Intel's SGX extensions create isolated application enclaves, which disallow information leakage and unverified access to private data. However, SGX is now known to be broken as some works have leaked data on real hardware. What do such works exploit to break SGX's security invariants?