Menu

Home

Yonas Abeselom

AAD-50 — Abeselom ASIC-Direct 50

Firmware-Enforced, 50-Cycle NVMe Sanitization with Per-Cycle Hardware Verification


What Is AAD-50?

AAD-50 is an open-source NVMe sanitization framework that solves a problem most operators do not know exists.

When you run nvme sanitize on Linux, the command returns immediately. The drive acknowledges receipt. You move on. But NVMe Sanitize is asynchronous — the actual erasure happens in the background, and the standard tooling never checked whether it completed. If drive firmware silently fails — which UC San Diego researchers documented happening in 3 of 12 drives they tested — the operator has no way to know.

AAD-50 fixes this. After every single sanitize cycle, AAD-50 polls NVMe Log Page 0x81 and refuses to advance until SSTAT = 0x1 confirms hardware completion. No assumptions. No trust. Hardware confirmation only.


Key Facts

Property Detail
Version 1.1
Platforms Linux, Windows, Windows GUI
Cycles 50 (B->C->A phase matrix)
Verification Log Page 0x81 per-cycle polling
Audit output SHA-256 tamper-evident chain + PDF Certificate of Destruction
Standards alignment NIST SP 800-88 Rev.2 Purge, NVMe Base Spec 2.0, ISO/IEC 27040
License Open source, free
Author Yonas Abeselom, Addis Ababa, Ethiopia

The Three Phases

Phase Cycles Action NVMe Command
B - Physical Overwrite 1-40 NAND cell overwrite SANITIZE_ACTION_OVERWRITE (0x02)
C - FTL Teardown 41-45 FTL index destruction SANITIZE_ACTION_BLOCK_ERASE (0x01)
A - Crypto Seal 46-50 Media key destruction SANITIZE_ACTION_CRYPTO_ERASE (0x04)

Every cycle is hardware-confirmed via Log Page 0x81 before the next begins.


Real-World Validation

On June 2, 2026, RFC [#3415] was opened on linux-nvme/nvme-cli proposing that the fire-and-forget verification gap be addressed natively in the tool.

14 days later, PR [#3438] — implementing --wait and --repeat N — was merged into linux-nvme/nvme-cli master by Daniel Wagner, the primary maintainer. The verification architecture now ships with virtually every Linux distribution on earth.

nvme-cli v3.0-b.1 explicitly lists PR [#3438] in its official release changelog.


Peer Engagement

-> Peter Gutmann (Univ. of Auckland, author of the Gutmann 35-pass method) — reviewed the specification twice, both rounds improved it. Final verdict: "It looks pretty good, I can't really find anything to complain about."

-> Steven Swanson (UC San Diego, senior author of Wei et al. FAST 2011) — responded with substantive feedback on the generalisability of his 2011 findings to modern NVMe drives.

-> Keith Busch (primary nvme-cli maintainer) — gave qualified personal approval for PR [#3438].

-> Daniel Wagner (nvme-cli maintainer) — merged PR [#3438] into master, commit 84078fa.

-> Guido van Rossum (creator of Python) — reviewed the implementation and called it "very cool."

-> NVM Express — initiated internal review of the specification.


Wiki Pages



Related

Wiki: FAQ
Wiki: Roadmap

Auth0 Logo