smp-tee-runtime 0.1.0

Hardened minimal runtime for TEE-based federated aggregation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

# smp-tee-runtime


A hardened, minimal Rust runtime for federated-learning aggregation inside TEEs (SGX/TDX/SEV-SNP/Nitro).

## Quickstart


1. Build and test the crate locally:

```bash
cargo build
cargo test
```

2. Run the example flows that demonstrate the public API:

```bash
cargo run --example basic_tee_call
cargo run --example xdp_integration
```

3. Run the benchmark suite that tracks aggregation and ingress simulation cost:

```bash
cargo bench --bench aggregation
```

## Repository layout


```text
smp-tee-runtime/
├── Cargo.toml
├── src/
│   ├── lib.rs
│   ├── main.rs
│   ├── tee_interface/
│   │   ├── mod.rs
│   │   └── traits.rs
│   ├── data_pipeline/
│   │   ├── mod.rs
│   │   └── xdp_ingress.rs
│   └── aggregation/
│       ├── mod.rs
│       └── multi_krum.rs
├── build-scripts/
├── examples/
│   ├── basic_tee_call.rs
│   └── xdp_integration.rs
├── benches/
│   └── aggregation.rs
├── tests/
│   └── end_to_end.rs
├── CONTRIBUTING.md
└── SECURITY.md
```

### Targeted builds


- SGX/TDX: `cargo build --target <sgx-specific-toolchain>`
- SEV-SNP: build inside an SNP-enabled guest VM/toolchain environment.

## Performance Tracking


The table below records the current Criterion results for the shipped benchmark target.

Collected on May 26, 2026 in the Ubuntu 24.04.4 LTS dev container with `stable-x86_64-unknown-linux-gnu` and `rustc 1.95.0` using `cargo bench --bench aggregation`.

| Benchmark | Current result | What it measures |
| --- | --- | --- |
| `federated_averaging` | 35.325 ns to 36.458 ns | Mean aggregation over a small in-memory batch |
| `multi_krum` | 3.5111 ns to 3.6398 ns | Robust aggregation selection for a small candidate set |
| `simulated_packet_pointer_pass_1m` | 630.24 µs to 644.61 µs | Pointer-passing overhead for a 1M-packet ingress simulation |

### Refresh Performance Numbers


Use this exact workflow when updating the table above:

```bash
cargo bench --bench aggregation
```

Update the table only when the new Criterion results are meaningfully different from the current values.

## Example end-to-end flow


```bash
cargo run --example xdp_integration
```

This demonstrates: XDP-like ingress packet view -> TEE memory write -> aggregation -> output.

## Library Usage


Use the public API directly when embedding the runtime in another Rust crate. The snippet below shows the same in-memory flow that the end-to-end tests exercise:

```rust
use smp_tee_runtime::{AggregationAlgorithm, ComputationParams, InMemoryTee, TeeGuard};

let mut tee = InMemoryTee::default();
tee.initialize().expect("TEE init failed");

let left = tee.allocate_memory(8).expect("left allocation failed");
let right = tee.allocate_memory(8).expect("right allocation failed");

let _result = tee
    .execute_computation(
        &[left.cast_const(), right.cast_const()],
        &ComputationParams {
            algorithm: AggregationAlgorithm::FederatedAveraging,
        },
    )
    .expect("aggregation failed");
```