I'm going to take a wild guess that WASM is orders of magnitude slower for IPC than raw unix, which is unfortunate because it seems like some of the most promising fertile soil for a security-first capability model.

Does that disqualify it as a potential path to a solution? How fine-grained would these components realistically need to be?