Skip to content

docs: sealed-channel measurement-binding stated as fact in README but LIMITATIONS says not to assume it yet #38

Description

@imran-siddique

The sealed peer channel's measurement-binding property is stated as present fact in the README, while LIMITATIONS says it must not be assumed yet.

Stated as fact:

  • README.md:57 — "The task payload is sealed to the peer's attested measurement, so it decrypts only inside the verified enclave."
  • README.md:88,94 — "seal task payload to peer measurement" / "only B's verified enclave can read it."

Caveated in LIMITATIONS:

  • LIMITATIONS.md:13 — "The remaining gap is the hardware property that the private key never leaves the peer's enclave ... Until that end-to-end binding lands on hardware, do not assume a payload is confined to a specific attested measurement."

Also, the one-line status differs across docs: the README banner (README.md:26) calls the sealed channel "under construction," while ROADMAP.md:26 marks it "landed" (with the hardware binding listed as remaining work). Both are defensible in the detailed text, but a reader hits contradictory headline words.

Proposed fix: at the point of claim (README.md:57, :88-94), add the qualifier that the channel crypto is implemented but sealing to a verified attested measurement is roadmap (per LIMITATIONS.md:13), and align the one-line status wording across the README banner, LIMITATIONS, and ROADMAP.

(The LIMITATIONS / ROADMAP discipline here is good — this is only about the README stating the end-state property without the in-progress qualifier.)

Found during a docs-consistency pass.

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentationtier-2Tier 2 — runtime enforcement + sealed channeltrack:channelSealed peer channel

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions