Miner Guide

Security & Safety — Miners

Understanding how jobs are sandboxed and what developers can/can’t do keeps your system safe.

The Sandbox

Every job runs in an isolated sandbox. Jobs can’t:

  • Access your filesystem (except a temporary work directory)
  • Access your network or other machines
  • Access other jobs’ data
  • Use more resources than advertised
  • Break out of the sandbox

Think of it like a secure container. Developers submit code, it runs in isolation, results are returned.

What Jobs Can Do

Allowed Operations

  • CPU computation — Math, algorithms, data processing
  • Memory allocation — Use the advertised RAM
  • Temporary files — Write to /tmp or work directory (cleaned up after)
  • Read stdin — Accept input from developers
  • Write stdout — Return results to developers
  • Standard libraries — Use pre-installed packages (Python, Node.js, Go, etc.)

Example allowed job:

Write Python code that takes a CSV file content as input and returns a JSON summary (row count, column names, data types).

This is safe because it’s a pure computation with no system access.

Not Allowed Operations

  • Filesystem access — Can’t read /etc, /home, your files
  • Network access — Can’t connect to external APIs or services
  • Process spawning — Can’t start other applications
  • System calls — Can’t modify system settings
  • Device access — Can’t access GPU, USB, etc. (GPU is exposed separately)
  • Installing packages — Can’t run pip install or npm install

Jobs that try forbidden operations will fail with a sandbox violation.

Resource Limits

Jobs are constrained by your advertised resources:

CPU: Can’t use more cores than you advertised Memory: Process is killed if it exceeds limit Disk: Can’t write more than the quota Timeout: Killed if execution exceeds timeout

Example:

  • You advertise 4 cores, 8GB RAM
  • Job tries to allocate 16GB RAM
  • Killed immediately, you’re not charged for the failure

Isolation Models

Native Sandbox (Default)

Jobs run in native Linux containers with:

  • Isolated filesystem
  • Resource cgroups (CPU, memory limits)
  • No network access
  • No privileged syscalls

Pros: Fast, efficient Cons: Depends on OS

Docker Sandbox

Jobs run in Docker containers with:

  • Full container isolation
  • Network disabled
  • Resource limits enforced
  • Better security guarantees

Pros: Most secure, portable Cons: Slower than native

Enable Docker:

swarmient-daemon start --sandbox docker

Your System Safety

Filesystem Protection

Jobs can’t access:

/root        (your home directory)
/home        (other users' home directories)
/etc         (system configuration)
/var         (system logs, data)
/sys, /proc  (kernel interfaces)

Jobs get a temporary work directory:

/work/job_abc123/

This directory is deleted after the job completes.

Network Protection

Jobs can’t:

  • Connect to external IPs
  • Access localhost (127.0.0.1)
  • Bind to ports
  • Send DNS queries

Your miner can access the network—jobs can’t. This prevents data exfiltration.

Process Isolation

Each job runs as a separate process with:

  • Its own user ID (not your account)
  • No access to other processes
  • No ability to spawn privileged processes
  • Automatic cleanup on termination

Memory Protection

Job memory is protected:

  • Allocated from a separate memory region
  • Can’t access other processes’ memory
  • Released when job terminates
  • Out-of-memory jobs are killed cleanly

Cryptographic Verification

Every job result is cryptographically signed:

  1. Developer submits job
  2. Your miner executes it
  3. You sign the result with your private key
  4. Developer verifies the signature

Why this matters: Developers can verify that you actually executed the job. This prevents:

  • False claims of execution
  • Result tampering
  • Impersonation

Your private key is sacred:

chmod 600 ~/.swarmient/miner.json

Never share it. If compromised:

swarmient-daemon keygen --output ~/.swarmient/miner.json
swarmient-daemon update-key  # Register new public key

Best Practices

1. Keep Your Daemon Updated

New versions include security patches:

brew upgrade swarmient-daemon  # macOS
sudo apt-get upgrade swarmient-daemon  # Linux

Check for updates weekly.

2. Run as a Service

Run with minimal privileges:

sudo swarmient-daemon install-service \
  --keyfile ~/.swarmient/miner.json

Don’t run as root. The service runs with appropriate privileges.

3. Secure Your Keys

Protect your miner keys:

chmod 600 ~/.swarmient/miner.json
chmod 700 ~/.swarmient/

Backup your keys:

cp ~/.swarmient/miner.json ~/backup/miner.json
chmod 600 ~/backup/miner.json

Never commit to version control:

# .gitignore
~/.swarmient/miner.json

4. Monitor Resource Usage

Watch for runaway processes:

swarmient-daemon monitor

Shows CPU, memory, disk usage in real-time.

5. Use a Separate Disk for Jobs

Store job data on a separate partition to avoid filling your OS disk:

swarmient-daemon start --data-dir /mnt/data/swarmient

6. Enable Firewall

Restrict outbound traffic to Swarmient servers only:

  • Outbound to api.swarmient.com:443
  • Outbound to other IPs ✗

7. Check System Integrity

Verify daemon hasn’t been tampered with:

swarmient-daemon verify-signature

Should report “OK”.

Sandbox Escape Prevention

Swarmient uses multiple layers to prevent sandbox escapes:

  1. Filesystem isolation — Jobs only see their work directory
  2. User isolation — Jobs run as unprivileged user
  3. Resource limits — Kernel-enforced caps
  4. Privilege dropping — No setuid access
  5. Seccomp filters — Block dangerous syscalls

Even if a job tries to:

  • cat /etc/passwd → Permission denied
  • sudo install malware → No sudo access
  • fork() bomb → Killed by resource limits
  • connect() to external IP → Blocked by network isolation

The sandbox design assumes jobs are untrusted. Developers could submit malicious code. The sandbox ensures it can’t harm your system.

Reporting Security Issues

If you find a security vulnerability:

  1. Don’t post it publicly
  2. Email security@swarmient.com with details
  3. We’ll investigate and patch quickly
  4. You’ll get credit in the security advisory

Responsible disclosure is appreciated.

FAQ

Q: Can jobs see my internet traffic?

A: No. Jobs are network-isolated. They can’t see your traffic or monitor your network.

Q: Can jobs steal my files?

A: No. They can’t access your home directory, system files, or any files outside their work directory.

Q: What if a job tries to break out?

A: It’ll fail. The sandbox is kernel-enforced. Developers can report the bug to Swarmient.

Q: Is my private key safe?

A: As safe as your system. Keep the file readable only by you (chmod 600). Don’t share it. Back it up.

Q: What if a malicious developer sends harmful code?

A: It’ll run in the sandbox with no access to your system. It might consume resources or time out, but it can’t harm you.

Q: Can jobs use GPU?

A: Yes (if you offer GPU). GPUs are passed through to the container with sandboxing still enforced.

Next Steps