Write rust app that allows sandboxed plugins written in .. rust?

I want to write an app in rust that is extensible with plugins written by (untrusted) users. Those plugins are downloadable via a web platform and can be installed by any user of the core software, but of course I want to protect the naive from the malicious users and have the plugins run in a sandboxed environment. Still the plugins should execute as fast as possible.

My take is to use wasm and a javascript sandbox as an interface.

  • Write main app in rust.
  • Users write plugins in rust and compile to wasm using the wasm32-unknown-unknown target.
  • Users create javascript bindings using wasm-bindgen
  • The core app emloys a javascript engine like V8 to execute the javascript frontend of the plugins.

I see a few downsides with this approach, mainly going through javascript and it's engines which seems unnecessary. Isn't there a faster approach to execute sandboxed web assembly directly from rust?


  • If you only need Rust and not JavaScript plugins, you can use only-WASM engine such as wasmer or wasmtime. They are usually lighter than full JavaScript engines.