Function works by sending compiled binaries to end usersโ€™ devices. As such, Function is carefully designed to minimize any attack surface that exists in downloading and executing software binaries.

โ€‹
Code Provenance

Function works by lowering Python code to native code that is then compiled. This process involves reimplementing Python operations natively. These native implementations are written and maintained by us, and are rigorously tested to ensure correctness and memory safety.

This means that regardless of what the original Python code does, the resulting compiled binary will only ever contain code, written, reviewed, and tested by us.

We offer access to the generated native code to enterprise and hardware partners. Reach out to us at sales@fxn.ai.

โ€‹
Code Signing

When we compile native binaries, we perform code signing for platforms that support it:

โ€‹
Code Sandboxing

On Android, iOS, macOS (App Store), and visionOS, there are strict sandboxing restrictions that prohibit downloading and executing code at runtime. As a result, Function client SDKs for Android, Swift, React Native, and Unity allow you to embed predictors into the app bundle at build time:

With predictor embedding, all prediction code will be present for code review and signing when the application is archived for distribution (e.g. on the App Store or Play Store).

โ€‹
Data Collection

At runtime, end user devices will make web requests to the Function API to retrieve a predictor; and to report telemetry data. Below is the data that the Function SDK transmits from user devices to the Function API: