IRC channel logs
2023-06-13.log
back to list of logs
<kriskowal>ACTION opens dedicated irc client he forgot about. <kriskowal>for whatever reason, this room’s not discoverable for me in Element / Matrix, which would be ideal. <KrisKowal[m]>ah, found the right buttons (that did not look like buttons) <KrisKowal[m]>in any case, i’m very interested in better understanding the concrete details of the ocapn netlayer as implemented since i’m likely to be recapitulating similar work soon for agoric’s endo pet daemon. <KrisKowal[m]>i’ve invited our brian warner to talk to us about ed25519 and how we might use it (through libsodium) for a kind of rights transfer that isn’t quite the same as 3ph but might be the basis for us getting all the way there. <KrisKowal[m]> dthompson Jessica you would both be welcome for that call if you’re interested in hearing us recapitulate design conversations you’ve already tread heavily <KrisKowal[m]>that’s tomorrow, and one hour earlier than the ocapn call was today. <dthompson>cwebber: see above ^ (when you get a chance, I know you're preparing for something else right now) <dthompson>unsure what our collective availability is right now but we'll discuss! <KrisKowal[m]>As for connecting a goblin to an agoric technology, that’ll probably be the Endo pet daemon I’m working on, which is not on a chain, so the requirements are more likely to match up. <KrisKowal[m]>That is, the daemon is more likely to interoperate with your 3ph than the chain since chains can’t keep secrets. <KrisKowal[m]>But the daemon will be able to talk to the chain and out to peers, ideally including goblin peers. <KrisKowal[m]>Again, I learned that ed25519 existed yesterday and proved out that I could use it locally this morning, so I’m in a better position now to understand what I’m reading in your spec drafts. <KrisKowal[m]>I have bombed your calendars thru the end of time. I will understand if you accept the invitation for just tomorrow :-) <KrisKowal[m]>Re symbols: Do Goblins actors every have an interface that consists of both symbolically and stringly named methods? <KrisKowal[m]>As it happens, JavaScript does have objects that implement a combination of both and the distinction is meaningful for avoiding name collisions between API authors (strings) and platform authors (symbols). <dthompson>KrisKowal[m]: I can't think of any existing application code that dispatches on a string but we *could* since interpreting the first argument as a method name is a convention of *some* actors, not all. <dthompson>and there are actors whose behavior depends on how many arguments they are sent. a cell will return its current value when passed 0 arguments and will update its value when passed 1 argument. <KrisKowal[m]>The variadic overloads behavior is consistent with JavaScript.‘ <dthompson>yeah in js terms our actor behavior is represented as a function, not an object. <KrisKowal[m]>That is to say, that the bootstrap object is a struct/record that contains a fetch function, and not an object with a fetch method, aye? <KrisKowal[m]>That is meaningful to a difference in the calling convention on our side, like E(ref).fetch() vs E.get(ref).fetch() <KrisKowal[m]>And E.get(ref).fetch() incidentally doesn’t consistently work, but I expect that’s temporary and not a concern for ocapn standardization <KrisKowal[m]>But it is important that we’re clear that the protocol for interacting with the bootstrap object is the latter and not the former in spec. <KrisKowal[m]>Does Goblins tentative OCapN even support object method invocation? <KrisKowal[m]>(If it doesn’t, it will not be able to call JavaScript methods) <dthompson>the bootstrap actor has a behavior that inspects the first argument and dispatches accordingly. so like: function(method, ...) { if(method == "fetch) { ... } else { ... } } <KrisKowal[m]>Please pardon me for asking questions with answers that I’m sure are written down. ☺️ My reading comprehension is not fantastic. <dthompson>my understanding is that it would be up to the machine to interpret the arguments passed to an actor. if it's a system that does method calls then the first argument would always be the method name. <KrisKowal[m]>That is the eventual send equivalent of E(bootstrap)('fetch', ...args) <KrisKowal[m]>So, you may disregard all above hypotheses about eventual send equivalence. <dthompson>well maybe those are equivalent, I don't know. :) <KrisKowal[m]>Goblins actors and JavaScript references may be equivalent and E(actor).fetch() would presumably work for both. <KrisKowal[m]>The JavaScript receiver would look like Far('bootstrap', { fetch() {} } ) and the Goblins side would look like [sic] lambda (method, ...) ((if eq(method, 'fetch') () ) <dthompson>yeah, though I suppose without being able to know what methods are valid on a remote object that fetch() call would have to be dynamic <KrisKowal[m]>That’s consistent. Senders don’t get a guarantee that any particular method exists on the remote. <dthompson>then yeah I think we are understanding each other, more or less. <KrisKowal[m]>We’re talking about having a protocol like E(remote).getInterfaceOf() that would return a promise for a data object fully describing the remote API. That is something we would hope to talk to you about down the road as a higher level protocol. <dthompson>I believe Guy L. Steele wrote some stuff long ago about how instance+methods and lambda/function are equivalent to each other, just expressed differently. <KrisKowal[m]>A difference tho is that you’re expecting the method argument to be a symbol and not a string. <KrisKowal[m]>My strong feeling is that we would be better served by a method name type on the wire that corresponds to an interned symbol in Goblins and a string in JavaScript. <KrisKowal[m]>We’re also already aligned that remote objects do not have data properties. <dthompson>it could be the case that *sometimes* a goblins actor could respond with an interface compatible with single dispatch but others would not <KrisKowal[m]>I think that we already discussed that case in a prior ocapn talk and decided that would be represented as the lisp equivalent of undefined in the method position. <dthompson>my brain thinks in functions, not methods. :) <dthompson>like I understand the equivalence but lambda is the atomic thing in my head canon <dthompson>and methods are something you build with lambda <KrisKowal[m]>So, to reason out the equivalence in JavaScript, we need an ability to implement both a function and a bank of methods. <KrisKowal[m]>That is to say, since a Goblins actor can both model a function or an object with a bank of methods, we would need to do the same in JavaScript. <KrisKowal[m]>I think that implies that we would have to extend our Far wrapper to either take an additional argument for the function call behavior, or have a special symbol-named method to denote its function call behavior. <KrisKowal[m]>And I’ll note, this is exactly the difference between how JavaScript treats symbols vs Lisp’s treatment. <KrisKowal[m]>We really do need to have symbols for special reasons that are not relevant to the wire. <dthompson>hmm interesting. good to learn a little bit more about the agoric side of things. <KrisKowal[m]>The Far wrapper itself creates a JavaScript object that has been marked by a symbol to distinguish it from a data-object. <KrisKowal[m]>Which is to say, a symbol of the same name is effectively reserved. <dthompson>I'm going to step away from the keyboard to feed my chickens and walk my dog. this has been an informative conversation! <dthompson>^ that was about sleeping. happy to continue this conversation tomorrow and beyond. <Zarutian_iPad>re method invocation and function invocation: doesnt Agoric `(E(target))(arg1);` work? At least it did last time I looked a few moons ago. <KrisKowal[m]>Yes, though we have a few different captps laying around and they’re eventually consistent on this point. <KrisKowal[m]>The question is not whether it’s possible to have a function and eventually send it. The question is whether it’s possible to model an eventual reference that can behave both as a function and as an object. The answer to that question should be consistent across language implementations. <KrisKowal[m]>Currently, in JavaScript, I do not know of a way to create an eventual reference that can be used both as a function and a bank of methods. <Zarutian_iPad>in case of goblins such function invocations get serialized on the wire as false as the verb in deliver:op and deliveronly:op <KrisKowal[m]>Zarutian_iPad: I think these words correspond to what I mean. <KrisKowal[m]>Remind me to ask dthompson whether the new TCP netlayer depends on TLS for anything but secrecy. <Zarutian_iPad>on the tail end (the holder of the reference) the farref given to E() does not care which way it is called <KrisKowal[m]>Because the thoughts around here are to not depend on TLS at all and use ed25519 for secrecy as well. <Zarutian_iPad>on the other end, the Remotable end, you could just hand the Far() remotabl-interface-marker-function a Proxy no? <dthompson>KrisKowal[m]: hey stopped back at my computer to do something real quick so can answer now: TLS is used for it's encryption and anti-eavesdropping features. my limited understanding of the situation is that simply encrypting each message with ed25519 (or whatever) would not provide all of the benefits of TLS. <dthompson>we thought about this when we were getting frustrated by X.509 certificates and wanted a way out <dthompson>we're proceeding with TLS + self-signed X.509 certs <dthompson>adding in convenience features such as auto-generation of certs for peers who do not care about the specific key used. <Zarutian_iPad>or just give it a third argument for function invocations, or if false is the agreed on verb just do `Far(—function”, { [false]: (arg1) => { impl }, })` no? <dthompson>if you just encrypted the messages someone could still snoop on the connection and get some information <dthompson>such as maybe analyzing the size of the encrypted messages <dthompson>Zarutian_iPad: like the amount of bytes being sent over. <dthompson>the point is that TLS deliberately makes it challenging for someone sitting in the middle to get any useful information about what is happening <KrisKowal[m]>Note that all methods are either strings or symbols. false gets coërced to string. <KrisKowal[m]>Matrix corrupted my message and I had to edit a few times to make it stop. <Zarutian_iPad>right, because js objects are not like lua tables or js maps <Zarutian_iPad>and the Far() (the remotable interface marking function) needs to know the shape of the object <Zarutian_iPad>so a FarFunc() marking-function and Far() that takes three parameters could work instead? <KrisKowal[m]>very curious whether TLS doesn’t leak message sizes by virtue of timing <Zarutian_iPad>re TLS+TCP: tls basically clads the tcp connection in encryption iirc <Zarutian_iPad>so, I think there is an option to have a minimal send buffer 512 bytes or so before TLS sends <KrisKowal[m]>will ask around here. folks around here know these things. i’m a mere mortal. <Zarutian_iPad>but as far as I understand it goblin captp needs confidentiality and integrity <Zarutian_iPad>the confidentiality for similiar reason as E swissnum iirc and integrity to prevent tampering <Zarutian_iPad>if you have authenticated sender (a la PalmPilot bus messages) and CapTP of E’s .acceptFrom(), .provideFor(), and Promise3Desc, you do not need confidentiality <Zarutian_iPad>btw I am using exactly that same mechanism in ActiveCapCerts to delegate between principals (public keys, vat names, and cert cryptohashes)