cloudpeers / tlfs Goto Github PK
View Code? Open in Web Editor NEWThe Local-First SDK
Home Page: https://cloudpeers.co
License: MIT License
The Local-First SDK
Home Page: https://cloudpeers.co
License: MIT License
useful properties we care about
leaving this for after the mvp. we have a system of vouching that works well enough for the mvp
use signatures to perform acl checks is now possible. for this we need to take a bit more care to ensure convergence in the presence of revocations.
I guess this will be easier once the radix tree lands
by reusing dots byzantine nodes can cause havoc
For some types (most, see below), the length is always the same. For other types, having a length prefix messes with the sort order. So it would be good if we could get rid of the mandatory length prefix and suffix in paths.
Prepreq for fixing #72
pub enum Segment {
/// Document identifier.
Doc(DocId), // fixed size
/// Peer identifier.
Peer(PeerId), // fixed size
/// Randomness used to ensure path uniqueness.
Nonce(u64), // fixed size
/// Boolean primitive.
Bool(bool), // fixed size
/// Unsigned integer primitive.
U64(u64), // fixed size
/// Signed integer primitive.
I64(i64), // fixed size
/// Utf8 string primitive.
Str(String), // variable size, length prefix?
/// Policy statement.
Policy(Policy), // fixed size?
/// Path identifier.
Dot(Dot), // fixed size
/// Positional identifier.
Position(Fraction), // variable size, inline varint encoding
/// Signature primitive.
Sig(Signature), // fixed size
}
Fraction
was created to insert at arbitrary points into an ORArray
(#59). As the len is encoded inside the path segment prior to the bytes, this breaks the ordering inside the sled tree, which the ORArray
implemention relies on.
Before the ORArray can really be used, this must be fixed.
for the mvp we need some way of discovering local peers and adding them to the document. just giving them permission isn't enough without some mechanism to notify them?
The only situation where a set with more than 1 entry can happen is if somebody changes the value for a dot, which is an adversarial scenario.
I am quite confident that if somebody can edit the dot store he can cause all kinds of issues. So we don't consider this at this time and deal with it later in a more principled way.
related: #29
astro looks quite interesting
support for atomic transactions (read committed transaction isolation)
depends on #28
When implementing join, I can do many things using very fast radix tree ops. E.g. removing expired from the store can be done with a single tree op instead of a loop.
E.g. this loop
for buf in causal.store.iter() {
let path = buf.as_path();
if !self.expired.contains_prefix(path) && !causal.expired.contains_prefix(path) {
if !self.can(peer, Permission::Write, path)? {
tracing::info!("join: peer is unauthorized to insert {}", path);
continue;
}
self.store.insert(&path);
}
}
can be turned into this:
let mut store = causal.store.clone();
store.tree_mut().remove_prefix_with(&self.expired.tree());
store.tree_mut().remove_prefix_with(causal.expired.tree());
for buf in store.iter() {
let path = buf.as_path();
if !self.can(peer, Permission::Write, path)? {
tracing::info!("join: peer is unauthorized to insert {}", path);
continue;
}
self.store.insert(&path);
}
However, operations that involve permissions at present still involve querying permissions for every path.
It would be quite useful if we had a way to produce a tree for a permission and a peer, and then perform bulk operations for that tree. This would not change except when permissions are changed.
E.g.
let writeable = self.writeable(peer, Permission::Write);
store.tree_mut().retain_prefix_with(&writeable);
right after creating a document spurious unauthorized erros may be thrown
reduce trust in cloudpeer by storing and performing join/unjoin on an encrypted crdt. this requires a deterministic encryption scheme with the disadvantage of suceptibility to statistical analysis. This can be mitigated by mapping low entropy path segments to high entropy random path segments. A suitable cipher would a nonce reuse resistant cipher like aes-gcm-siv
.
recover from accidental or malicious data addition/removal
updates are applied in causal order
related to #40
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.