You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
POLL: WebAssembly instances must never be able to cause effects other than by wielding explicitly granted access (e.g. the importObject in a JS embedding).
SA
A
N
F
SF
0
0
6
9
7
Action item: Mark clarify what this poll is getting at, add to design repo’s “security.md” document, etc.
The text was updated successfully, but these errors were encountered:
By "effects" above we mean input, output, mutating state outside the instance, or reading mutable state outside the instance. This is closely related to the criteria that should be used to distinguish user-mode instructions from other actions, as stated at
We do not currently include resource use or non-determinism, even though OSes can control these aspects of user-mode computation. Note that blockchain usage of wasm
(Dfinity, ewasm, EOS, Polkadot, Parity) do restrict resource use and non-determinism, so perhaps we would revisit; but that would be a separate proposal.
POLL: WebAssembly instances must never be able to cause effects other than by wielding explicitly granted access (e.g. the importObject in a JS embedding).
Action item: Mark clarify what this poll is getting at, add to design repo’s “security.md” document, etc.
The text was updated successfully, but these errors were encountered: