Public
Star 历史趋势
数据来源: GitHub API · 生成自 Stargazers.cn
README.md
Sub-millisecond VM sandboxes for AI agents via copy-on-write forking
Try it
curl -X POST https://api.zeroboot.dev/v1/exec \ -H 'Content-Type: application/json' \ -H 'Authorization: Bearer zb_demo_hn2026' \ -d '{"code":"import numpy as np; print(np.random.rand(3))"}'
Benchmarks
| Metric | Zeroboot | E2B | microsandbox | Daytona |
|---|---|---|---|---|
| Spawn latency p50 | 0.79ms | ~150ms | ~200ms | ~27ms |
| Spawn latency p99 | 1.74ms | ~300ms | ~400ms | ~90ms |
| Memory per sandbox | ~265KB | ~128MB | ~50MB | ~50MB |
| Fork + exec (Python) | ~8ms | - | - | - |
| 1000 concurrent forks | 815ms | - | - | - |
Each sandbox is a real KVM virtual machine with hardware-enforced memory isolation.
How it works
Firecracker snapshot ──► mmap(MAP_PRIVATE) ──► KVM VM + restored CPU state
(copy-on-write) (~0.8ms)
- Template (one-time): Firecracker boots a VM, pre-loads your runtime, and snapshots memory + CPU state
- Fork (~0.8ms): Creates a new KVM VM, maps snapshot memory as CoW, restores all CPU state
- Isolation: Each fork is a separate KVM VM with hardware-enforced memory isolation
SDKs
Python — sdk/python
from zeroboot import Sandbox sb = Sandbox("zb_live_your_key") result = sb.run("print(1 + 1)")
TypeScript — sdk/node
import { Sandbox } from "@zeroboot/sdk"; const result = await new Sandbox("zb_live_your_key").run("console.log(1+1)");
Docs
Status
Working prototype. The fork primitive, benchmarks, and API are real, but not production-hardened yet. Open an issue if you're interested.
Self-host or managed
Zeroboot is open source. Self-host it on any Linux box with KVM, or use the managed API:
curl -X POST https://api.zeroboot.dev/v1/exec \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer zb_demo_hn2026' \
-d '{"code":"import numpy as np; print(np.random.rand(3))"}'
Building the managed service for teams that don't want to run their own infra. Sign up for early access: https://tally.so/r/aQGkpb
Known limitations
- Forks share CSPRNG state from the snapshot. Kernel entropy is reseeded via RNDADDENTROPY but userspace PRNGs (numpy, OpenSSL) need explicit reseeding per fork. See Firecracker's guidance.
- Single vCPU per fork. Multi-vCPU is architecturally possible but not implemented.
- No networking inside forks. Sandboxes communicate via serial I/O only.
- Template updates require a full re-snapshot (~15s). No incremental patching.
License
关于 About
Sub-millisecond VM sandboxes for AI agents via copy-on-write forking
ai-agentscode-executioncopy-on-writefirecrackerkvmrustsandboxvirtual-machinevm
语言 Languages
Rust81.0%
Shell10.5%
Python3.1%
C2.9%
TypeScript2.2%
Makefile0.3%
提交活跃度 Commit Activity
代码提交热力图
过去 52 周的开发活跃度24
Total Commits峰值: 23次/周
LessMore