今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#Rust

找到 271 篇相关文章

AI 资讯

The Security Liability of Memory Allocation in TEEs: A Design Decision Log

Memory allocation is not a feature — it is a security liability. In high-assurance Trusted Execution Environments (TEEs), you cannot afford the jitter or the fragmentation of a probabilistic global heap. When building the sakshi-core attestation loop for the Sovereign Spine architecture, the requirement was absolute: determinism. Standard heap allocation introduces non-deterministic paths, memory fragmentation, and significantly increases the complexity of the Trusted Computing Base (TCB). For our enclave, that is unacceptable. The Problem: Why GlobalAlloc Fails the TEE Test In a standard Rust environment, we lean on the global allocator. In a TEE, however, the global allocator is a massive attack surface. Jitter: Allocation time varies based on heap state, leaking metadata through timing side-channels. Fragmentation: Heap fragmentation can lead to unpredictable exhaustion, a vector for Denial of Service (DoS) within the enclave. TCB Bloat: The allocator logic itself adds thousands of lines of code to your audit surface. The Solution: Session-Scoped Bump Buffer To enforce architectural certainty, I stripped away the dependency on standard heap allocation in the enclave. Instead, I implemented a session-scoped bump buffer . This is a contract-based memory model: Constant-time execution: Allocation is a pointer increment operation, taking 1-2 CPU cycles. Zero-fragmentation: Memory is allocated linearly and cleared atomically at the session boundary. Simplified TCB: By removing GlobalAlloc , the enclave memory logic is reduced to a handful of lines of verifiable code. Implementation Concept The core logic relies on a pre-allocated static region. We do not ask the system for memory; we own a dedicated slab of silicon-backed memory and manage it strictly within the request lifecycle. // Conceptual implementation of the session-scoped buffer pub struct BumpBuffer { buffer : & 'static mut [ u8 ], offset : usize , } impl BumpBuffer { pub fn alloc ( & mut self , size : usize

2026-07-03 原文 →
开源项目

🔥 Zackriya-Solutions / meetily - Privacy first, AI meeting assistant with 4x faster Parakeet/

GitHub热门项目 | Privacy first, AI meeting assistant with 4x faster Parakeet/Whisper live transcription, speaker diarization, and Ollama summarization built on Rust. 100% local processing. no cloud required. Meetily (Meetly Ai - https://meetily.ai) is the #1 Self-hosted, Open-source Ai meeting note taker for macOS & Windows. | Stars: 13,224 | 132 stars today | 语言: Rust

2026-07-02 原文 →
AI 资讯

Agent memory and context that never leaves your machine

Most "agent memory" and "agent context" tools today require sending your data to someone else's cloud. If you operate in a regulated, air-gapped, or simply privacy-conscious environment, that rules them out before you've even tried them. I build the opposite: two MIT-licensed, local-first MCP servers that do this work entirely on your own hardware. The problem Agent memory and context assembly are converging on a cloud-only default. That's a non-starter for defense, healthcare, finance, legal, and any team that can't or won't let agent context leave their VPC. It's also just slower and less deterministic than it needs to be: agents re-discover the same facts about your repo and services every session, burning tokens and turns before doing any real work. Mimir: persistent memory, fully offline Mimir is a single ~8MB Rust binary. It encrypts everything at rest with AES-256-GCM, and it works with no API key, no model download, and no network access at all, because the embeddings used for dense search are bundled directly into the binary. It's bi-temporal: every fact carries a validity window, so you can query memory "as of" any past point and supersede facts without deleting history. 43 MCP tools, SQLite + FTS5 hybrid search under the hood. One honest tradeoff worth naming: the FTS5 index needed for fast keyword search currently sits over plaintext, even though the underlying record is encrypted at rest. We're upfront about this in the docs rather than overstating the encryption story. Perseus: compile-before-context Perseus takes a different approach to context than runtime tool-call discovery. Instead of letting an agent rediscover your git state, running services, and test status through a chain of tool calls every session, it compiles all of that into a ready briefing the moment a session starts. The result is deterministic and byte-stable: the same repo state always produces the same compiled context. Honest, reproducible benchmarks On paraphrased queries, Mimir's

2026-07-01 原文 →
AI 资讯

Can you build observability ingestion on S3 alone — no Kafka, no disks, no coordination layer?

TL;DR — A Kafka + Flink + OTel ingestion pipeline cost us ~$700–800/month at 10 MB/s. We rebuilt it as a single binary where the data, the write-ahead log, and the Iceberg catalog all live in S3 alone — no Kafka, no local disks, no coordination service — for ~$100/month . Here's the design. Self-hosted observability sooner or later runs into the problem of storing state. Query load, CPU, and data volume can all be handled by scaling out, but the stateful layer is something you have to operate by hand. At first it's almost unnoticeable: a disk degrades here, replication falls behind there, a recovery hangs somewhere else. As the data grows, incidents stop being one-offs and start to recur. At some point your observability stack - whether it's Grafana Loki, Elastic, or ClickHouse - starts demanding the same attention as a full-blown database that you're on the hook for. Kubernetes operators cover some of these cases, but operating the state is still on you. Managed solutions take that burden away and bring their own: rising costs, ingestion-pipeline constraints, and limits on retention and cardinality. But if you'd rather not sign up for the constant operational grind - or live with the constraints of managed solutions - it's worth asking: can we take the stateful part out of operations entirely? Storage and format The first candidate for offloading storage responsibility is Amazon S3. S3 gives you what local disks can't: fault tolerance and practically unlimited scale, with no storage to manage yourself. It isn't free, though: data-access latency goes up, and you pick up separate costs for API operations. For OLTP workloads that's a dealbreaker. For observability workloads - which are dominated by sequential writes and analytical reads - these trade-offs are often acceptable. At first glance, this problem is already solved. Loki , for example, uses S3 as its primary storage. But according to Loki's public documentation (v3.6.x) at the time of writing, Loki doesn't re

2026-07-01 原文 →
AI 资讯

Galfus Script MVP is complete

Galfus Script has reached its first MVP milestone. Galfus is an experimental programming language written in Rust, designed around a typed VM-first execution model, compact .gfb artifacts, deterministic module/workspace resolution, and an ownership model based on anchors, edges, and weak observers. The MVP goal was not to build a full ecosystem yet. The goal was to prove the complete local execution pipeline: txt .gfs source -> lexer and parser -> resolver -> type checker and semantic analyzer -> ownership check -> MIR lowering -> bytecode emitter -> Galfus Module Image -> .gfb serialization -> VM interpreter execution https://github.com/vulppi-dev/galfus-script/discussions/10

2026-06-29 原文 →
AI 资讯

Presentation: Million PDFs: Building a Modern Document Infrastructure with Rust and Typst

Erik Steiger discusses the operational pain of legacy PDF generation in regulated banking and manufacturing. He explains how transitioning from resource-heavy engines like Puppeteer and LaTeX to a serverless Rust architecture powered by Typst can drop render latencies below 2ms. He shares how applying Git and Docker concepts to template registries ensures ironclad compliance and rapid debugging. By Erik Steiger

2026-06-29 原文 →