Ahead-of-time Secure EcmaScript
The monorepo contains a set of packages that helps adopt SES in a pre-compiled way.
This project has the following security assumptions (based on our usage):
- Environment is already
- Dynamic code execution (
Function) is not possible (if it is possible, please use the Compartment provided by ses).
- Files executed are either precompiled into SyntheticModuleRecord or trusted.
@masknet/static-module-record-swc: A swc plugin to transform ES Module into SyntheticModuleRecord.
@masknet/compartment: An eval-less implementation of Compartment.
@masknet/web-endowments: Provide common Web APIs, with
AbortSignalsupport to cancel out all side effects within a compartment, and provide attenuations (e.g. limits accessible databases of
indexedDB, or limit accessible domains in
@masknet/membrane: A membrane library.
@masknet/intrinsic-snapshot: Make a snapshot of all intrinsic (including host APIs).