Auditor already works properly with Android 10. The boot and vendor patch level fields in the stock OS have been updated from the placeholder values, so that functionality will now work as expected for the stock OS as long as they update those fields as part of shipping patches.
Conversation
Here's a screenshot of the results when verifying a Pixel 3 running stock Android 10 from an Auditor that's already paired with it. The 'Verified device information' section is based on the signed attestation from the TEE / HSM, which is the Titan M security chip in this case.
Replying to
The 'Information provided by the verified OS' section is the portion obtained by the app itself, after chaining trust through the OS from the hardware. The hardware-based attestation provides app id and signing key fingerprint from the OS which is how it can chain trust to it.
1
Can see that they've updated the boot and vendor patch level fields obtained by the hardware in early boot, so it now provides the intended, accurate results. This already worked for GrapheneOS, but the stock OS wasn't yet updating those fields when shipping the monthly updates.
1