Security Architecture
Hapnd runs your C# code on shared infrastructure. This means security isn’t a feature — it’s the foundation. Your code passes through four independent security layers before it ever executes, and each layer assumes the others might fail.
Layer 1: Semantic Allowlist at Compile-Time
Section titled “Layer 1: Semantic Allowlist at Compile-Time”When you upload code, Hapnd compiles it using Roslyn and performs semantic analysis on every API call in your code. This isn’t pattern matching on strings — it uses Roslyn’s SemanticModel to resolve the actual types and methods being invoked.
The model is an inverted allowlist: everything is blocked unless explicitly permitted. This is fundamentally stronger than a blocklist approach.
Why Allowlist Beats Blocklist
Section titled “Why Allowlist Beats Blocklist”An earlier version of Hapnd used a blocklist — dangerous namespaces like System.IO and System.Net were banned. This had a critical flaw: System.Environment.GetEnvironmentVariable() lives in the System namespace, not System.IO or System.Net. A blocklist would need to enumerate every dangerous method individually and would always be one step behind.
The allowlist inverts this. Only these are permitted:
System.CollectionsandSystem.Collections.GenericSystem.LinqSystem.TextSystem.MathandSystem.ConvertHapnd.Projections.Contracts- Standard C# language features (pattern matching, records, tuples, etc.)
Everything else — file access, network calls, reflection, environment variables, threading, process launching — is rejected at compile-time with a clear error message.
Layer 2: DLL Signature Verification at Load-Time
Section titled “Layer 2: DLL Signature Verification at Load-Time”After compilation, the resulting DLL is signed with ECDSA P-256 using the WebCrypto API in the Cloudflare Worker. When the .NET container loads a DLL for execution, it verifies the signature using the corresponding public key before loading the assembly.
This prevents:
- Tampered DLLs (modified after compilation)
- DLLs injected into R2 storage directly
- Any assembly not compiled by the Hapnd platform
If signature verification fails, the DLL is not loaded and the request fails. There is no fallback or override.
Layer 3: Environment Variable Stripping at Runtime
Section titled “Layer 3: Environment Variable Stripping at Runtime”Even if code somehow bypassed the compile-time analysis, the container runtime strips environment variables before executing customer code. Platform secrets (API keys, signing keys, internal service credentials) are not accessible from within the execution context.
Layer 4: Container Isolation
Section titled “Layer 4: Container Isolation”Customer code runs in isolated Cloudflare Containers with:
- Non-root user (
hapnd:1000) — no privilege escalation - Alpine-based image — minimal attack surface
- CPU and memory limits — no resource exhaustion
- 5-second execution timeout — no long-running computation or denial-of-service
- Per-tenant isolation — containers are scoped to a single tenant via Cloudflare’s container binding model
Defence in Depth
Section titled “Defence in Depth”Each layer is independent. If the Roslyn analysis missed a dangerous API (it shouldn’t — it’s an allowlist), the DLL signature would still need to be valid. If the signature check was somehow bypassed, environment variables are still stripped. If environment stripping failed, the container is still isolated with no network access and a 5-second timeout.
No single layer failure compromises the system.