1. 12
  1.  

  2. 4

    Hey Torrie, it’s cool to see more tools in the process isolation space, which I think is going to be more active as people realize how important it is for dynamic resource allocation to work smoothly. This is advertised as “incredibly fast” but my experience (a long time ago, before seccomp-bpf) with some of the underlying tools was that they added multiple orders of magnitude to the latency of some syscalls. What has your experience with these interfaces been like recently? Also, do you folks have an idea where you see the middle ground between “Provide the exact same execution environment anywhere on the ‘net for any given contract on any given host” and “Defensive against malicious contracts” ?