// pages/security.jsx const TOKEN_EXAMPLE = `{ "sub": "service/code-executor", "iat": 1748649600, "exp": 1748736000, "caps": { "filesystem": ["/tmp", "/data/uploads"], "network": false, "syscalls": ["read", "write", "exit"], "max_memory_mb": 256, "max_timeout_ms": 30000 } } // Signed with HMAC-SHA256(VELA_TOKEN_SECRET, payload)`; const POLICY_EXAMPLE = `deny_patterns: - "rm -rf" - "curl\\\\s+https?://" - "wget" - "chmod.*777" - "nc\\\\s+-" # netcat require_approval_for: - pattern: "sudo" reason: "privilege escalation requires review" - pattern: "pip install" reason: "package installation must be pre-approved" max_timeout_ms: 15000`; const ALERT_EXAMPLE = `{ "execution_id": "a1b2c3d4", "alerts": [ { "severity": "HIGH", "rule_id": "sensitive_file_access", "description": "Process attempted to access /etc/shadow" }, { "severity": "CRITICAL", "rule_id": "syscall_rate_spike", "description": "Syscall rate exceeded 847/s (limit: 500/s)" } ] }`; const DETECTION_RULES = [ { rule: 'sensitive_file_access', severity: 'HIGH', trigger: '/etc/shadow, /root/.ssh/*, /proc/*' }, { rule: 'syscall_rate_spike', severity: 'CRITICAL', trigger: 'Syscall rate > 500/s' }, { rule: 'private_network_access', severity: 'HIGH', trigger: 'Connections to RFC-1918 addresses' }, { rule: 'command_pattern_match', severity: 'MEDIUM', trigger: 'Custom regexes in intrusion_rules.toml' }, ]; const NOT_PROTECTED = [ { title: 'Kernel exploits in the guest', desc: 'Use a hardened, minimal guest kernel image. Vela doesn\'t patch CVEs in the kernel running inside the VM.' }, { title: 'Physical host access', desc: 'An attacker with physical access to your hardware bypasses all software isolation. Secure your infrastructure.' }, { title: 'Compromised TOKEN_SECRET', desc: 'Rotate VELA_TOKEN_SECRET frequently. Store it in a secrets manager, never in source code or env files.' }, { title: 'Unbounded concurrency', desc: 'Use --pool-size and max_requests_per_minute to prevent resource exhaustion from too many concurrent VMs.' }, ]; function SecuritySectionBlock({ title, children, style = {} }) { return (

{title}

{children} ); } function SecurityPage() { useSEO("Security — Vela Runtime", "In-depth security architecture and policies."); return (
{/* Hero */}
Security

Security model, documented

We don't hide how the security works. Here's everything.

{/* Isolation model */}

Vela runs every execution in a fresh Firecracker micro-VM — the same technology that powers AWS Lambda and Fargate.

Unlike Docker containers, Firecracker VMs provide hardware-level isolation through KVM. Your host kernel is never shared with untrusted code. When the execution finishes, the VM is destroyed.

Pre-warmed VM pools amortize cold-start overhead. With --pool-size 4, p50 latency drops to ~150ms.

{[ { label: 'p50 latency (warmed)', value: '~150ms', color: 'var(--color-green)' }, { label: 'Cold start', value: '~900ms', color: 'var(--color-amber)' }, { label: 'Leaks between executions', value: '0', color: 'var(--color-green)' }, { label: 'Shared host kernel', value: 'Never', color: 'var(--color-green)' }, ].map(({ label, value, color }) => (
{label} {value}
))}
{/* Token model */}

Capability tokens are HMAC-SHA256 signed JSON payloads. The daemon verifies the signature cryptographically before executing anything — no valid token, no execution. Tokens scope exactly what a caller can do.

{['Filesystem allowlist', 'Network on/off', 'Syscall allowlist', 'Memory cap (MB)', 'Timeout cap (ms)', 'Expiry (Unix timestamp)'].map(f => (
{f}
))}
{/* Policy engine */}

Define what's allowed at the organization level. Vela compiles YAML rules at startup into pre-compiled regexes for zero-overhead enforcement. Three decision types: Allow, Deny, RequireApproval. Vela fails closed by default if an external policy endpoint is unreachable.

{/* Intrusion detection */}

Vela watches every execution for anomalous behavior and attaches structured alerts to the telemetry record. Rules are enabled by default — no configuration required.

{['Rule', 'Severity', 'Trigger'].map(h => ( ))} {DETECTION_RULES.map((r, i) => ( ))}
{h}
{r.rule} {r.severity} {r.trigger}
{/* What Vela does NOT protect */}

What Vela does NOT protect against

{NOT_PROTECTED.map(({ title, desc }) => (
{title}

{desc}

))}
{/* Vulnerability reporting */}
Response time: We aim to respond within 48 hours
Disclosure: Coordinated responsible disclosure, 90-day window

Please include a description of the vulnerability, steps to reproduce, and your assessment of the impact. We do not currently run a bug bounty program, but we acknowledge all valid reports publicly (with your permission).

); } Object.assign(window, { SecurityPage });