chore: update progress for US-115

NathanFlurry · NathanFlurry · commit 4cc2c8ff4392 · 2026-03-18T06:11:44.000-07:00
diff --git a/scripts/ralph/prd.json b/scripts/ralph/prd.json
@@ -2038,7 +2038,7 @@
         "Tests pass"
       ],
       "priority": 121,
-      "passes": false,
+      "passes": true,
       "notes": "Audit L2 — LOW. apply-timing-mitigation-freeze.ts:42-44. Current deletion is a simple delete which may not work if SAB was already captured by sandbox code."
     },
     {
diff --git a/scripts/ralph/progress.txt b/scripts/ralph/progress.txt
@@ -1539,3 +1539,19 @@ PRD: ralph/kernel-hardening (46 stories)
   - assertTextPayloadSize is the convenience wrapper for text (handles UTF-8 byte length calculation)
   - readFileRef returns string from readTextFile; readFileBinaryRef returns base64-encoded Buffer — different limits and guards needed
 ---
+
+## 2026-03-18 - US-115
+- What was implemented: Hardened SharedArrayBuffer deletion in timing mitigation freeze
+  - Replaced simple `delete` with `Object.defineProperty` using `configurable: false, writable: false` to lock the global
+  - Added prototype neutering: byteLength, slice, grow, maxByteLength, growable properties redefined as throwing getters
+  - Fallback path preserved for edge cases where defineProperty fails
+- Files changed:
+  - packages/secure-exec-core/isolate-runtime/src/inject/apply-timing-mitigation-freeze.ts — replaced 3-line delete with robust hardening (prototype neutering + non-configurable defineProperty)
+  - packages/secure-exec-core/src/generated/isolate-runtime.ts — auto-regenerated by build:isolate-runtime
+  - packages/secure-exec/tests/runtime-driver/node/index.test.ts — added 2 tests: cannot restore SAB via defineProperty/assignment, property descriptor is non-configurable/non-writable
+- **Learnings for future iterations:**
+  - Object.defineProperty with configurable: false prevents sandbox code from redefining globals — use this for all security-critical global removals
+  - Prototype neutering must happen BEFORE the global is deleted/replaced, since after deletion you lose the reference
+  - isolate-runtime sources must be regenerated via `pnpm --filter @secure-exec/core run build:isolate-runtime` after any change
+  - 5 HTTP/network tests in index.test.ts are pre-existing ECONNREFUSED flakes (serves requests, coerces 0.0.0.0, terminate server, maxSockets, upgrade)
+---

Original file line number	Diff line number	Diff line change
`@@ -2038,7 +2038,7 @@`
`2038`	`2038`	`"Tests pass"`
`2039`	`2039`	`],`
`2040`	`2040`	`"priority": 121,`
`2041`		`- "passes": false,`
	`2041`	`+ "passes": true,`
`2042`	`2042`	`"notes": "Audit L2 — LOW. apply-timing-mitigation-freeze.ts:42-44. Current deletion is a simple delete which may not work if SAB was already captured by sandbox code."`
`2043`	`2043`	`},`
`2044`	`2044`	`{`