Automated TEE-based Library Hardening for Silent Vulnerability Mitigations

<pre> An automated approach to migrate third-party library APIs to TEEs. It uses dynamic and static analysis to trace and prune dependencies based on unit tests, employs an LLM agent with ReAct to refine and convert the code subset to native code, and packages it into a static library for TEE development<br></pre>

一种将第三方库API迁移至可信执行环境（Trusted Execution Environment，TEE）的自动化方案。该方案依托单元测试，结合动态与静态分析对依赖项进行追踪与裁剪；采用搭载ReAct框架的大语言模型智能体（LLM agent），对代码子集进行优化并转换为原生代码，最终将其打包为适用于可信执行环境开发的静态库。