Show HN: Firefox in WebAssembly (developer.puter.com)

3 points by coolelectronics ↗ HN
This is the entire Firefox browser rendering to a <canvas> element. Gecko, all UI components, and the Spidermonkey JS engine are all compiled and running in WebAssembly.

Here are a few things you might find interesting:

- This is fully end to end encrypted! We use the WISP protocol for TCP-over-websockets.

- There is a novel WASM->JS JIT for experimental site speedup

- This port cost over 25k in opus/fable tokens for debugging and JIT research

This was just a fun experiment to push the boundaries of WebAssembly. For a more usable "browser in browser" experience, we also built https://github.com/HeyPuter/browser.js that eats a bit less RAM.

67 comments

[ 3.0 ms ] story [ 32.0 ms ] thread
"Yo dawg. I herd you like web browsers, so I put a browser in your browser, so you can browse the Web while you browse the Web".
should've used this in the splash screen :(
> There is a novel WASM->JS JIT for experimental site speedup

I would love to see the details for this. SpiderMonkey had an attempted wasm32 JIT backend, but it was never finished.

... doesn't support Firefox mobile apparently :D
Oh and for anyone asking, you can run firefox-wasm inside firefox-wasm inside firefox! I only got this to load once though since it gets pretty unstable at that level.
Yo dawg I heard you like Firefox.
I'm so glad this exists, I've been considering doing something like this for a few months.

I recently got a TV based on VIDAA os, a locked-down linux-based OS where everything is rendered from Web pages. It has a built-in browser that doesn't support ad-blocking (I suspect VIDAA is profiting from showing ads on the TV), and you can't install new apps unless they're Web pages.

This would hopefully allow one to run Firefox within the existing browser, then install uBlock Origin within Firefox... I know what this weekend's project is going to be...

Browser sandboxing is now fully solved.
In mean... It kinda feels like this is legitimately true? An attacker trying to do anything on a user's machine through this would have to find a Firefox vulnerability and a vulnerability in the wasm runtime, which is such a high bar that I would actually feel remarkably safe running this thing. The only question is how performance works and whether there are any pain points using as a daily driver, but those feel likely to be a pretty minor point. Oh, and the usual caveat that an attacker can still compromise things inside the sandbox which does leave a certain amount of exposure (but if you run different things in different instances they're isolated).
This is true but also this is probably also only half true. Sandboxing is not a fully solved issue since this 100% degrades firefox sandboxing since fission cant run and its running in singleprocess mode. Just wanted to be honest about this
Assuming you're running Firefox as the outer browser too, in theory it only needs a single bug in the wasm runtime, plus a sandbox escape.
Unless you're running every origin in a different instance, I wouldn't use this as a daily driver, since a site would only need to find a renderer vuln to be able to read the rest of your cookies as multiprocess isolation is disabled here
(comment deleted)
this is so rad! 25k tokens is a lot less than i thought this'd take -- what were the difficult bits in the porting process? also, was firefox preferred because parts of it are already in rust?
$25k of tokens, closer to 30 billion I believe. It only took a few days to actually get the engine up, the hard parts where most of the effort was spent was squeezing out performance and increasing stability, as well as attempting the JIT.

Firefox was chosen because its single-process support was in a better place than chromium/blink. WebKit is also possible, it was done by a friend of mine earlier https://github.com/theogbob/WebkitWasm

"This browser doesn't support WebAssembly JSPI, which Firefox WASM needs to run."
All the network traffic from that browser is routed through a server. My IP inside that browser was in India and on CloudFlare network. I don’t particularly trust Puter. Why not route traffic through my actual browser?
>Why not route traffic through my actual browser?

Because you can't. Not even an Extension is able to. Browsers don't want you to bypass their content enforcement. I wish we had at least one hacker friendly browser.

Extensions can't, correct but I wanted to bring up a special case regarding this

Isolated web apps a chrome feature for developing apps that run in chromium based on HTML (but tbh only really used in Chromebooks) do support raw TCP sockets so if this was ported to an IWA you could have Firefox on a Chromebook without an external server needed.

Chromium CEF could also embed the Puter proxy inside it too as a standalone application. No luck on Mobile though.
this should be documented with highlight to prevent anyone trying to leak some personal information.

i never did some wasm but seems it runs quite fast on my macmini m1

>This port cost over 25k in opus/fable tokens for debugging and JIT research

> This was just a fun experiment to push the boundaries of WebAssembly

I'm a huge fan of the project, but I have to ask. If spending $25k is a "fun experiment", where exactly is your threshold for serious work?

Was it really $25k, or was it done though subscriptions with a reported cost of $25k?

I'm on the openai $100 sub and frequently my codexbar will show $250 usage in a day. I think it probably doesn't have access to the cached token share too, which probably inflates that a lot.

I imagine it is 25k tokens not dollars
I think the system prompt is bigger than that.
You can't do anything for 25k tokens; I've spent 100m today and the day isn't out yet.
(comment deleted)
This naturally begs the question, would a human be willing to do the same thing for $25k, and how long would that take?
Can’t get it running on Firefox 152.0.6 (aarch64), no extensions.

  [chrome-demo] chrome assets ready
  [gecko] warning: unsupported syscall: __syscall_madvise
  [gecko] embed-xul: main() on the app pthread (PROXY_TO_PTHREAD)
  [gecko] embed-xul: GECKO_GL_PASSTHROUGH=1
  [gecko] embed-xul: GECKO_COARSE_CLOCK=1
  [gecko] embed-xul: GECKO_GPU=1 (GPU/WebRender->canvas rendering)
  [gecko] xul_init: GRE dir = /gre
  [gecko] Pthread 0x11051000 sent an error! blob:https://developer.puter.com/edc1bd0a-b844-4a18-a69a-63dd49dc304a:8906: SecurityError: Security error when calling GetDirectory
Running firefox on aarch64 here right now (Ubuntu 26.04 ARM on snapdragon X1E)

did you enable the about:config option? it may be required

No mobile support
Yeah I seem to see that it does crash on Firefox mobile, (well first frame loads) and on chrome mobile it doesn't seem to load at all (complaining about running out of memory in a small pop-up)

Pixel 10 pro user here

What makes it require that WASM extension you need the flag for in Firefox? Was there really no way to work around it or polyfill it for it to work? It is performance critical?
It is required in order to yield the event loop and force an implicit sync on OffscreenCanvas. There is technically a slower workaround for this but JSPI is coming soon anyway to firefox 153 and safari 27.
I would be careful with this demo. When you go to whatismyip.com, it's showing: 104.28.233.73. Someone could use this to cloak their IP address and do some damage.
I think they had to solve the TCP connection, as normally you can't easily implement TCP sockets in WASM. So I suppose they just need to tunnel all the connection through some websocket.
The description mentions a similar project browser.js which apparently has some real use cases, what are they?
(comment deleted)
25k tokens to port Firefox to WASM. by 2027 we'll be spending 25k tokens to port WASM back to native because someone will benchmark it and find the WASM version is 3% faster.
I think it was $25,000...
I've been waiting for this to happen.

The websites that don't want you to block ads will serve you an obfuscated "inner browser" that will render their site. All your ad blockers, etc, are rendered moot.

Once accessibility is solved this is absolutely going to be a thing on major websites.

Great, looking forward to needing 16GB RAM to watch youtube :(
Assumes bad actors care about accessibility in the first place
on mobile chrome / Android I can't get the following to work :

- IME / keyboard doesn't pop on any field - copy paste - scrolling with touch - ai side panel

What works on mobile : - Extensions !

This is so sick great work; did you try webgpu?

https://imgur.com/a/nWFCraP