> ## Documentation Index
> Fetch the complete documentation index at: https://docs.muna.ai/llms.txt
> Use this file to discover all available pages before exploring further.
# Security Model
> How Muna guarantees code safety and security.
Muna works by sending compiled binaries to end users' devices. As such, Muna is
carefully designed to minimize any attack surface that exists in downloading and executing software binaries.
## Minimum Requirements
Muna compiles Python functions against recent versions of the operating systems on which it will run.
Below are the minimum requirements across each platform:
Android API level 24+ (Android Nougat or newer) across the following ABIs:
* `armeabi-v7a`
* `arm64-v8a`
iOS 14+.
Linux distributions with GLIBC 2.35+ across the following architectures:
* `aarch64`
* `x86_64` with `AVX2` or newer
macOS 14+ with Apple Silicon.
visionOS 1.3+.
Browsers with [WebAssembly + fixed-width SIMD](https://webassembly.org/features/):
* Chrome 91+
* Firefox 90+
* Safari 16.4+
Windows 10+ across the following architectures:
* `amd64` with `AVX2` or newer
* `arm64`
## Code Provenance
Muna works by [lowering Python code](/insiders/compiler) to native code that is then compiled. This
process involves reimplementing Python operations natively. These native implementations are written and
maintained by us, and are rigorously tested to ensure correctness and memory safety.
This means that regardless of what the original Python code does, the resulting compiled binary will only
ever contain code, written, reviewed, and tested by us.
Python code that uses the following sensitive or dangerous APIs will fail to compile:
* File system access.
* Hardware access (e.g. camera, microphone).
This list is not exhaustive.
## Code Signing
When we compile native binaries, we perform code signing for platforms that support it:
Android does not support code-signing on individual native binaries. Instead, apps which contain these
binaries are code-signed for Play Store distribution.
Binaries are code signed.
Code signing is not supported by Linux.
Binaries are code signed. At runtime, code-signing is verified with [`SecStaticCodeCheckValidity`](https://developer.apple.com/documentation/security/secstaticcodecheckvalidity\(_:_:_:\))
before the predictor is loaded.
Current Muna SDKs do not perform signature verification at runtime.
We will add signature verification in upcoming updates.
Binaries are code signed.
Code signing is not supported by WebAssembly.
While not yet supported, binaries will be code signed. At runtime, code-signing is verified with [`WinVerifyTrust`](https://learn.microsoft.com/en-us/windows/win32/api/wintrust/nf-wintrust-winverifytrust).
We are working on code-signing all Windows binaries.
## Code Sandboxing
On Android, iOS, macOS (App Store), and visionOS, there are strict sandboxing restrictions that prohibit
downloading and executing code at runtime. As a result, Muna client SDKs for Android, Swift,
React Native, and Unity Engine allow you to **embed predictors** into the app bundle at build time:
Use the [`ai.muna.muna-gradle`](https://central.sonatype.com/artifact/ai.muna/muna-gradle) Gradle
plugin in your `build.gradle` or `build.gradle.kts` file like so:
```kt build.gradle.kts icon="android" focus={1,6,13-17} theme={null}
import ai.muna.muna.gradle.MunaEmbed
plugins {
id("com.android.application")
id("org.jetbrains.kotlin.android")
id("ai.muna.muna-gradle") version "0.0.5"
}
android {
...
}
muna {
embeds.addAll(
MunaEmbed(tag = "@supertone/supertonic-2")
)
}
```
Make sure to add a `MunaEmbed` entry for every predictor your app uses.
*Coming soon*.
Embedding works in two stages. First, you must specify the predictor tags that you
want embedded within your app by creating a `muna.predictors` list in your `pubspec.yaml` file:
```yaml pubspec.yaml icon="flutter" theme={null}
# Embed `@supertone/supertonic-2`
muna:
predictors:
- tag: "@supertone/supertonic-2"
```
Next, run the `muna:embed` tool to download and embed the predictors you listed earlier:
```sh icon="terminal" theme={null}
# Run this in Terminal
$ dart run muna:embed --access-key
```
You can also define your `MUNA_ACCESS_KEY` in a `.env` file or as an environment variable.
The `muna:embed` tool will automatically detect and use it.
*Coming soon*.
Embed predictors by adding the `Muna.EmbedAttribute` attribute to any `class` or `struct` in your project code:
```csharp AppBehaviour.cs icon="unity" focus={4} theme={null}
using UnityEngine;
using Muna;
[Muna.Embed("@fxn/greeting")]
public class AppBehaviour : MonoBehaviour {
...
}
```
When building your Unity app, the Muna SDK will fetch and embed predictors using the Muna access key in your
project settings.
The `Muna.EmbedAttribute` attribute can accept multiple predictor tags.
If you use a custom proxy URL with custom authentication, you can instead apply
the attribute to a static property that returns your authenticated `Muna` client:
```csharp AppBehaviour.cs theme={null}
using UnityEngine;
using Muna;
public class AppBehaviour : MonoBehaviour {
[Muna.Embed("@apple/openelm")]
private static Muna muna => new Muna(
url: "https://apple.com/api",
accessKey: "tim apple"
);
}
```
With predictor embedding, all prediction code will be present for code review and signing when the application
is archived for distribution (e.g. on the App Store or Play Store).
## Data Collection
At runtime, end user devices will make web requests to the Muna API to retrieve a predictor; and to report
telemetry data. Below is the data that the Muna SDK transmits from user devices to the Muna API:
Because Muna is designed to hyper-target hardware, the Muna client SDKs report metadata including:
* Operating system (e.g. `ios`).
* Processor architecture (e.g. `arm64`).
* CPU instruction sets (e.g. `avx512-vnni`).
* GPU compute capability (e.g. Nvidia `sm_90`).
The Muna SDK **never reports** any user-identifying information.
This is a unique, random string identifying the Muna client SDK on the current device.
The Muna client SDKs report performance statistics for predictions run on the current device. This is used to
search for optimal predictor implementations for a given device.