- There are some security risks in PArSEC as is – namely, embedding a general-purpose language exposes the system and Lua smart contracts have full access to the backend database. In this project, we explored two solutions:
- 1. To limit the file system access, which we accomplish by isolating the agent within a chroot sandbox.
- 2. Introduce a root contract that wraps all user contracts; it mediates state accesses and enforces “gas” limits, while allowing the ability to change the policy at any point.