# Keystone (dead project) *An Open Framework for Architecting Trusted Execution Environments* https://keystone-enclave.org/ Keystone is an _open-source_ project for building _customizable_ _trusted execution environments (TEEs)_ based on RISC-V for various platforms and use cases. Our goal is to build a secure and trustworthy open-source secure hardware enclave, which can be applied to a wide range of applications and devices. - [Main repo](https://github.com/keystone-enclave/keystone) (inactive for 12 months as of [[2022-02]]) - [Docs](http://docs.keystone-enclave.org/en/latest/) - [Forum](https://groups.google.com/g/keystone-enclave-forum) (using [[Google]] Groups) - Looks like Gmail wtf - [Twitter](https://twitter.com/KeystoneEnclave) (last tweet May 2020) **See our [latest paper](https://dl.acm.org/doi/abs/10.1145/3342195.3387532) (EuroSys’20) to get more details!** ## [Keystone: an open framework for architecting trusted execution environments](https://dl.acm.org/doi/pdf/10.1145/3342195.3387532) Out of [[UC Berkeley]], includes [[Dawn Song]] on the paper **ABSTRACT** Trusted execution environments (TEEs) see rising use in devices from embedded sensors to cloud servers and encompass a range of cost, power constraints, and security threat model choices. On the other hand, each of the current vendor-specific TEEs makes a fixed set of trade-offs with little room for customization. We present Keystone---the first open-source framework for building customized TEEs. Keystone uses simple abstractions provided by the hardware such as memory isolation and a programmable layer underneath untrusted components (e.g., OS). We build reusable TEE core primitives from these abstractions while allowing platform-specific modifications and flexible feature choices. We showcase how Keystone-based TEEs run on unmodified RISC-V hardware and demonstrate the strengths of our design in terms of security, TCB size, execution of a range of benchmarks, applications, kernels, and deployment models.