Memory allocation is not a feature — it is a security liability.

In high-assurance Trusted Execution Environments (TEEs), you cannot afford the jitter or the fragmentation of a probabilistic global heap. When building the sakshi-core attestation loop for the Sovereign Spine architecture, the requirement was absolute: determinism.

Standard heap allocation introduces non-deterministic paths, memory fragmentation, and significantly increases the complexity of the Trusted Computing Base (TCB). For our enclave, that is unacceptable.

The Problem: Why GlobalAlloc Fails the TEE Test

In a standard Rust environment, we lean on the global allocator. In a TEE, however, the global allocator is a massive attack surface.