.
dcap-qvl or Intel's Trust Center. The report_data field binds the quote to sha256(message), making the attestation cryptographically inseparable from this specific brain upgrade.