site still has a few bugs (it isn't officially "out" yet, but its topical so why not).
the sandbox VM is a docker container with a standard interface for storage (relax/vfs), display (wayland), messaging (relax/pub).
vfs supports torrents and partial replication, so you're pretty much always streaming. we try to cache things to keep it fast, but different systems have different storage limits so we have to assume that we're always going to be fetching from the network.
applications can actually consist of multiple docker containers with different capabilities that can be scheduled on any host that has been paired with your user key. these can be updated individually or in tandem.
docker registries have to be explicitly trusted before you can run anything. we realize that docker isn't a security boundary by default, but we are attacking that problem from a few angles.
we implement a lot of this functionality as docker engine plugins. so you get anon overlay routing and distributed storage transparently from the perspective of the application.
That sounds pretty reasonable and interesting for prototyping, but also possibly heavy weight to run as a "browser". But I think it's basically what we seem to be moving towards anyway - if we could securely run it, the simplest model of interaction is to just download a program + data and run it.
for "browsing" you'd have a browser app along the lines of patchwork[0], might even be patchwork actually since we use the same core tech. i don't think they need to be the same thing, personally.
https://www.heropunch.io/roadmap.html#finally-relax
site still has a few bugs (it isn't officially "out" yet, but its topical so why not).
the sandbox VM is a docker container with a standard interface for storage (relax/vfs), display (wayland), messaging (relax/pub).
vfs supports torrents and partial replication, so you're pretty much always streaming. we try to cache things to keep it fast, but different systems have different storage limits so we have to assume that we're always going to be fetching from the network.
applications can actually consist of multiple docker containers with different capabilities that can be scheduled on any host that has been paired with your user key. these can be updated individually or in tandem.
docker registries have to be explicitly trusted before you can run anything. we realize that docker isn't a security boundary by default, but we are attacking that problem from a few angles.
we implement a lot of this functionality as docker engine plugins. so you get anon overlay routing and distributed storage transparently from the perspective of the application.