Alok Menghrajani

Previously: security engineer at Square, co-author of HackLang, put the 's' in https at Facebook. Maker of CTFs.

This blog does not use any tracking cookies and does not serve any ads. Enjoy your anonymity; I have no idea who you are, where you came from, and where you are headed to. Let's dream of an Internet from times past.

Home | Contact me | Github | RSS feed | Consulting services | Tools & games

HSM (Hardware Security Modules) are pieces of hardware used to protect sensitive cryptographic keys and perform cryptographic operations. These devices are typically used in the banking and defense industry. Developers can use existing APIs or extend the devices capabilities. In the case of nCipher devices, the framework for implementing extensions is called CodeSafe and the code is typically written in C (e.g. see Subzero, Square's HSM-based Bitcoin Cold Storage wallet).

One of my last hacks while working at Square was to build a prototype showing how CodeSafe code could be written using Rust. I shared it on April 1st as an anti hoax (since the whole thing actually works). The main appeal for using Rust is memory safety/better guarantees compared to C. Rust also enables leveraging a rich ecosystem of packages and libraries.

  • Write up (4 pages, pdf)
  • Rust on nCipher repo