Container Isolation

Execution runs in isolated containers to contain faults and reduce cross-tenant risk.

  • Per-run isolation: Agent jobs execute in ephemeral containers with no shared memory or disk.

  • Minimal egress: Network access is restricted to allow-listed RPCs and APIs; no open internet.

  • No secret sprawl: There are no private keys off-chain; session keys are on-chain permissions. Any operational tokens are short-lived and scoped.

  • Hardened runtime: Read-only filesystems where possible, resource quotas, rate limiting, and strict observability.

  • Deterministic deployment: Reproducible builds and checksums to ensure the code that runs is the code that was reviewed.

PreviousSession KeysNextIn-House Security Agent

Last updated