112 phases complete · 207+ apps · 6 platforms

The WASM-First Operating System

Every app is a capability-secure WebAssembly binary. A Rust supervisor on a minimal Linux kernel delivers sandboxing, IPC, and a full desktop — from MCU to server.

Get Started View on GitHub

Built for the WASM era

A ground-up rethink of the OS for capability-secure WebAssembly workloads.

Capability-Secure

Every app is sandboxed by default. Undeclared capabilities are never wired up -- no syscall filtering needed.

WASM Runtime

All apps compile to wasm32-wasip2 and run on Wasmtime. Deterministic, byte-identical binaries across all hosts.

62+ Supervisor Modules

From compositor to firewall, OTA updates to HAL. The Rust supervisor manages everything above the kernel.

207+ Apps

Full desktop environment with file manager, text editor, browser, terminal, app store, and more.

Multi-Platform

One codebase, six profiles: desktop, mobile, IoT, MCU, robotics, and server. From 128 KB to 1 GB RAM.

<2s Boot

Minimal Linux kernel (2.3 MB) plus a static Rust supervisor. Boots in QEMU in under 2 seconds.

System Architecture

Four layers. Every app sandboxed. The kernel handles hardware, nothing else.

WASM Apps

wasm32-wasip2 binaries, 1-10 KB each

Wasmtime Runtime

WASI Preview 2, capability enforcement

Rust Supervisor

PID 1, IPC broker, compositor, HAL

Linux Kernel

allnoconfig, 2.3 MB, hardware only

Supervisor Subsystems

Manifest Parser

Concurrent Scheduler

IPC Broker

Framebuffer Driver

TTY Input Router

Process Manager

Window Compositor

OTA Updater

HAL (GPIO/I2C/SPI)

Seccomp Enforcer

Package Manager

Session Manager

Read the full architecture docs →