Alpha software. ArcBox is under active development. Expect rough edges, missing features, and breaking changes.

Computer Use is the next frontier for AI -- agents that can write files, run code, browse the web, and operate a real machine. But giving an agent a full computer means giving it a full attack surface. Containers share the host kernel; a single exploit and the agent is out.

ArcBox solves this with Firecracker-style microVMs that boot their own Linux kernel in under 200ms. Each sandbox is a real computer -- real filesystem, real network, real process tree -- with VM-level isolation that containers can't provide. And when you just need Docker, ArcBox is a drop-in replacement for Docker Desktop.

Host
├── arcbox daemon (Docker API + gRPC)
│
├── System VM (Container + Sandbox tiers, shared kernel)
│   └── arcbox-agent
│       ├── Container Runtime ── namespace + chroot
│       └── Sandbox Runtime ─── KVM microVM (<200ms boot)
│
├── Machine VM "ubuntu-dev" (independent kernel + rootfs)
└── Machine VM "alpine-test"

Give an AI agent a real computer it can't break out of.

• <200ms cold boot -- KVM microVM with minimal device model (virtio-MMIO only, no PCI/ACPI/BIOS)
• <50ms warm start -- snapshot/restore for instant sandbox cloning
• VM-level isolation -- each sandbox runs its own kernel; a vulnerability in one cannot escape to others
• Real computer -- real filesystem, real networking, real process tree -- not a simulated shell
• Disposable -- spin up, let the agent work, tear down; no state leaks between sessions
• Docker-compatible -- docker run --runtime=sandbox untrusted-image

Drop-in Docker engine replacement. Point your existing Docker CLI at ArcBox:

arcbox docker enable
docker run -d -p 8080:80 nginx

Full Linux VMs with persistent storage, SSH access, and their own init system.

arcbox machine create dev --distro ubuntu
arcbox machine ssh dev

# Install
curl -sSL https://install.arcbox.dev | sh

# Start the daemon
arcbox daemon start

# Enable Docker compatibility
arcbox docker enable

# Run a container
docker run -d -p 8080:80 nginx
curl http://localhost:8080

• Container lifecycle -- run, stop, rm, logs, exec, inspect
• Image management -- pull from Docker Hub and OCI registries (ARM64)
• Port forwarding -- -p 8080:80 maps host ports into containers
• Volume mounts -- bind mounts and named volumes
• Networking -- internet access, DNS resolution, inter-container DNS
• Docker Compose -- docker-compose up/down for multi-container stacks
• Context switching -- arcbox docker enable/disable to toggle with Docker Desktop
• Machine management -- create/start/stop/rm/ls/inspect/exec/ssh
• 40+ Docker API endpoints -- Docker Engine API v1.43 compatible

Custom VirtIO stack, zero-copy networking, purpose-built VirtioFS.

• macOS 13 (Ventura) or later
• Apple Silicon (M1/M2/M3/M4) -- Intel support in progress
• Docker CLI installed (ArcBox replaces the engine, not the CLI)

See CONTRIBUTING.md for build instructions, code standards, and development setup.

MIT OR Apache-2.0