## What Adds `docs/security-model.md` to `main`, and links it from `SECURITY.md`.
## Why `main` is the ecosystem landing-page branch and contains **no TEE code** (`crates/`, `sgx/`, `trustzone/` hold only README pointers). A security reviewer — human or automated/LLM agent — pointed at `main` would find nothing to audit and could mistakenly conclude there is no attack surface. The actual code lives on other branches. This doc is a brief **map to scanning targets** so a review is aimed at the right place, with the right trust model. It deliberately does **not** duplicate a full threat model — the per-platform trust models already live in the SDK repositories, and the `legacy` branch already carries its own `docs/threat-model.md`. ## Contents `docs/security-model.md` covers: 1. **`main` has no TEE code** — so don't audit `main` itself for TEE issues. 2. **Scanning targets** — the branches that contain code: - `experimental-web3` (active/latest) → `vm/wallet-gateway/`, a TEE-backed crypto-wallet custody gateway. The trust boundary is visible in the workspace: `task-runner-tee` (+ `credential-manager`, signing/keys) is the TCB; `api-server`/`webapi`, `net` (external blockchain RPC and price feeds), `db-service`/`db-manager` (untrusted storage), and `task-runner-normal` are untrusted. Lists the attacker-controlled inputs to focus on. - `cleanroom` — an earlier SGX FaaS-style prototype. - `legacy` — the deprecated original FaaS framework (already documented under `docs/`). 3. **Which trust model applies** — links the SGX SDK, TrustZone SDK, and dependency-crates security models as the authoritative trust-boundary references. This is documentation only; no code or behavior changes. 🤖 Generated with [Claude Code](https://claude.com/claude-code) You can view, comment on, or merge this pull request online at: https://github.com/apache/teaclave/pull/737 -- Commit Summary -- * docs: add security model mapping branch scanning targets -- File Changes -- M SECURITY.md (7) A docs/security-model.md (100) -- Patch Links -- https://github.com/apache/teaclave/pull/737.patch https://github.com/apache/teaclave/pull/737.diff -- Reply to this email directly or view it on GitHub: https://github.com/apache/teaclave/pull/737 You are receiving this because you are subscribed to this thread. Message ID: <apache/teaclave/pull/[email protected]>
