Open enikao opened 1 month ago
I think we can avoid the origin exposure by this scheme:
eventId = base64urlEncode(sha256(concat(clientId, commandId)))
Both the repo and the originating client know the originating client's clientId
. So they both can perform this operation -- the repo for creating the eventId
, the originating client for checking the eventId
against previously sent commandId
s. No other client can reproduce it, but we're still certain every eventId
is unique.
The event uses the tuple
(clientId; commandId)
to refer to an event.Q: Does this expose too much about the origin? Maybe other clients should not know that change came from that client? (might be related to #276)
Can a command id be mentioned in more than one event?
Pro:
Con:
Working assumption: All events relating to the same command MUST be grouped in one "transaction" (#281)