MesaPy for SGX: Building Fast and Safe SGX Enclave in Python

In August, we first announced the MesaPy project, which aims to be a fast and safe Python implementation. MesaPy mainly focuses on improving its security and memory safety. We achieve the memory-safety promise through various methods: hardening RPython’s type system (RPython is the language for writing PyPy), modifying PyPy/RPython’s libraries, and verifying the RPython’s libraries as well as its translator/JIT backend.

Overall, there are three most notable security features of MesaPy:

• Memory safety: To provide a memory-safe runtime, MesaPy replaces external libraries written in C, which could introduce memory issues, with Rust, a memory-safe programming language. This guarantees the memory safety across all libraries including those written in Python, but also external libraries.
• Security hardening: PyPy is implemented with RPython, a statically-typed language with translation and support framework. We also enhanced memory-safety of RPython through hardening RPython’s type system, i.e., the RPython typer. For example, we improve RPython’s list with runtime index check to avoid arbitrarily list read/write during PyPy’s implementation.
• Formal verification: Some code in RPython’s libraries and its translator/JIT backend are still written in C, which may contain potential memory bugs. To prove the memory safety of RPython, we aim to formally verify its libraries and backend written in C using state-of-the-art verification tools.

On top of the enhancements, we also bring MesaPy into Intel SGX to write memory-safe applications running in the trusted execution environment. Intel SGX provides integrity and confidentiality guarantees to security-sensitive computation. Developers now can easily use MesaPy for SGX to implement SGX applications (SGX enclaves) without worrying about memory issues and with minimal TCB (Trusted Computing Base).

Building a Python enclave is quite simple, and we provide several examples to show the capabilities. Let’s take “Hello World” as an example. Firstly, developers need a machine with SGX support, install with Intel SGX PSW/SDK, and its dependencies. Then, clone the MesaPy for SGX repository.

$ git clone -b sgx --recursive git@github.com:mesalock-linux/mesapy.git

Secondly, build MesaPy for SGX in the sgx directory.

$ make sgx    # build MesaPy for SGX

After successfully building MesaPy for SGX, you can start the “Hello World” project finally.

$ source $(SGX_SDK)/environment  # setup Intel SGX SDK environment
$ cd sgx/examples/hello_world    # change to the hello_world dir
$ make                       # compile, link and sign the enclave
$ ./app                 # run and get the "Hello, World!" message
Hello, World!
Welcome to MesaPy for SGX.
Do what I mean: 42
​
Info: hello_world successfully returned.
Enter a character before exit ...

To write a customized Python enclave, developers can just modify the Enclave/src/python_enclave.py file. Detailed instructions are described in the README file. In addition, we also provide Dockerfile to ease the developing process.

In the current release, MesaPy for SGX supports basic computation and some builtin modules. Supports of multithreading and the standard library are still under developing. The project is open source in GitHub (https://github.com/mesalock-linux/mesapy/tree/sgx/sgx). If you are interested in contributing to MesaPy for SGX, feel free to open an issue with your plan and start working on it.