Compiled code wasm execution engine for the sandbox capability

[pepyakin]

At the moment we use wasmi for executing code in the sandbox, which is rather slow compared to even non-highly-optimizing compilers such as lightbeam. A step for improving this would be to integrate wasmtime/lightbeam there.

Note that we at this moment assume that wasm executed in sandbox is untrusted. The reason for that is that the primary user of the sandboxing capability is the srml-contract module. This might, however, change because especially taking into the account that sandbox is designed to be more or less universal.

Furthermore, there was an idea of a feature for srml-contract, that allows governance to mark some code_hash as trusted allowing to us to employ the highest tier compiler available on board of the node to compile this code. This would require specifying the desired properties of compiler when instantiating a wasm module with the sandbox.

We have similar problem for the runtime #2634 , so it might make sense to think about the complete solution.

[Demi-Marie]

Can we implement this using OS-level sandboxing?

[Demi-Marie]

Rust has the gaol crate which implements sandboxing using features provided by the underlying operating system. It has not been audited, but it is so small that @kirushik could probably audit it fairly quickly. Also, my understanding is that Lightbeam is meant to be a security boundary.

[Demi-Marie]

The biggest difficulty is that communication between the sandbox and the host must be synchronous.

[stale]

Hey, is anyone still working on this? Due to the inactivity this issue has been automatically marked as stale. It will be closed if no further activity occurs. Thank you for your contributions.