Can openZITI be used in a WebAssembly runtime?

@PhilipGriffiths told me today about OpenZITI. It what I’ve seen looked amaizing!
He mentioned that there is a SDK for webpages that uses Wasm to connect to backend services.
My question would be if (at least theoretical) it would be possible to run a OpenZITI Client as Wasm Module in a WebAssembly runtime like WasmEdge or enarx?

1 Like

Welcome to the OpenZiti community @0xE282B0! Nice to have you participating! Thanks for the kind words around OpenZiti.

If I recall, @curt has been working on and around this area for something we’re doing internally. This mention might grab his attention but if not, I’ll try to get him to take a peek and offer up commentary.


@0xE282B0 Hi Sven. Thanks for being here. We appreciate your interest in OpenZiti.

The answer to your question is, yes. It will eventually be possible to run an OpenZiti client in the WasmEdge or enarx environments. I should point out that to date, no attempts have been made to do this, but it is on our research roadmap.

The component(s) @PhilipGriffiths mentioned are part of, or will be derived from, a group of OpenZiti components that we affectionately refer to (in shorthand-form) as ‘browZer’.

The goal of browZer is to facilitate browser-based (Chromium to start) access to web applications that are “dark” to the internet (i.e. web servers running in the cloud, but with no open ports). BrowZer facilitates zero-trust, authenticate-before-connect, access for only pre-enrolled identities, to these web applications, and we do it without requiring ANY software to be pre-installed on the client (e.g. laptop, mobile phone).

We use WASM in our OpenZiti Browser Runtime (ZBR) to do the heavy lifting involved with PKI (keypair generation, CSR creation, etc) and mTLS (handshakes, encrypt/decrypt, etc. at TLS v1.3).

Our WASM is currently packaged as an internal component, and is not intended to be an SDK itself. We do plan to publish a ziti-sdk-browzer which will make this WASM externally consumable, for the purposes of connecting to OpenZiti networks, by folks like you who wish to embed OpenZiti into their Web and/or WASM applications. So stay tuned.

If you’d like to see (in various demo videos) some background on browZer, and how it is evolving, I recommend you check out our YouTube playlist on this subject.

I tend to post these lightning videos periodically when newsworthy milestones are reached. Here a link:

We’d love to hear your thoughts on all this, so reach out at any time.

Rock on!