m4sterchain opened a new pull request, #12: URL: https://github.com/apache/teaclave-crates/pull/12
## What Adds `docs/security-model.md` (a security model for this repository), adds a `SECURITY.md`, and cleans up the `README.md`. The repository previously had no `SECURITY.md` and no security-model documentation. ## Why This repository is special: it hosts dependency crates that are linked into the **trusted side** of TEE applications (SGX enclaves via the SGX SDK, TrustZone TAs via the TrustZone SDK). That means the entire repository is part of its consumers' Trusted Computing Base, and a weakness in any crate here propagates to every downstream application. A document that states this explicitly — and tells reviewers (human or LLM) what the review unit is — helps keep security review focused and avoids false positives from re-auditing unmodified upstream code. ## Contents `docs/security-model.md` covers: 1. **Trust model** — the whole repository is TCB; there is no in-repo trust boundary, the adversary is inherited from the consuming SDK, plus a supply-chain adversary. 2. **What the repository is / the review unit** — the two hosting approaches (patch bundle vs. full crate import) and, crucially, that **the review unit is the diff from pristine upstream, not the whole crate**. 3. **Trust-posture / what-to-scrutinize map** — per-crate table pointing at the security-critical seam each port touches (`getrandom` randomness source, `libc` OP-TEE syscall surface, the Rust `std` patch, `ring` crypto + prebuilt artifacts). 4. **Target-dependent security primitives** — randomness, untrusted filesystem, time, syscalls, panic/abort. 5. **Supply chain and provenance** — upstream-fix drift, binary artifacts in the TCB, build-time code execution, publish provenance. 6. **Guidance for automated / LLM security review** — where real findings concentrate, expected non-findings, and an explicit instruction to review only the adaptation diff. ### README cleanup - Fixed the "Typical layout examples" block: it described a `crates/` subdirectory that does not exist; crates actually live at the repository root. - Documented the directory-naming convention (`<crate>-<version>` for full imports, `<crate>-<version>-<base-commit>` for patch bundles). - Documented the per-approach diff conventions, including the full-import commit convention: a `Download <crate> <version> from crates.io` commit preserves the pristine upstream so the adaptation is `git diff <download-commit> HEAD -- <crate-dir>/`. This is documentation only; no crate source or behavior changes. 🤖 Generated with [Claude Code](https://claude.com/claude-code) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
