9-Layer Defense Architecture
The complete defense stack:
| Layer | Defense | Defends Against |
|---|---|---|
| 1 | Secure Acquisition (TPM, Keychain, etc.) | Untrusted key sources |
| 2 | Memory Page Locking (mlock / VirtualLock) | Swap files, hibernation |
| 3 | Fragment Strategy (variable chunks, shuffle) | Pattern recognition, memory scraping |
| 4 | Decoy Bytes (self-referential filler) | Entropy/frequency analysis |
| 5 | Codex Transformation (byte swap) | Memory dump analysis |
| 6 | Constant-Time Operations | Timing side-channels |
| 7 | Zero-On-Drop | Use-after-free leakage |
| 8 | Security Monitor (failure detection) | Brute-force, anomalous access |
| 9 | Audit Logging | Forensic trail, compliance |
| 10 | (Bonus) Page Protection Toggling | Snapshot attacks |
Full details: see docs/SECURITY.md for the comprehensive security architecture.
Visual walkthrough: see docs/TRANSFORMATION.md for a step-by-step trace of what happens to a key as it passes through all the layers.
Performance targets (1.0 design — verified in 0.10.0)
Measured numbers from the reference machine (see docs/PERFORMANCE.md for methodology and the full result tables):
| Target | Measured | Status |
|---|---|---|
| Vault construction (empty) | ~165 ns | ✅ |
with_key defrag, no codex, 16/32/64/256 B |
31 / 39 / 51 / 147 ns | ✅ all under 500 ns |
with_key defrag, with codex, 16/32/64/256 B |
48 / 72 / 126 / 439 ns | ✅ all under 1 µs |
| Concurrent reads, 1 → 64 threads | scales out, no contention | ✅ lock-free |
| Memory overhead per key (Linux 1000-key RSS) | ~5 KiB | ✅ under 16 KiB |
Allocations per with_key (default NoAudit) |
0 (dhat-measured over 100k iterations) | ✅ zero-alloc hot path |
Run cargo bench --all-features to reproduce on your hardware.
Quick start
[]
= "1.0"
use ;
use detect_tee_capabilities;
// Build a vault with the full default stack: Layer 2 (mlock/VirtualLock)
// + Layer 3 (StandardFragmenter) + Layer 4 (SelfReferenceDecoy — the
// strongest decoy) + Layer 5 (per-vault DynamicCodex involution)
// + Layer 6 (ConstantTimeEq) + Layer 7 (zero-on-drop).
let vault = new
.normalize_with_blake3 // default
.with_codex
.with_decoy
.build;
// Hand the vault some key material and get back an opaque, scattered,
// mlock'd, zeroed-on-drop representation with decoy chunks mixed in.
let raw = new;
let frags = vault.fragment.expect;
// Reassemble when you need to use it. With BLAKE3 normalization on,
// the recovered bytes are the 32-byte hash of the input.
let recovered = vault.defragment.expect;
assert_eq!;
// Snapshot the host's TEE capabilities at startup:
let caps = detect_tee_capabilities;
println!;
Threat model
key-vault is designed to defend against:
- Memory scraping by attackers with read access — malware, forensic tools
- Forensic memory analysis — swap files, hibernation files, crash dumps
- Statistical pattern recognition — entropy analysis, frequency analysis
- Use-after-free leakage — keys persisting after they should have been wiped
- Brute-force decryption attempts — failed attempts trigger alerts
- Timing side-channels — constant-time operations
- Insider threats / forensic compliance — full audit trail
It does NOT defend against:
- Code execution within your process — an attacker who can call your reassembly logic
- Hardware-level memory access (DMA attacks) — use IOMMU + hardware mitigations
- Cold-boot attacks — use full disk encryption + power-down protocol
- Side-channel attacks on cryptographic operations — that's crypt-io's job
- Quantum computer attacks on asymmetric crypto — use post-quantum algorithms (symmetric defaults are PQ-safe)
See docs/SECURITY.md for the full threat model.
Documentation
- docs/API.md — Full public-API reference (every type, function, and method with examples)
- docs/SECURITY.md — Comprehensive 9-layer security architecture
- docs/TRANSFORMATION.md — Visual walkthrough of key transformation
- docs/release/ — Per-version release notes
- CHANGELOG.md — Full change log (Keep a Changelog format)
Standards
- REPS (Rust Efficiency & Performance Standards) governs every decision. See REPS.md.
- MSRV: Rust 1.85.
- Edition: 2024.
- Cross-platform: Linux, macOS, Windows.
License
Dual-licensed under either of:
- Apache License, Version 2.0 (LICENSE-APACHE)
- MIT License (LICENSE-MIT)
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.