Skip to main content
@enclave-vm/browser integrates naturally with React applications. This guide covers hook patterns for lifecycle management, console capture, tool handler wiring, and a complete playground example.

Basic Hook Pattern

The useEnclave hook manages the enclave lifecycle — dynamic import, initialization, re-creation on config changes, and cleanup on unmount:
Key points:
  • Dynamic import keeps @enclave-vm/browser out of the initial bundle
  • Ref for toolHandler avoids re-creating the enclave when the handler identity changes
  • Cleanup on unmount calls dispose() to remove sandbox iframes
  • Re-creates on securityLevel change to apply new security configuration

Using the Hook

Console Capture

Sandbox console output is relayed to the host’s console with an [Enclave] prefix. The useConsoleCapture hook intercepts these messages:
Usage with the enclave hook:

With Tool Handlers

Wire up tool handlers that connect sandbox code to your application:

Security Level Picker

A small component for switching security levels:

Bundling Considerations

  • ESM only: @enclave-vm/browser is distributed as ESM. Ensure your bundler supports import().
  • Dynamic import: Use import('@enclave-vm/browser') for code splitting. The library includes @enclave-vm/ast which adds to bundle size — dynamic import keeps it off the critical path.
  • No Node.js dependencies: The browser package has no vm, worker_threads, or other Node.js module dependencies.
  • Dependencies: Requires @enclave-vm/ast (for AST validation and code transformation) and zod (for message schema validation).

Browser Compatibility

Minimum recommended versions: Chrome 67+, Firefox 63+, Safari 13+, Edge 79+
crypto.randomUUID has a built-in fallback using Date.now() for older browsers, so it is not a hard requirement.

Complete Example: Code Playground

A full working example combining all patterns: