Phase 5 embeds a sandboxed WASM runtime into the storage pipeline so capsules can be transformed in-flight during reads (lazy) or during ingestion (eager).
- Compute-to-data: move transformation logic (WASM) to the storage node.
- Streaming-first: process data chunk-by-chunk; no full-capsule buffering required.
- Sandboxed safety: traps/timeouts prevent buggy modules from crashing the node.
Policy.transform is an ordered chain. Output of transform i feeds transform i+1.
transform:
- name: resize_1080p
image: capsule://wasm-registry/resize.wasm
trigger: on-read
args:
width: "1920"
height: "1080"
resources:
max_memory_pages: 16
fuel_limit: 10000000
verification:
sha256: "<hex>"
signature: "<optional ed25519 sig>"- OnRead (default): decrypt -> decompress -> transform chain -> client stream
- OnWrite: transform chain -> compress/dedup -> encrypt -> persist
WASM modules are loaded as raw binaries. The guest exports:
memory(linear memory)alloc(len: u32) -> u32dealloc(ptr: u32, len: u32)process(ptr: u32, len: u32) -> u64returning(out_ptr << 32) | out_len
The host copies the input chunk into guest memory, calls process, then copies the
output back out (streaming, bounded by chunk size).
file://...andcapsule://<UUID>module images are supported.capsule://...images are intended to be stored in SPACE itself (dogfooding).verification.signatureis reserved for trusted publishers (signature verification is planned).- Derived-output caching is a planned optimization (transform hash + args).
- Enable the implementation by building
pipelinewith--features phase5, or via higher-level flags likespacectl --features phase5(which enables the modular pipeline path).