Here are some additional resources on CHERI. I agree that it sounds promising but it’s complex and feels like overkill for our purposes, and I imagine it’ll take a long time to be finalized and make its way into implementations (the RISC-V spec is currently being worked on).
- Department of Computer Science and Technology: CHERI-RISC-V
- GitHub - riscv/riscv-cheri: This repository contains the CHERI extension specification, adding hardware capabilities to RISC-V ISA to enable fine-grained memory protection and scalable compartmentalization.
- https://open-src-soc.org/2022-05/media/slides/4th-RISC-V-Meeting-2022-05-04-16h00-CHERI-Cambridge.pdf
I also found this proposal which has already been ratified by RISC-V: Smepmp.pdf - Google Drive
I think this is fine as a starting point. Solana for instance currently limits the cross-contract call frame stack depth to four.