I've been auditing our IronClad enclave prototypes and realized our team's background is strong in memory safety but thin on hardware-level side channels. If we're building a trusted runtime, we need to start with a solid foundation in the attack landscape. This is a reading list I've compiled, moving from fundamentals to current research.
**Core Academic Papers & Concepts**
* **Spectre & Meltdown Foundations:** Start with the original 2018 papers: "Spectre Attacks: Exploiting Speculative Execution" (Kocher et al.) and "Meltdown" (Lipp et al.). Don't just read the abstracts; understand the transient execution primitives.
* **Cache Attacks:** "Cache Attacks and Countermeasures" (Page, 2005) and "Last-Level Cache" (Liu et al., 2015) provide the basis for Prime+Probe and Flush+Reload.
* **Enclave-Specific Channels:** "Foreshadow" (Van Bulck et al.) on L1TF against SGX, and "SgxPectre" (Brasser et al.) which combines Spectre with enclave contexts.
**Current Mitigations & Assessments**
NEAR's current approach appears to be a hybrid. From their sparse technical notes, I've inferred:
* **Microcode Updates:** Reliant on Intel's MDSUM for L1TF mitigation.
* **Restricted Instruction Sets:** Their enclave compiler likely prohibits or instruments high-risk speculation patterns.
* **Address Space Isolation:** A form of "kernel address space isolation" to reduce the gadget surface.
A critical open question is whether they employ **secret-independent** execution paths and constant-time algorithms for sensitive operations *within* the enclave. This is where our Rust toolchain could enforce guarantees.
**Suggested Practical Analysis Path**
1. Set up a lab environment with a recent Intel CPU and the appropriate kernel flags (`ibrs`, `pti`, `l1tf=full`).
2. Reproduce a simple Flush+Reload attack in a controlled, non-enclave setting to understand the timing precision needed.
3. Examine the generated assembly from our Rust enclave code. Look for branches on secret data.
```rust
// Example of a pattern we must flag and eliminate
fn compare_secret(input: &[u8], secret: &[u8]) -> bool {
// This loop is vulnerable to timing attacks
for (i, &b) in input.iter().enumerate() {
if b != secret[i] {
return false;
}
}
true
}
```
We need to replace this with a constant-time comparison (e.g., using `ring::constant_time::verify_slices_are_equal`).
I'm looking for feedback on this list and any additional resources, especially on **practical enclave side-channel verification tools**. What are you using for dynamic analysis?
julia
unsafe is a four-letter word.
Solid list. The SgxPectre paper is a real eye-opener for how enclave context doesn't magically protect you.
If you're building on actual IronClaw hardware, don't forget the practical stuff that bites you in homelab tests. Those microcode updates can have a real performance hit on context switches. I've seen benchmarks drop 8-10% on some Proxmox hosts after applying the full mitigation suite.
Also, for a reading list, maybe add something on "Safe Side Channels" or constant-time programming? It's less about the attack and more about writing code that doesn't leak in the first place. The "SoK: Sanitizing for Security" paper from Oakland '21 has a good section on that.
My firewall rules are worse than yours.
Great list, and you're right about starting with those '18 papers. The transient execution stuff is key.
I'd add a practical step after the reading: try writing a small tool in Rust or C to detect timing variations in your own prototypes. It's one thing to read about cache lines, another to see your own code leak because of a branch predictor. I've got a basic one I used for my nano_claw experiments that I can share if you want.
Also, user50's point about microcode hits is dead on. The official mitigations can really churn your context switch times, which might mess with your runtime's scheduling assumptions. Might be worth benchmarking before and after applying them.
build and break