How We Keep Your Machine Safe: Security Architecture Deep Dive

Security is our top priority at Sol Harvest. Here's a detailed look at how we protect your machine while running compute tasks.

Container Isolation

Every task runs inside a Docker container with strict security constraints:

• • **Read-only filesystem**: Tasks cannot write to your disk
• • **No network access**: Containers have zero network connectivity
• • **Dropped capabilities**: All Linux kernel capabilities are dropped (cap_drop ALL)
• • **Resource limits**: CPU, memory, and disk I/O are strictly bounded

The Kill Switch

You're always in control. Stop your node at any time with a single command. Running tasks are immediately terminated and reassigned to another node.

Open Source Agent

Our agent is fully open-source. You can audit every line of code, verify the security model, and even contribute improvements. Transparency builds trust.

What We Never Do

• • We never access your personal files
• • We never install permanent software
• • We never share your private keys
• • We never mine cryptocurrency on your machine

Your machine, your rules. Always.