{
  "@context": "https://schema.org",
  "@type": "TechArticle",
  "name": "Sandbox Runtime Specification",
  "dateModified": "2026-06-02T09:39:35.503Z",
  "runtimes": [
    {
      "id": "firecracker",
      "version": "1.10.0",
      "isolation": "microVM",
      "bootMs": 125,
      "memoryMin": 128,
      "memoryMax": 8192,
      "vcpuMax": 8
    },
    {
      "id": "gvisor",
      "version": "release-20260501",
      "isolation": "user-kernel",
      "bootMs": 45,
      "memoryMin": 64,
      "memoryMax": 4096,
      "vcpuMax": 4
    },
    {
      "id": "wasm-wasi-p2",
      "version": "wasmtime-26.0",
      "isolation": "wasm-component",
      "bootMs": 8,
      "memoryMin": 32,
      "memoryMax": 1024,
      "vcpuMax": 2
    }
  ],
  "defaults": {
    "runtime": "gvisor",
    "seccompProfile": "docker/default+strict",
    "readOnlyRootfs": true,
    "noNewPrivileges": true,
    "capabilities": [],
    "userNs": "remap"
  }
}