We Eliminated Local Execution on User Devices – By Architecture

1•MOHDLZE•1w ago

We Didn’t Secure Local Execution. We Eliminated It.

Most systems still assume this premise is unavoidable: User devices must execute code.

Everything else follows from that assumption: sandboxes, secure enclaves, SDKs, hardening, policies.

We rejected the premise itself.

Execution is not a feature. Execution is the attack surface.

So we removed local execution from user devices — architecturally.

No runtime. No SDK. No application logic. No execution state.

The device becomes a User Gateway only: • captures raw input (touch, text, voice, camera) • renders non-executable interface data • produces cryptographic proof that zero local execution occurred

All execution happens 100% inside the cloud.

If execution does not traverse a sovereign execution path, it is treated as non-existent — not denied, not blocked, not sandboxed. It simply does not exist.

This is not: • Remote Desktop • Secure Execution • Trusted Enclaves • Policy Enforcement

All of those still assume local execution must exist.

We removed that assumption.

What this enables (as a consequence, not a goal): • A Cloud Store with no app downloads • A Cloud Wallet with no cards or keys on the device • Provable execution sovereignty for banks, governments, and regulated systems

Covered by a filed U.S. patent application.

Open question for discussion: If execution is the real attack surface, why do we still allow it to exist on user devices at all?

Comments

MOHDLZE•1w ago

We eliminated local execution on user devices — not by restriction, but by architectural removal.

Most security models try to control local execution: sandboxes, secure enclaves, SDKs, policies.

We removed the execution surface itself.

No runtime. No SDK. No application logic on the device.

The device becomes a User Gateway only: raw input in, non-executable interface out, plus cryptographic proof that Zero Local Execution on Device actually holds.

All execution happens 100% in the cloud. If execution leaves the sovereign execution path, it is considered non-existent.

This is not Remote Desktop. Not VDI. Not secure execution. Those still assume local execution exists.

Covered by a filed U.S. patent application.

Open question for engineers here: If execution is the real attack surface, why are we still allowing it to exist on user devices at all?

theandrewbailey•1w ago

Copy pasting the post without adding anything does not add to the conversation. Please pay attention to the guidelines: https://news.ycombinator.com/newsguidelines.html

nacozarina•1w ago

‘Access’ that can be permanently revoked for arbitrary and capricious reasons is of intrinsically limited value. Ppl don’t invest deeply in those places, they just sh!tpost there.

You can build an impenetrable walled garden you think is beautiful. You can’t force anyone else to live there.

JohnFen•1w ago

> If execution is the real attack surface, why do we still allow it to exist on user devices at all?

A device that relies on external services to operate (outside of specialized devices such as communications) is one that is not suitable for any use case I have. There's far too much exposure to risk involved. Privacy and security risks, outage risks, risks of the service being discontinued, risks of having the provider get mad at and shutting you out, etc. You'd be at the mercy of the provider in terms of them changing things up on a whim or according to the current fad. It would require internet service, which is problematic in a lot of use cases. Also, presumably, the service would require regular ongoing payments.

For me, this idea is a complete nonstarter.

Show HN: Deterministic NDJSON audit logs – v1.2 update (structural gaps)

The Greater Copenhagen Region could be your friend's next career move

Do Not Confirm – Fiction by OpenClaw

The Analytical Profile of Peas

Hallucinations in GPT5 – Can models say "I don't know" (June 2025)

What AI is good for, according to developers

OpenAI might pivot to the "most addictive digital friend" or face extinction

Show HN: Know how your SaaS is doing in 30 seconds

ClawdBot Ordered Me Lunch

What the News media thinks about your Indian stock investments

Running Lua on a tiny console from 2001

Google and Microsoft Paying Creators $500K+ to Promote AI Tools

New filtration technology could be game-changer in removal of PFAS

Show HN: I saw this cool navigation reveal, so I made a simple HTML+CSS version

Kinda Surprised by Seadance2's Moderation

I Write Games in C (yes, C)

Django scales. Stop blaming the framework (part 1 of 3)

Malwarebytes Is Now in ChatGPT

Thoughts on the job market in the age of LLMs

Show HN: Stacky – certain block game clone

AIII: A public benchmark for AI narrative and political independence

SectorC: A C Compiler in 512 bytes

The API Is a Dead End; Machines Need a Labor Economy

Digital Iris [video]

New wave of GLP-1 drugs is coming–and they're stronger than Wegovy and Zepbound

Convert tempo (BPM) to millisecond durations for musical note subdivisions

Show HN: Tasty A.F. - Use AI to Create Printable Recipe Cards

The Contagious Taste of Cancer

U.S. Jobs Disappear at Fastest January Pace Since Great Recession

Bithumb mistakenly hands out $195M in Bitcoin to users in 'Random Box' giveaway