Crate sp_sandbox

source ·
Expand description

This crate provides means to instantiate and execute wasm modules.

It works even when the user of this library executes from inside the wasm VM. In this case the same VM is used for execution of both the sandbox owner and the sandboxed module, without compromising security and without the performance penalty of full wasm emulation inside wasm.

This is achieved by using bindings to the wasm VM, which are published by the host API. This API is thin and consists of only a handful functions. It contains functions for instantiating modules and executing them, but doesn’t contain functions for inspecting the module structure. The user of this library is supposed to read the wasm module.

When this crate is used in the std environment all these functions are implemented by directly calling the wasm VM.

Examples of possible use-cases for this library are not limited to the following:

  • implementing smart-contract runtimes that use wasm for contract code
  • executing a wasm substrate runtime inside of a wasm parachain

Re-exports

pub use self::embedded_executor as default_executor;
pub use self::env::HostError;

Modules

An embedded WASM executor utilizing wasmi.
Definition of a sandbox environment.

Enums

Error that can occur while using this crate.
Typed value that can be returned from a function.
Values supported by Substrate on the boundary between host/Wasm.

Traits

Struct that can be used for defining an environment for a sandboxed module.
Sandboxed instance of a wasm module.
Reference to a sandboxed linear memory, that will be used by the guest module.

Type Definitions

Function pointer for specifying functions by the supervisor in EnvironmentDefinitionBuilder.