diff --git a/core/internal/integrity/BUILD.bazel b/core/internal/integrity/BUILD.bazel
new file mode 100644
index 0000000..cb551cc
--- /dev/null
+++ b/core/internal/integrity/BUILD.bazel
@@ -0,0 +1,14 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["common.go"],
+    importpath = "git.monogon.dev/source/nexantic.git/core/internal/integrity",
+    visibility = ["//core:__subpackages__"],
+    deps = [
+        "//core/api/api:go_default_library",
+        "//core/internal/common:go_default_library",
+        "@org_golang_google_grpc//:go_default_library",
+        "@org_golang_google_grpc//credentials:go_default_library",
+    ],
+)
diff --git a/core/internal/integrity/common.go b/core/internal/integrity/common.go
new file mode 100644
index 0000000..f92c008
--- /dev/null
+++ b/core/internal/integrity/common.go
@@ -0,0 +1,81 @@
+// Copyright 2020 The Monogon Project Authors.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package integrity
+
+import (
+	"bytes"
+	"crypto/tls"
+	"crypto/x509"
+	"errors"
+	"fmt"
+	"net"
+	"strings"
+
+	"git.monogon.dev/source/nexantic.git/core/generated/api"
+	"git.monogon.dev/source/nexantic.git/core/internal/common"
+	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
+)
+
+// Agent specifices the interface which every integrity agent needs to fulfill
+type Agent interface {
+	// Initialize needs to be called once and initializes the systems required to maintain integrity
+	// on the given platform.
+	// nodeCert is a X.509 DER certificate which identifies the node once it's unlocked. This is
+	// required to bind the node certificate (which is only available when the node is unlocked) to
+	// the integrity subsystem used to attest said node.
+	// Initialize returns the cryptographic identity that it's bound to.
+	Initialize(newNode api.NewNodeInfo, enrolment api.EnrolmentConfig) (string, error)
+
+	// Unlock performs all required actions to assure the integrity of the platform and retrieves
+	// the unlock key in a secure manner
+	Unlock(enrolment api.EnrolmentConfig) ([]byte, error)
+}
+
+// DialNMS creates a secure GRPC connection to the NodeManagementService
+func DialNMS(enrolment api.EnrolmentConfig) (*grpc.ClientConn, error) {
+	var targets []string
+	for _, target := range enrolment.MasterIps {
+		targets = append(targets, fmt.Sprintf("%v:%v", net.IP(target), common.MasterServicePort))
+	}
+	cert, err := x509.ParseCertificate(enrolment.MastersCert)
+	if err != nil {
+		return nil, err
+	}
+	mastersPool := x509.NewCertPool()
+	mastersPool.AddCert(cert)
+
+	secureTransport := &tls.Config{
+		InsecureSkipVerify: true,
+		// Critical function, please review any changes with care
+		// TODO(lorenz): Actively check that this actually provides the security guarantees that we need
+		VerifyPeerCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
+			for _, cert := range rawCerts {
+				// X.509 certificates in DER can be compared like this since DER has a unique representation
+				// for each certificate.
+				if bytes.Equal(cert, enrolment.MastersCert) {
+					return nil
+				}
+			}
+			return errors.New("failed to find authorized NMS certificate")
+		},
+		MinVersion: tls.VersionTLS13,
+	}
+	secureTransportCreds := credentials.NewTLS(secureTransport)
+
+	return grpc.Dial(strings.Join(targets, ","), grpc.WithTransportCredentials(secureTransportCreds))
+}
diff --git a/core/internal/integrity/tpm2/BUILD.bazel b/core/internal/integrity/tpm2/BUILD.bazel
new file mode 100644
index 0000000..c4c77bb
--- /dev/null
+++ b/core/internal/integrity/tpm2/BUILD.bazel
@@ -0,0 +1,13 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["tpm2.go"],
+    importpath = "git.monogon.dev/source/nexantic.git/core/internal/integrity/tpm2",
+    visibility = ["//core:__subpackages__"],
+    deps = [
+        "//core/api/api:go_default_library",
+        "//core/internal/integrity:go_default_library",
+        "//core/pkg/tpm:go_default_library",
+    ],
+)
diff --git a/core/internal/integrity/tpm2/tpm2.go b/core/internal/integrity/tpm2/tpm2.go
new file mode 100644
index 0000000..8497562
--- /dev/null
+++ b/core/internal/integrity/tpm2/tpm2.go
@@ -0,0 +1,155 @@
+// Copyright 2020 The Monogon Project Authors.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package tpm2
+
+import (
+	"context"
+	"errors"
+	"fmt"
+
+	"git.monogon.dev/source/nexantic.git/core/generated/api"
+	"git.monogon.dev/source/nexantic.git/core/internal/integrity"
+	"git.monogon.dev/source/nexantic.git/core/pkg/tpm"
+)
+
+type TPM2Agent struct {
+}
+
+func (a *TPM2Agent) Initialize(newNode api.NewNodeInfo, enrolment api.EnrolmentConfig) error {
+	nmsConn, err := integrity.DialNMS(enrolment)
+	nmsClient := api.NewNodeManagementServiceClient(nmsConn)
+	ekPub, ekCert, err := tpm.GetEKPublic()
+	if err != nil {
+		return fmt.Errorf("failed to generate EK: %w", err)
+	}
+
+	akPub, err := tpm.GetAKPublic()
+	if err != nil {
+		return fmt.Errorf("failed to generate AK: %w", err)
+	}
+
+	registerSession, err := nmsClient.NewTPM2NodeRegister(context.Background())
+	if err != nil {
+		return fmt.Errorf("failed to open registration session: %w", err)
+	}
+	defer registerSession.CloseSend()
+	if err := registerSession.Send(&api.TPM2FlowRequest{
+		Stage: &api.TPM2FlowRequest_Register{
+			Register: &api.TPM2RegisterRequest{
+				AkPublic: akPub,
+				EkPubkey: ekPub,
+				EkCert:   ekCert,
+			},
+		},
+	}); err != nil {
+		return fmt.Errorf("failed to send registration: %w", err)
+	}
+
+	res1, err := registerSession.Recv()
+	if err != nil {
+		return fmt.Errorf("failed to receive attest request: %w", err)
+	}
+	attestReqContainer, ok := res1.Stage.(*api.TPM2FlowResponse_AttestRequest)
+	if !ok {
+		return errors.New("protocol violation: after RegisterRequest expected AttestRequest")
+	}
+	attestReq := attestReqContainer.AttestRequest
+	solution, err := tpm.SolveAKChallenge(attestReq.AkChallenge, attestReq.AkChallengeSecret)
+	if err != nil {
+		return fmt.Errorf("failed to solve AK challenge: %w", err)
+	}
+	pcrs, err := tpm.GetPCRs()
+	if err != nil {
+		return fmt.Errorf("failed to get SRTM PCRs: %w", err)
+	}
+	quote, quoteSig, err := tpm.AttestPlatform(attestReq.QuoteNonce)
+	if err != nil {
+		return fmt.Errorf("failed Quote operation: %w", err)
+	}
+	if err := registerSession.Send(&api.TPM2FlowRequest{
+		Stage: &api.TPM2FlowRequest_AttestResponse{
+			AttestResponse: &api.TPM2AttestResponse{
+				AkChallengeSolution: solution,
+				Pcrs:                pcrs,
+				Quote:               quote,
+				QuoteSignature:      quoteSig,
+			},
+		},
+	}); err != nil {
+		return fmt.Errorf("failed to send AttestResponse: %w", err)
+	}
+	if err := registerSession.Send(&api.TPM2FlowRequest{
+		Stage: &api.TPM2FlowRequest_NewNodeInfo{
+			NewNodeInfo: &newNode,
+		},
+	}); err != nil {
+		return fmt.Errorf("failed to send NewNodeInfo: %w", err)
+	}
+	return nil
+}
+
+// Unlock attests the node state to the remote NMS and asks it for the global unlock key
+func (a *TPM2Agent) Unlock(enrolment api.EnrolmentConfig) ([]byte, error) {
+	nmsConn, err := integrity.DialNMS(enrolment)
+	if err != nil {
+		return []byte{}, err
+	}
+	nmsClient := api.NewNodeManagementServiceClient(nmsConn)
+	unlockClient, err := nmsClient.TPM2Unlock(context.Background())
+	if err != nil {
+		return []byte{}, err
+	}
+	defer unlockClient.CloseSend()
+	unlockInitContainer, err := unlockClient.Recv()
+	if err != nil {
+		return []byte{}, err
+	}
+	unlockInitVariant, ok := unlockInitContainer.Stage.(*api.TPM2UnlockFlowResponse_UnlockInit)
+	if !ok {
+		return []byte{}, errors.New("TPM2Unlock protocol violation")
+	}
+	unlockInit := unlockInitVariant.UnlockInit
+	quote, sig, err := tpm.AttestPlatform(unlockInit.Nonce)
+	if err != nil {
+		return []byte{}, fmt.Errorf("failed to attest platform: %w", err)
+	}
+	pcrs, err := tpm.GetPCRs()
+	if err != nil {
+		return []byte{}, fmt.Errorf("failed to get PCRs from TPM: %w", err)
+	}
+	if err := unlockClient.Send(&api.TPM2UnlockFlowRequeset{Stage: &api.TPM2UnlockFlowRequeset_UnlockRequest{
+		UnlockRequest: &api.TPM2UnlockRequest{
+			Pcrs:           pcrs,
+			Quote:          quote,
+			QuoteSignature: sig,
+			NodeId:         enrolment.NodeId,
+		},
+	}}); err != nil {
+		return []byte{}, err
+	}
+	unlockResponseContainer, err := unlockClient.Recv()
+	if err != nil {
+		return []byte{}, err
+	}
+	unlockResponseVariant, ok := unlockResponseContainer.Stage.(*api.TPM2UnlockFlowResponse_UnlockResponse)
+	if !ok {
+		return []byte{}, errors.New("violated TPM2Unlock protocol")
+	}
+	unlockResponse := unlockResponseVariant.UnlockResponse
+
+	return unlockResponse.GlobalUnlockKey, nil
+}