With SIP enabled you are still free to load arbitrary “signed with an Apple-approved signature” kernel extensions, so I don’t see why your technique wouldn’t be possible. You’re natively executing most of the code and intercepting syscalls either way, so I doubt there would be much of a difference in performance. I haven’t done anything serious with noah but it’s been relatively performant.