Skip to content

docs: add security model describing trust boundaries and TCB#305

Merged
m4sterchain merged 1 commit into
apache:mainfrom
m4sterchain:docs/security-model
Jun 5, 2026
Merged

docs: add security model describing trust boundaries and TCB#305
m4sterchain merged 1 commit into
apache:mainfrom
m4sterchain:docs/security-model

Conversation

@m4sterchain

@m4sterchain m4sterchain commented Jun 4, 2026

Copy link
Copy Markdown
Contributor

What

Adds docs/security-model.md, a document describing the SDK's security model. The repository previously had no SDK-level security/trust-model documentation — only SECURITY.md (a vulnerability-reporting policy) and a per-demo "Security Assumptions" section in eth_wallet.

Why

TrustZone development differs from ordinary application development: code is partitioned into an untrusted Normal World and a trusted Secure World, and the boundary between them is the central security property. A single document that maps this trust model onto the codebase helps both human developers and automated/LLM security reviewers reason correctly — in particular, to focus on the real trust boundary and avoid false positives on code where the concern does not apply.

Contents

docs/security-model.md covers:

  1. Trust model — TCB, adversary capabilities (full Normal-World root: arbitrary parameters, attacker-chosen buffer pointers/lengths, concurrent mutation of shared memory), and out-of-scope threats.
  2. The trust boundary — the TA entry point; per-parameter-type trust analysis (Value* vs. shared-memory Memref*); and the invariants TA boundary code must enforce (validate param_types, treat every memref byte as adversarial, bound lengths, copy-then-validate to avoid TOCTOU/double-fetch, don't leak via output buffers, fail closed).
  3. Trust-posture map of the repository — a table mapping each path to its world/role and what to scrutinize.
  4. Storage, secrets, and other assumptions — secure-storage confidentiality vs. rollback/availability, RPMB, secure UI.
  5. Dependencies and the supply chain — a TA's full transitive crate tree runs inside the TEE and is part of the TCB; no-std vs std as a TCB-size decision; software crypto and entropy considerations; build-time supply-chain risk; and vetting recommendations.
  6. Guidance for automated / LLM security review — where real findings concentrate, expected non-findings (false positives), and an explicit instruction to also review the TA's dependency tree when tooling allows.

Also links the new doc from SECURITY.md and the docs index (docs/README.md).

This is documentation only; no code or behavior changes.

🤖 Generated with Claude Code

@m4sterchain @claude
docs: add security model describing trust boundaries and TCB
04b1383 
Adds docs/security-model.md documenting the SDK's trust model, the
Normal World vs. Secure World trust boundary, the obligations on TA
boundary code (treat all parameters as attacker-controlled, copy-then-
validate to avoid TOCTOU on shared memory), a trust-posture map of the
repository, dependency/supply-chain considerations (a TA's full
transitive crate tree runs inside the TEE and is part of the TCB), and
guidance for both developers and automated security reviewers.

Links the new doc from SECURITY.md and the docs index.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@m4sterchain

m4sterchain commented Jun 4, 2026

Copy link
Copy Markdown
Contributor Author

@DemesneGH @ivila I am planning to merge these docs changes tomorrow, please take a look if any correction needed when you are available.

@m4sterchain m4sterchain merged commit bb90412 into apache:main Jun 5, 2026
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@DemesneGH DemesneGH

@ivila ivila

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@m4sterchain @DemesneGH @ivila