Get Started
Security Model
How Muna guarantees code safety and security.
Muna works by sending compiled binaries to end users’ devices. As such, Muna is
carefully designed to minimize any attack surface that exists in downloading and executing software binaries.
Code Provenance
Muna works by lowering Python code to native code that is then compiled. This process involves reimplementing Python operations natively. These native implementations are written and maintained by us, and are rigorously tested to ensure correctness and memory safety. This means that regardless of what the original Python code does, the resulting compiled binary will only ever contain code, written, reviewed, and tested by us.Prohibited Python APIs
Prohibited Python APIs
Python code that uses the following sensitive or dangerous APIs will fail to compile:
- File system access.
- Hardware access (e.g. camera, microphone).
This list is not exhaustive.
Code Signing
When we compile native binaries, we perform code signing for platforms that support it:Android
Android
Android does not support code-signing on individual native binaries. Instead, apps which contain these
binaries are code-signed for Play Store distribution.
iOS
iOS
Binaries are code signed.
Linux
Linux
Code signing is not supported by Linux.
macOS
macOS
Binaries are code signed. At runtime, code-signing is verified with
SecStaticCodeCheckValidity
before the predictor is loaded.Current Muna SDKs do not perform signature verification at runtime.
We will add signature verification in upcoming updates.
visionOS
visionOS
Binaries are code signed.
Web
Web
Code signing is not supported by WebAssembly.
Windows
Windows
While not yet supported, binaries will be code signed. At runtime, code-signing is verified with
WinVerifyTrust.We are working on code-signing all Windows binaries.
Code Sandboxing
On Android, iOS, macOS (App Store), and visionOS, there are strict sandboxing restrictions that prohibit downloading and executing code at runtime. As a result, Muna client SDKs for Android, Swift, React Native, and Unity Engine allow you to embed predictors into the app bundle at build time:Muna for Android
Muna for Android
Use the
ai.muna.muna-gradle Gradle
plugin in your build.gradle or build.gradle.kts file like so:build.gradle.kts
Make sure to add a
MunaEmbed entry for every predictor your app uses.Muna for React Native
Muna for React Native
Coming soon.
Muna for Swift
Muna for Swift
Coming soon.
Muna for Unity
Muna for Unity
Embed predictors by adding the If you use a custom proxy URL with custom authentication, you can instead apply
the attribute to a static property that returns your authenticated
Muna.EmbedAttribute attribute to any class or struct in your project code:AppBehaviour.cs
When building your Unity app, the Muna SDK will fetch and embed predictors using the Muna access key in your
project settings.
The
Muna.EmbedAttribute attribute can accept multiple predictor tags.Muna client:AppBehaviour.cs
With predictor embedding, all prediction code will be present for code review and signing when the application
is archived for distribution (e.g. on the App Store or Play Store).
Data Collection
At runtime, end user devices will make web requests to the Muna API to retrieve a predictor; and to report telemetry data. Below is the data that the Muna SDK transmits from user devices to the Muna API:Processor Identifier
Processor Identifier
Because Muna is designed to hyper-target hardware, the Muna client SDKs report metadata including:
- Operating system (e.g.
ios). - Processor architecture (e.g.
arm64). - CPU instruction sets (e.g.
avx512-vnni). - GPU compute capability (e.g. Nvidia
sm_90).
The Muna SDK never reports any user-identifying information.
Configuration Identifier
Configuration Identifier
This is a unique, random string identifying the Muna client SDK on the current device.
Prediction Telemetry
Prediction Telemetry
The Muna client SDKs report performance statistics for predictions run on the current device. This is used to
search for optimal predictor implementations for a given device.