native glibc (not-modified for graphene or USE_clone_FOR_fork defined) uses clone(2) syscall for fork(3) library function
as clone(CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHD, 0, NULL, &THREAD_SELF->tid)

This doesn't work as expected and the execution stalls somewhere. I guess it's not tested
because modified glibc uses fork(2) system call, not clone(2).

Once this is fixed, glibc modi

JIT is quite perilous from the correctness and security standpoints, but this is currently not addressed in the README.

If you write an interpreter in Rust you can use rustc to guarantee memory safety, but with JIT you're essentially emitting arbitrary assembly at runtime and jumping into it. No amount of memory safety guarantees on the original code will guarantee memory safety in the genera

We use 3rd party test cases through harness.cpp, but many are disabled. Some for good reasons - gas tracking, oversized exponents - but others fail for unknown reasons.

We should investigate these remaining failures, and also see if there's anything to gain from pulling in more recent test cases. If we find significant untested holes, we should add our own test scenarios to cover these valida

This is is a (not yet comprehensive) list of differences/limitations when applications are executed with SGX-LKL. This should be provided as part of the SGX-LKL documentation:

1. There is no support for fork() and multiple processes. Currently SGX-LKL provides a pure single process abstractions (although multiple LKL kernel thread can function in the role of separate processes). There

Increase enclave memory limit from 4kB to 128MB or 4GB.

The amount of data that the enclave is capable of storing encrypted (through a process known as sealing and unsealing is currently limited to 4kB. This is obviously not limited by disk space, but by the fact that the amount of data to seal/unseal needs to fit inside the enclave memory. Intel SGX documentation states that the enclave limit

Remote attestation commands can probably simply implemented in JavaScript. Report generation should probably be C/C++, but outside of enclave.

Remote attestation needs a key pair. I would provide one default with the package, but users should be able to set their own.

Remote attestation should use protocol V2 which returns a signed statement by Intel, and then validation of remote attestatio

Currently we pin (in IFPS) only block, so everyone participating in the blockchain will have a copy of all blocks. But if data pointed to by transactions is not available (disappears from the network), then this makes the blockchain itself less useful. We do not want to simply duplicate everything anyone references from a blockchain,

meta-tpm2/recipes-tpm/tpm2-tools/tpm2-tools.inc needs to inherit bash-completion.

Bitbake produces the following warnings otherwise:
WARNING: tpm2-tools-git.AUTOINC+e3a2fcf720-r0 do_package: QA Issue: tpm2-tools: Files/directories were installed but not shipped in any package:
/usr/share
/usr/share/bash-completion
/usr/share/bash-completion/completions
/usr/share/bash-completion/co

In the runtime we're building with wasmi, we have to make sure we hook into the event where the vm is requesting additional memory, and cause a Trap (or similar) if it exceeds the limit we set (e.g. 0.5GB).
We must do this because if we don't then a simple malicious contract can try to allocate more memory than is available inside the enclave environment (in one go or multiple allocations). In