Hi @tuananh,

Thank you so much for this incredibly insightful comment and for sharing these examples (GCP Cloud Run v2, AWS Firecracker, WSL2, Apple Container). This is exactly the kind of expert feedback we were hoping to get by sharing Sphere at this early stage.

You are absolutely right. While our initial thoughts for Phase 2 were around chroot/namespaces, the industry trend towards MicroVMs for superior isolation is undeniable, and your point about them being a step beyond what namespaces/cgroups can offer is very well taken. Firecracker, in particular, is a technology we have immense respect for.

Our "true sandboxing" goal on the roadmap is precisely about achieving that level of robust, kernel-level isolation. Your comment gives us a strong signal to prioritize research and prototyping with MicroVM technology as we design that phase. The ultimate aim for Sphere is to provide the strongest practical isolation with the least possible overhead, and if MicroVMs are the best way to achieve that, then that's the direction we'll head.

This MVP (v0.1) is focused on proving the core concepts of the declarative format, dependency management, and basic environmental isolation. Your feedback is invaluable in helping us shape the next, more critical security layers.

Would you mind if we referenced your comment (and these examples) in our GitHub issue for "Feature: Implement true chroot/namespace sandboxing" as we explore the best path forward? We'd love to credit you for the pointer.

Thanks again for taking the time to share your knowledge!

- Clein, Kelly, & Ronald (The Sphere Team)