securityarchitecture

Secure by Design

When you open a project in Eldrin, something happens behind the scenes that you'll barely notice but that matters a great deal: a fresh virtual machine spins up just for your session.

This is a deliberate architectural choice. It comes with a real trade-off, and we think it's worth it.

The Trade-Off: Startup Time

Cold-starting a VM takes a few seconds. Compared to a cloud IDE that keeps a warm container running 24/7, there's a noticeable pause when you first open a project.

We've worked to minimize this - lightweight base images, aggressive caching of dependencies, and pre-warming common configurations - but we won't pretend it's instant. The first launch of a session takes longer than clicking a tab in a browser-based editor.

That's the cost. Here's what you get for it.

Complete Isolation

Each session runs in its own sandboxed environment. Your project's code, dependencies, environment variables, and data are walled off from everything else on your system - and from every other project.

If an AI agent generates code that behaves unexpectedly, the blast radius is contained. Nothing escapes the VM boundary. When the session ends, the VM is torn down cleanly.

Your Code Stays Local

There is no cloud server receiving your source code. No remote filesystem. No "sync" step that copies your files to someone else's infrastructure.

The AI agents run locally, the build tools run locally, and the preview runs locally. The only network calls Eldrin makes are to the Anthropic API for AI inference - and even those can be audited and restricted.

This matters if you're building something proprietary, working under NDA, or simply prefer to keep your ideas to yourself until you're ready to share them.

No Persistent Attack Surface

Cloud-based development environments are high-value targets. They hold source code, secrets, and credentials for thousands of users on shared infrastructure. A single vulnerability can expose entire organizations.

Eldrin's model is fundamentally different. There is no multi-tenant server to breach. Each VM is ephemeral - it exists only for the duration of your session. There's no persistent process listening on a port, no shared database, no credential store that outlives the session.

An attacker would need access to your physical machine, at which point you have much bigger problems than your development environment.

Why Not Just Use Docker?

Containers share the host kernel. They're lighter and faster, but the isolation boundary is thinner. Kernel exploits, misconfigured mounts, and container escapes are real attack vectors.

VMs provide hardware-level isolation. The guest operating system has no direct access to the host. This is the same boundary that cloud providers use to separate tenants - we just run it on your laptop instead of in a data center.

The Right Trade-Off

We could have made Eldrin faster to start by running everything in a container, or even directly on your host OS. But we'd be trading your security for our convenience metric.

A few extra seconds of startup time is a small price for knowing that your code is isolated, your data is local, and your development environment disappears the moment you're done with it.

Speed matters. Safety matters more.