Introduction to waSCC

Kevin Hoffman

about me

  • Been using WebAssembly since before it was cool
  • Distributed Systems Nerd
  • Creator of waSCC
  • Author
    • Tech Books (20+)
    • Fantasy Novels (2)
  • Blogger

agenda

  • Software Development Today
  • How WebAssembly Can Help
  • Introducing waSCC
  • waSCC Key Concepts
  • Demos (the good stuff)

software development

  • Copy-and-pasted complexity
  • Infinite boilerplate
  • High dev & ops friction
  • 90% NFRs, 10% features

DEVELOPER SMASH!

software development

  • Not portable enough
  • Not secure enough
  • Not easy enough to deploy
  • Not easy enough to update & maintain

 

 

DEVELOPER SMASH!

... even using Docker, Kubernetes, etc...

how can webassembly help?

  • Portable
  • Fast
  • Secure
  • Lightweight
  • Limitations can be turned to Advantages

what is wascc?

improve developer experience while creating a safer, simpler operations model

what is wascc?

  • WebAssembly Secure Capabilities Connector
  • Compose Features by Coding Actors
  • Securely Bind Actors to Capabilities
  • Run Actors and Capabilities Anywhere.
  • Cryptographically Secure
    • Verify wasm creators, chain of provenance
    • Actors can only do what we allow

wascc stack

WebAssembly JIT or Interpret Engine

waPC (WebAssembly Procedure Calls)

wascap (capabilities-based security)

wascc-host

Generic waSCC Host Binary

microservices

tightly coupled / non-composable

HTTP Server

RDB Client

Cache Client

HTTP Client

Business Logic

Logging

Analytics

actors

loosely coupled / composeable

Actor

HTTP Server

RDB Client

Cache Client

HTTP Client

wascc development workflow

  • Create Actor (Rust, AssemblyScript, Zig)
  • Compile Actor to .wasm
  • Sign Actor w/Capability Claims
  • Host Actor in waSCC Runtime
  • Bind Actor to Capability Provider

create an actor

handle messages

extern crate wascc_actor as actor;

#[macro_use]
extern crate serde_json;

use actor::prelude::*;

actor_handlers! { 
   codec::http::OP_HANDLE_REQUEST => increment_counter,
   codec::core::OP_HEALTH_REQUEST => health 
}

fn increment_counter(msg: codec::http::Request) -> HandlerResult<codec::http::Response> {
    let key = msg.path.replace('/', ":");
    let value = keyvalue::default().atomic_add(&key, 1)?;

    let result = json!({"counter": value });
    Ok(codec::http::Response::json(result, 200, "OK"))
}

fn health(_h: codec::core::HealthRequest) -> HandlerResult<()> {
    Ok(())
}

create a capability

handle messages

fn handle_call(&self, actor: &str, op: &str, msg: &[u8]) -> Result<Vec<u8>, Box<dyn Error>> {
    trace!("Received host call from {}, operation - {}", actor, op);

    match op {
        OP_BIND_ACTOR if actor == SYSTEM_ACTOR => self.configure(deserialize(msg)?),
        OP_REMOVE_ACTOR if actor == SYSTEM_ACTOR => self.remove_actor(deserialize(msg)?),
        OP_GET_CAPABILITY_DESCRIPTOR if actor == SYSTEM_ACTOR => self.get_descriptor(),
        keyvalue::OP_ADD => self.add(actor, deserialize(msg)?),
        keyvalue::OP_DEL => self.del(actor, deserialize(msg)?),
        keyvalue::OP_GET => self.get(actor, deserialize(msg)?),
        keyvalue::OP_CLEAR => self.list_clear(actor, deserialize(msg)?),
        keyvalue::OP_RANGE => self.list_range(actor, deserialize(msg)?),
        keyvalue::OP_PUSH => self.list_push(actor, deserialize(msg)?),
        keyvalue::OP_SET => self.set(actor, deserialize(msg)?),
        keyvalue::OP_LIST_DEL => self.list_del_item(actor, deserialize(msg)?),
        keyvalue::OP_SET_ADD => self.set_add(actor, deserialize(msg)?),
        keyvalue::OP_SET_REMOVE => self.set_remove(actor, deserialize(msg)?),
        keyvalue::OP_SET_UNION => self.set_union(actor, deserialize(msg)?),
        keyvalue::OP_SET_INTERSECT => self.set_intersect(actor, deserialize(msg)?),
        keyvalue::OP_SET_QUERY => self.set_query(actor, deserialize(msg)?),
        keyvalue::OP_KEY_EXISTS => self.exists(actor, deserialize(msg)?),
        _ => Err("bad dispatch".into()),
    }
}

Handle Messages

demo

creating our first actor

demo

using additional capabilities

demo

fearless distributed computing

Wrapping up

useful links

Docs & Guides

https://wascc.dev

Social

Twitter:

@wascc_runtime, @KevinHoffman

 

Introduction to waSCC - WebAssembly Secure Capabilities Connector

By Kevin Hoffman

Introduction to waSCC - WebAssembly Secure Capabilities Connector

An introduction to waSCC, a WebAssembly host runtime that provides secure dispatch between actors compiled to WebAssembly and pluggable capability providers

  • 753