WebAssembly (Wasm) is a portable binary format designed to be a compilation target for languages like C, C++, Rust, Go, and many others, executing in a sandboxed VM at near-native speed. It runs in every modern browser, in serverless platforms (Cloudflare Workers, Fastly Compute), and in standalone runtimes (Wasmtime, Wasmer). Wasm fills the niche of "fast, sandboxed, portable" that nothing else quite covers.
Wasm is a low-level format with explicit memory management and a small instruction set (about 200 opcodes). It is compiled ahead of time from source languages by toolchains like Emscripten (C/C++), wasm-pack (Rust), and TinyGo (Go). The runtime loads the .wasm binary, validates it, JIT-compiles it to native code, and executes inside a sandbox that has no default access to the host.
Host capabilities (filesystem, network, time) are exposed via explicit imports (WASI, the WebAssembly System Interface, standardizes many of these). The capability-based model is what makes Wasm safe: a Wasm module can do nothing the host did not give it permission to do.
Wasm enables languages like Rust and Go in the browser at performance JS cannot match. On servers, it enables multi-tenant isolation orders of magnitude lighter than containers (microseconds to start, kilobytes of memory). Cloudflare Workers, Fastly Compute, and Shopify Functions all use Wasm to run untrusted user code at the edge.
Cloudflare Workers (which power TerminalFeed's API) compile JavaScript to V8 isolates, but Workers also support Wasm directly for compute-heavy paths.