What does HackerNews think of BOLT?

Binary Optimization and Layout Tool - A linux command-line utility used for optimizing performance of binaries

Post-build optimization of binaries without changing the target CPU is common. See BOLT https://github.com/facebookincubator/BOLT
I hope that the rust compiler team is considering to integrate BOLT by default too https://github.com/facebookincubator/BOLT (I'm aware it's being integrated into llvm but rust could integrate the external BOLT in it's toolchain in the meantime, free performance gain for everyone is nice to have right now)
The wide gap between those two options is kind of dissatisfying, it would be cool if LTO could disassemble existing object files and do the unused code removal on the assembly language layer. I guess that Facebook BOLT and Google Propeller are working on an approach like that.

https://github.com/facebookincubator/BOLT https://www.phoronix.com/scan.php?page=news_item&px=Google-P...

From what I understand: The blog answers, how does one store a secret without it being subject to brute force (and other offline) attacks [0], with:

Generation of the secret (on the client):

1. Generate sk: Key-stretch user-provided pass-phrase to 256 bits using Argon2 [1].

2. Generate a verifiable auth-token, token = hmac-sha256(sk, "auth key encrpytion") [2]

3. Generate a split secret-key:

3a. split1 = hmac-sha256(sk, "master key encryption")

3b. split2 = high-entropy-random-256-bits

4. Send key-pair (token, split2) to remote machines running BOLTed [3] server code in a SGX enclave [4] that replicate it using raft-consensus protocol [5] over Noise [6] in an hardware-encrypted RAM [7] and never on-disk.

5. Generate master-key = hmac-sha256(split1, split2)

6. Generate as many application-keys as required, and use these to encrypt user's data, for instance, app-key-sge = hmac-sha256(master_key, "social graph encryption") and so on...

-

Recovery of the secret (by the client):

1. On the client, using user-provided pass-phrase, generate sk, token, and split1, like above.

2. Send the token to a remote machine. If the token is valid, remote lets the client retrieve split2 [8] with which the client can now generate the master-key and app-keys, as before.

3. If the token sent is invalid, remote lets the client retry a very limited number of times before destroying the secret key-pair.

---

[0] From the post, ...we’ve been working on new techniques based on secure enclaves and key splitting that are designed to enhance and expand general capabilities for private cloud storage. Our aim is to unlock new possibilities and new functionality within Signal which require cross-platform long-term durable state, while verifiably keeping this state inaccessible to everyone but the user who created it.

[1] https://en.wikipedia.org/wiki/Argon2 (end-users prefer shorter passwords but one gets better entropy with longer passwords... which is what Argon2 brings to the table)

[2] https://en.wikipedia.org/wiki/HMAC

[3] https://github.com/facebookincubator/BOLT (prevents speculative execution exploits: https://en.wikipedia.org/wiki/Speculative_execution)

[4] https://blog.quarkslab.com/overview-of-intel-sgx-part-1-sgx-... (used for strict code and hardware attestation)

[5] https://www.youtube-nocookie.com/embed/YbZ3zDzDnrw

[6] http://www.noiseprotocol.org/ (Wireguard and WhatsApp use it, too, for end-to-end communication)

[7] https://eprint.iacr.org/2016/204.pdf

[8] Thanks u/jlund: https://news.ycombinator.com/item?id=21839394

I think something like BOLT[1] has more promise. Now that I think about it, I'm curious if I take my unoptimized executable, generate the profile for BOLT, then apply BOLT's optimizations, is it possible to come out ahead of the Compiler+BOLT optimizations?

1 - https://github.com/facebookincubator/BOLT