Chrome already has functionality to put different sites in different processes and sandbox the processes, so that if there's a renderer bug, the attack is stuck in the sandbox of a single site and can only access that site's data. This also helps with CPU speculative execution bugs.

https://www.chromium.org/Home/chromium-security/site-isolati...