Skip to content

SimEnclave v1.0.0

Choose a tag to compare

@github-actions github-actions released this 12 Jun 16:07
3a3f617

SimEnclave 1.0

SimEnclave gives the iOS Simulator a real Secure Enclave. An injected interposer catches the SecKey calls in a simulated app and routes the Secure Enclave ones to your Mac's SEP over an authenticated loopback channel. The app signs with real hardware P-256, and the private key never leaves the chip. No mock, no software key, and the app itself imports nothing.

What's in it

  • The menu bar helper owns a P-256 key inside your Mac's Secure Enclave and answers requests over loopback. It arms booted simulators automatically, so an app you launch is injected with no extra step.
  • simenclavectl, a JSON CLI with honest exit codes: doctor, status, init, keys, sign. Built to be driven by a person or an agent.
  • Two example consoles, native SwiftUI and React Native, generating, signing, and verifying against the same host Secure Enclave from two different stacks.
  • The fence. The interposer is a simulator-slice binary that dyld refuses to load on a device, a consuming app injects it through a debug scheme only, and CI proves both. It cannot follow your code into production.

Install

curl -fsSL https://raw.githubusercontent.com/nirapod-labs/simenclave/main/scripts/install.sh | sh

Builds from source and installs the helper to /Applications and the CLI to ~/.local/bin. Needs Xcode. The downloadable .app below is ad-hoc signed; SHA256SUMS covers every asset.

Using it

Open SimEnclave (it lives in the menu bar), point a debug Simulator scheme at it with simenclavectl init, and your existing SecKey code runs against real hardware in the Simulator. simenclavectl doctor checks the wiring.