Campaign Story

LavaLamp tackles a problem the chip industry has effectively refused to fix. On modern processors, SMT sibling cores share execution resources, producing a measurable timing side-channel: a spy process running on one logical core can saturate shared execution ports and read the latency penalty it inflicts on its sibling — enough signal to fingerprint a neighbor’s instruction mix and, in the worst case, extract cryptographic key material. On AMD Zen 5 (Ryzen 9950X3D), the founder measured a 27.6% latency penalty under contention (a ~904-cycle exploitable delta).

The catch: all four major vendors — AMD, Google/Chromium, Microsoft MSRC, and NVIDIA PSIRT — reviewed the disclosure (late 2025–early 2026) and declined to mitigate, classifying it as “expected behavior.” Their only recommended fix is disabling SMT, which cuts system capacity in half — a non-starter for cloud, data centers, and HPC. And conventional software defenses (constant-time programming) don’t close it on Zen 5, because the leak isn’t in instruction latency — it’s in hardware-level resource contention between sibling threads that software can’t partition. The exposure spans every multi-tenant environment: public cloud (AWS, Azure, GCP cross-tenant key extraction), browsers (WebAssembly cross-origin timing), VDI/Citrix isolation bypass, crypto HSM/wallet attacks, and even post-quantum ML-KEM (Kyber) implementations.

LavaLamp’s approach is structural masking, not random noise. Random jitter is filterable — a patient attacker samples it away. Instead, LavaLamp’s “Active Neighbor Architecture” pins a contention engine to the SMT sibling core (the Neighbor Thread) alongside the protected workload (the Safe Thread), generating cycle-accurate port contention that mirrors the geometric structure of the computation being protected — so the original signal becomes inseparable from the noise. The engine is driven by the founder’s proprietary math framework (the Egocentric Reference Framework and its Goldbach Topological Calculator), using a multi-stage entropy generator hardware-seeded from RDRAND/RNDR/urandom with a period exceeding 500 days.

The results from the working software proof-of-concept: signal leakage cut from ~24% (unprotected) to 1.74% — a ~93% reduction — at only a 6.14% performance cost, preserving 93.86% of capacity. That reclaims roughly 47% of compute versus the disable-SMT “fix.” A projected FPGA implementation targets sub-1% leakage at under 0.1% performance cost (99.9% capacity).

Stage: working software PoC validated on AMD Zen 5, completed responsible disclosure to four major vendors, with an FPGA/hardware implementation as the next build. This is early-stage, defensible, IP-heavy deep tech sitting on a problem the incumbents have publicly chosen not to solve.