Improve content

docs/dapp/sapphire/guide.mdx

@@ -183,7 +183,10 @@ state encryption key from the Oasis key manager. Both the keys and values of the
 items stored in state are encrypted, but the size of either is *not* hidden. You
 app may need to pad state items to a constant length, or use other obfuscation.
 Observers may also be able to infer computation based on storage access patterns,
-so you might need to obfuscate that, too.
+so you may need to obfuscate that, too. See security [chapter] for more
+recommendations.
+
+[chapter]: ./security.md#storage-access-patterns
 
 :::danger Contract state leaks a fine-grained access pattern
 

docs/dapp/sapphire/security.md

@@ -4,9 +4,12 @@ description: Security recommendations for Sapphire
 
 # Security
 
-Work in Progress
+Work in progress to support confidential smart contract development. At the
+moment we address safeguarding storage variable access patterns and provide
+best practices for more secure orderings of error checking to prevent leaking
+contract state.
 
-## Storage I/O patterns
+## Storage Access Patterns
 
 You can also use a tool such as [hardhat-tracer] to examine the base EVM state
 transitions under the hood.
@@ -36,7 +39,7 @@ npx hardhat trace --hash 0xTransactionHash
 For both [gas] usage and confidentiality, non-unique data sizes are
 recommended. E.g. 64-byte value will still be distinct from a 128-byte value.
 
-:::caution Inference of Related Transactions
+:::caution Inference based on access patterns
 
 `SSTORE` keys from one transaction may be linked to `SLOAD` keys of another
 transaction.