Kevin Hoffman
I turn napkin drawings into software
Introduction to waSCC
Kevin Hoffman
about me
- Been using WebAssembly since before it was cool
- Distributed Systems Nerd
- Creator of waSCC
- Author
- Tech Books (20+)
- Fantasy Novels (2)
- Blogger
agenda
- Software Development Today
- How WebAssembly Can Help
- Introducing waSCC
- waSCC Key Concepts
- Demos (the good stuff)
software development
- Copy-and-pasted complexity
- Infinite boilerplate
- High dev & ops friction
- 90% NFRs, 10% features
DEVELOPER SMASH!
software development
- Not portable enough
- Not secure enough
- Not easy enough to deploy
- Not easy enough to update & maintain
DEVELOPER SMASH!
... even using Docker, Kubernetes, etc...
how can webassembly help?
- Portable
- Fast
- Secure
- Lightweight
- Limitations can be turned to Advantages
what is wascc?
improve developer experience while creating a safer, simpler operations model
what is wascc?
- WebAssembly Secure Capabilities Connector
- Compose Features by Coding Actors
- Securely Bind Actors to Capabilities
- Run Actors and Capabilities Anywhere.
- Cryptographically Secure
- Verify wasm creators, chain of provenance
- Actors can only do what we allow
wascc stack
WebAssembly JIT or Interpret Engine
waPC (WebAssembly Procedure Calls)
wascap (capabilities-based security)
wascc-host
Generic waSCC Host Binary
microservices
tightly coupled / non-composable
HTTP Server
RDB Client
Cache Client
HTTP Client
Business Logic
Logging
Analytics
actors
loosely coupled / composeable
Actor
HTTP Server
RDB Client
Cache Client
HTTP Client
wascc development workflow
- Create Actor (Rust, AssemblyScript, Zig)
- Compile Actor to .wasm
- Sign Actor w/Capability Claims
- Host Actor in waSCC Runtime
- Bind Actor to Capability Provider
create an actor
handle messages
extern crate wascc_actor as actor;
#[macro_use]
extern crate serde_json;
use actor::prelude::*;
actor_handlers! {
codec::http::OP_HANDLE_REQUEST => increment_counter,
codec::core::OP_HEALTH_REQUEST => health
}
fn increment_counter(msg: codec::http::Request) -> HandlerResult<codec::http::Response> {
let key = msg.path.replace('/', ":");
let value = keyvalue::default().atomic_add(&key, 1)?;
let result = json!({"counter": value });
Ok(codec::http::Response::json(result, 200, "OK"))
}
fn health(_h: codec::core::HealthRequest) -> HandlerResult<()> {
Ok(())
}create a capability
handle messages
fn handle_call(&self, actor: &str, op: &str, msg: &[u8]) -> Result<Vec<u8>, Box<dyn Error>> {
trace!("Received host call from {}, operation - {}", actor, op);
match op {
OP_BIND_ACTOR if actor == SYSTEM_ACTOR => self.configure(deserialize(msg)?),
OP_REMOVE_ACTOR if actor == SYSTEM_ACTOR => self.remove_actor(deserialize(msg)?),
OP_GET_CAPABILITY_DESCRIPTOR if actor == SYSTEM_ACTOR => self.get_descriptor(),
keyvalue::OP_ADD => self.add(actor, deserialize(msg)?),
keyvalue::OP_DEL => self.del(actor, deserialize(msg)?),
keyvalue::OP_GET => self.get(actor, deserialize(msg)?),
keyvalue::OP_CLEAR => self.list_clear(actor, deserialize(msg)?),
keyvalue::OP_RANGE => self.list_range(actor, deserialize(msg)?),
keyvalue::OP_PUSH => self.list_push(actor, deserialize(msg)?),
keyvalue::OP_SET => self.set(actor, deserialize(msg)?),
keyvalue::OP_LIST_DEL => self.list_del_item(actor, deserialize(msg)?),
keyvalue::OP_SET_ADD => self.set_add(actor, deserialize(msg)?),
keyvalue::OP_SET_REMOVE => self.set_remove(actor, deserialize(msg)?),
keyvalue::OP_SET_UNION => self.set_union(actor, deserialize(msg)?),
keyvalue::OP_SET_INTERSECT => self.set_intersect(actor, deserialize(msg)?),
keyvalue::OP_SET_QUERY => self.set_query(actor, deserialize(msg)?),
keyvalue::OP_KEY_EXISTS => self.exists(actor, deserialize(msg)?),
_ => Err("bad dispatch".into()),
}
}Handle Messages
demo
creating our first actor
demo
using additional capabilities
demo
fearless distributed computing
Wrapping up
useful links
Docs & Guides
Social
Twitter:
@wascc_runtime, @KevinHoffman
Introduction to waSCC - WebAssembly Secure Capabilities Connector
By Kevin Hoffman
Introduction to waSCC - WebAssembly Secure Capabilities Connector
An introduction to waSCC, a WebAssembly host runtime that provides secure dispatch between actors compiled to WebAssembly and pluggable capability providers
