Currently, Chrome's site-isolation and V8's untrusted-code-mitigations are working together to protect against the exploitation of speculative execution optimizations used by modern CPUs like Spectre. However, these V8 mitigations like poisoning and array index masking come with a performance trade-off, especially on computational-heavy workload like Octane2.

Since site isolation has been turned on in Chrome 67 providing the ability to keep the secret data and attack code in separate processes, I was wondering if we could exclude the V8 mitigations (or part of the mitigations) for Chrome where site isolation is on by default.