This repository host our proof of code to answer the question How to execute untrusted code on our PHP based platform in a secure and timely manner ?
- wasmtime-ffi: This is the PHP code that interacts with wasmtime-wrapper-lib to execute wasm binaries.
- wasmtime-wrapper-lib: This is a wrapper of the Wasmtime Rust library that we've written in order to simplify the interactions between PHP and Wasmtime.
- add-json-rs: A rust program that we compile to WebAssembly and execute through ffi-wasmtime.php. It is our example WASM module to prove that everything is working correctly.
To build and run our code please follow the individual README.md in each folder, you can start with the one in wasmtime-ffi
A Nix shell is provided to get access to the required development tools.
If you want to build everything and execute the POC you can run nix-shell --run './run.sh'