search

hyperledger-cacti / cacti

Hyperledger Cacti is a new approach to the blockchain interoperability problem
https://wiki.hyperledger.org/display/cactus
Apache License 2.0
344 stars 286 forks source link

Out of Process Plugin Instances for Sand-boxing and Language Independence #170

Closed petermetz closed 3 years ago

petermetz commented 4 years ago

Is your feature request related to a problem? Please describe.

Currently plugins can only be developed in TS/JS code that runs on NodeJS and every plugin that gets loaded has full access to the Cactus process just like the core code itself.

We've talked about it earlier that something similar to go-plugin's could be used to allow plugins running in their own processes. This does not mean that the plugin instances would be automatically sand-boxed, but is a good start for building that as well.

Describe the solution you'd like

We should provide a way to have plugins run outside of the main Cactus NodeJS process. An example of plugin implementations should be included where Rust, Go, Java, C#, etc. languages are used or whatever else is mainstream in the crypto community.

Describe alternatives you've considered

Another thing we can/could do is make use of NodeJS specific APIs to run the plugins in V8 isolates / VMs (or whatever the NodeJS terminology is for that). What needs to be researched is specifically what type of isolation features are available because I do not want us to deliver a feature that claims us to provide proper/secure sand-boxing and then have a bunch of fine-prints attached about how it actually does not do real sand-boxing just because the solution we picked has certain limitations.

Additional context

This came up multiple times the last time Clive brought it up on the identity WG call and I agree that we need to make some headway in this direction.

Depends on #462

cc: @takeutak @jonathan-m-hamilton @sfuji822

sfuji822 commented 4 years ago

I believe keeping language independence on implementation is always challenge. Since we already agreed to design Cactus as plugable, it is OK to start with single platform NodeJS for moment. We can still provide adapters for other platforms to meet requirements. Actually, I am working on defining interfaces between plugins based on Cactus architecture (https://github.com/hyperledger/cactus/blob/master/whitepaper/whitepaper.md#4-architecture).

petermetz commented 4 years ago

I believe keeping language independence on implementation is always challenge. Since we already agreed to design Cactus as plugable, it is OK to start with single platform NodeJS for moment. We can still provide adapters for other platforms to meet requirements.

Agreed that it's not urgent for now, happy to keep this open longer term just so we don't forget about it either. That way we can incorporate it into the milestone in some later release down the line.

Actually, I am working on defining interfaces between plugins based on Cactus architecture (https://github.com/hyperledger/cactus/blob/master/whitepaper/whitepaper.md#4-architecture).

Awesome!

github-actions[bot] commented 3 years ago

:hourglass_flowing_sand: Alright! Looks like we need to wait for some dependencies:

:bulb: Don't worry, I will continue watching the list above and keep this comment updated. To add or remove a dependency please update this issue/PR description.

Brought to you by Dependent Issues (:robot: ). Happy coding!