Skip to content

Architecture

Isolation

First of all, we use an execution environment which is secured where the code can’t access anything else than what is needed for it.

To do that, we use V8 and also an overlay which is our Norn Runtime to provide a V8 Runtime with an Isolate. The code executed inside an isolate is prevented to access memory outside of this isolate.

We run multiple process, each in an isolated container whith shared isolates in them based on the load we have on each server and the trust we have for each worker. For instance, a free-plan customer and a paid-plan customer won’t have their workers shared in the same process.

Another layer of security exist to properly separate low-trusted workers and hightly trusted workers into separate process and also separate servers in case of a vulnerability which would affect the isolation from V8 and from the container isolation.

Those container where we have the isolates living in are also short lived and rotate a lot everyday by design to ensure no unknown slow-based attacks are currently being performed.