Expand description
§waSCC Host
The WebAssembly Secure Capabilities Connector (waSCC) host runtime manages actors written in WebAssembly (aka nanoprocesses) and capability providers written in WebAssembly (via WASI) or as OS-native plugin libraries. waSCC securely manages communications between actors and the capabilities they need.
To start a runtime, simply add actors and capabilities to the host. For more information, take a look at the documentation and tutorials at wascc.dev.
§Example
use std::collections::HashMap;
use wascc_host::{Host, Actor, NativeCapability};
fn main() -> std::result::Result<(), Box<dyn std::error::Error + Send + Sync>> {
env_logger::init();
let host = Host::new();
host.add_actor(Actor::from_file("./examples/.assets/echo.wasm")?)?;
host.add_actor(Actor::from_file("./examples/.assets/echo2.wasm")?)?;
host.add_native_capability(NativeCapability::from_file(
"./examples/.assets/libwascc_httpsrv.so", None
)?)?;
host.set_binding(
"MDFD7XZ5KBOPLPHQKHJEMPR54XIW6RAG5D7NNKN22NP7NSEWNTJZP7JN",
"wascc:http_server",
None,
generate_port_config(8085),
)?;
host.set_binding(
"MB4OLDIC3TCZ4Q4TGGOVAZC43VXFE2JQVRAXQMQFXUCREOOFEKOKZTY2",
"wascc:http_server",
None,
generate_port_config(8084),
)?;
assert_eq!(2, host.actors().len());
if let Some(ref claims) = host.claims_for_actor("MB4OLDIC3TCZ4Q4TGGOVAZC43VXFE2JQVRAXQMQFXUCREOOFEKOKZTY2") {
let md = claims.metadata.as_ref().unwrap();
assert!(md.caps.as_ref().unwrap().contains(&"wascc:http_server".to_string()));
}
// Need to keep the main thread from terminating immediately
// std::thread::park();
Ok(())
}
fn generate_port_config(port: u16) -> HashMap<String, String> {
let mut hm = HashMap::new();
hm.insert("PORT".to_string(), port.to_string());
hm
}
Re-exports§
pub use middleware::Middleware;
Modules§
- errors
- Custom error types
- middleware
Structs§
- Actor
- An actor is a WebAssembly module that conforms to the waSCC protocols and can securely consume capabilities exposed by native or portable capability providers
- Binding
Entry - Host
- Represents an instance of a waSCC host runtime
- Host
Builder - A builder pattern implementation for creating a custom-configured host runtime
- Host
Manifest - Invocation
- An immutable representation of an invocation within waSCC
- Invocation
Response - The response to an invocation
- Native
Capability - Represents a native capability provider compiled as a shared object library.
These plugins are OS- and architecture-specific, so they will be
.sofiles on Linux,.dylibfiles on macOS, etc. - Wasi
Params - Parameters defining the options for enabling WASI on a module (if applicable)
Enums§
- Wascc
Entity - Represents an invocation target - either an actor or a bound capability provider
Constants§
Traits§
- Authorizer
- An authorizer is responsible for determining whether an actor can be loaded as well as whether an actor can invoke another entity. For invocation checks, the authorizer is only ever invoked after an initial capability attestation check has been performed and passed. This has the net effect of making it impossible to override the base behavior of checking that an actor’s embedded JWT contains the right capability attestations.