Skip to main content
The Palyra networked worker system extends tool execution beyond the local daemon host. It enables distributed execution of high-risk or resource-intensive tasks across a fleet of remote workers while maintaining a “fail-closed” security posture. The system is built on cryptographically verified attestation, mTLS-secured communication, and strict egress control.

System Overview

Distributed execution in Palyra is managed by the WorkerFleetManager in the palyra-workerd crate, which maintains an in-memory ledger of available workers and their current lifecycle states crates/palyra-workerd/src/lib.rs#3-6. Workers join the fleet by presenting a WorkerAttestation containing identity, integrity, and compatibility claims crates/palyra-workerd/src/lib.rs#30-35. The daemon selects between local executors (Tier B/C) and networked workers based on the tool’s required security posture and the WorkerFleetPolicy.

Distributed Execution Flow

The following diagram illustrates the lifecycle of a networked worker from registration to task execution. Worker Lifecycle and Execution Flow Sources: crates/palyra-workerd/src/lib.rs#3-6, crates/palyra-daemon/src/node_runtime.rs#1-9, crates/palyra-egress-proxy/src/lib.rs#3-6

Worker Fleet Management

The WorkerFleetManager is the central authority for networked worker coordination. It tracks worker health via heartbeats and manages the lifecycle states (e.g., Available, Leased, Quarantined, Orphaned) crates/palyra-workerd/src/lib.rs#10-11. Key components include: For details, see Worker Fleet Management.

Node Runtime and mTLS

The NodeRuntimeState in the daemon handles the low-level persistence and dispatching for remote nodes crates/palyra-daemon/src/node_runtime.rs#1-4. Communication is secured via mTLS, where every device_id is bound to a specific client certificate fingerprint crates/palyra-daemon/src/node_rpc.rs#4-6. Code Entity Mapping: Node and Worker Communication Sources: crates/palyra-daemon/src/node_rpc.rs#55-61, crates/palyra-daemon/src/node_runtime.rs#171-181, crates/palyra-workerd/src/lib.rs#3-6

Egress Proxy Integration

Networked workers are often required to boot bound to an attested egress proxy crates/palyra-workerd/src/lib.rs#41-42. The palyra-egress-proxy crate provides the EgressProxyPolicyService, which enforces: For details, see Egress Proxy for Networked Workers.

Worker Quarantine and Security Gates

Workers that fail heartbeats or present invalid attestations are moved to a Quarantined or Orphaned state crates/palyra-workerd/src/lib.rs#5-6. Security is further hardened through “Critical Attack Scenarios” which are replayed against the attestation logic to ensure it remains fail-closed against digest mismatches or missing proxy bindings crates/palyra-workerd/tests/critical_attack_scenarios.rs#1-6.

Sub-pages

  • Worker Fleet Management — Details the WorkerFleetManager in-memory ledger, attestation verification, lease lifecycle, quarantine/orphan handling, the WorkerFleetPolicy, and the node RPC mTLS communication.
  • Egress Proxy for Networked Workers — Explains the palyra-egress-proxy crate: EgressProxyPolicyService, scheme/host allowlists, private IP blocking, DNS rebinding prevention, vault-only credential injection, and how workers must boot with an attested egress proxy.
Sources: crates/palyra-workerd/src/lib.rs#1-6, crates/palyra-workerd/tests/critical_attack_scenarios.rs#1-6, crates/palyra-egress-proxy/src/lib.rs#1-7

Child Pages