Threat Model

Mitigated

• Host OS compromise: SGX protects enclave confidentiality/integrity.

• Insider risk: operators cannot extract keys.

• DB exfiltration: data encrypted; keys remain enclave‑only.

Residual

• Microarchitectural side‑channels (mitigations depend on microcode/patching).

• Compromised client devices.

• Social engineering / phishing.

Best Practices

• Keep firmware/SGX stacks current.

• Rate‑limit OTP/OAuth; monitor for abuse.

• Enforce IP allowlists on API keys (when available) and strict CORS.