I like the idea of using it to provide a "safe" execution environment for untrusted C++. I imagine bochs or other similar user-mode emulation could also work, but this benefits from being smaller and thus having less of an attack surface (theoretically).

It's also just neat!

Why not WebAssembly for a C++ sandbox?

The best comparison would just be running any other VM (like qemu, firecracker, etc).

WASM is different and higher level, because it's not bare-metal anymore.

> WASM is different and higher level, because it's not bare-metal anymore.

Possibly, though one could conceivably write a chip that uses WASM as its assembly, no? :)

I've seen some similar stuff with that too, yeah! Stuff like https://github.com/WAVM/WAVM is really cool, though I imagine this may be lighter (no LLVM dep)? You could also do something like a full system VM using a chip simulation like this, too.