alt Hacker NewsI'm not familiar with the security guarantees of WASM in the browser but I imagine they're more along the lines of preventing data exfiltration from the browser/OS, it would be difficult to prevent something like abusing your CPU resources to mine Bitcoin in the background for example.
One way to protect yourself from bitcoin mining is to not give a WASM program both an access to get incoming data and send data both into a 3rd party server. Another possibility is to threshold computation power on the WASM interpreter so that there's a limit of opcodes processed.