MesaPy is a memory-safe Python implementation built on PyPy, targeting developers seeking enhanced security and performance, particularly for sensitive applications. It offers significant speedups over CPython and integrates with Intel SGX for secure, enclave-based execution.

How It Works

MesaPy enhances PyPy's RPython by replacing C libraries with Rust for memory safety, hardening RPython's type system with runtime checks, and formally verifying critical C components. This multi-pronged approach aims to eliminate memory vulnerabilities like buffer overflows and null pointer dereferences, providing a robust and secure Python runtime.

Quick Start & Requirements

• Install/Run: Use pre-built binaries or Docker images (docker run --rm -it mesalocklinux/mesalock-linux:latest mesapy).
• Build from Source: Requires Docker. Clone repo (git clone --recursive), then docker run --rm -it -v$(pwd):/mesapy -w /mesapy mesalocklinux/build-mesalock-linux make pypy-c.
• SGX Support: Requires checking out the sgx branch and following specific instructions for building SGX enclaves.
• Documentation: https://docs.mesapy.org/

Highlighted Details

• Achieves up to 10x speedup over Python 2.7.12 due to PyPy's JIT and GC.
• Integrates with Intel SGX for secure, confidential computing.
• Employs formal verification tools (Seahorn, Smack, TIS) for C components.
• Replaces external C libraries with Rust for guaranteed memory safety.

Maintenance & Community

Maintained by Mingshen Sun and Qian Feng, with contributions from Huibo Wang and Yu Ding. Active development on SGX support and formal verification.

Licensing & Compatibility

Licensed under the 3-Clause BSD license. Compatible with commercial use.

Limitations & Caveats

SGX support is a work-in-progress with limited functions and packages. Some C code remains in the RPython translator/JIT, which is being addressed via formal verification.