Security

Enforced at boundaries.
Not through trust.

Every World runs inside a Firecracker microVM. Hardware-level isolation between environments. No shared state, no shared process space.

Isolation

Firecracker microVMs on Fly Machines. Separate kernel, filesystem, and network per World.

Scoped Tokens

256-bit random tokens per World. Validated on every telemetry push. Auto-rotated on restart.

Audit Log

Append-only. Every spawn, claim, stop, export, visibility change, and error — retained indefinitely.

Row-Level Security

Database-level access enforcement independent of application logic. Defense in depth.