🌈WebNativeπŸš€ How to put a full stack directly in the browser ✨Speakeasy JS🍻

Or:

Or: The Beginnings of a WebOS

Or: The Beginnings of a WebOS Wait, no

Or:

Or: A Browser-Based File System, Location Independence, User Controlled Data, Self-Modifying Apps, & Serverless Auth …plus some surprising things we’ve learned along the way

Brooklyn Zelenka @expede

Brooklyn Zelenka @expede β€’ CTO at Fission β€’ https://fission.codes β€’ 100% FOSS β€’ Obsoleting backends one function at a time β€’ PLT, VMs, Distributed Systems, Prev. ETH Core β€’ Founded Vancouver FP, Code & Co ee YVR ff β€’ FOSS β€” Witchcraft, Exceptional, Rescue, &c

shop.fission.codes Code: SPEAKEASYJS

Stickers! shop.fission.codes Code: SPEAKEASYJS

This is the JavaScript meetup for πŸ₯Ό mad science, πŸ§™ hacking, and πŸ§ͺ experiments SpeakeasyJS Homepage

This is the JavaScript meetup for πŸ₯Ό mad science, πŸ§™ hacking, and πŸ§ͺ experiments SpeakeasyJS Homepage

This is the JavaScript meetup for βœ… πŸ₯Ό mad science, βœ… πŸ§™ hacking, and βœ… πŸ§ͺ experiments πŸ‘ SpeakeasyJS Homepage

The Problem(s) Starting Conditions 🚦

WebNative πŸš€ The Web Today

WebNative πŸš€ The Web Today πŸ’ πŸ–₯

WebNative πŸš€ The Web Today πŸ’ πŸ–₯ 🐒

WebNative πŸš€ The Web Today πŸ’ πŸ–₯ 🐒 πŸ—ƒ

WebNative πŸš€ The Web Today πŸ’ πŸ–₯ 🐒 βš™ πŸ—ƒ

WebNative πŸš€ The Web Today πŸ’ πŸ–₯ 🐒 βš™ πŸ’ͺ πŸ—ƒ

WebNative πŸš€ The Web Today πŸ’ πŸ–₯ 🐒 βš™ πŸ’ͺ πŸ—ƒ

WebNative πŸš€ The Web Today πŸ’ πŸ’ πŸ’ πŸ–₯ 🐒 πŸ–₯ πŸ–₯ βš™ πŸ’ͺ πŸ—ƒ

WebNative πŸš€ The Web Today πŸ’ πŸ’ πŸ’ πŸ–₯ 🐒 πŸ–₯ πŸ–₯ βš™ πŸ’ͺ πŸ” πŸ—ƒ

WebNative πŸš€ The Web Today πŸ’ πŸ’ πŸ’ πŸ–₯ πŸ–₯ πŸ–₯ πŸ™ βš™ βš™ βš™ πŸ” πŸ” πŸ” πŸ—ƒ πŸ—ƒ πŸ—ƒ

WebNative πŸš€ What We Actually Want πŸ’ πŸ–₯ πŸ“ πŸ–₯ πŸ’ πŸ“ƒ

WebNative πŸš€ What We Actually Want πŸ’ πŸ–₯ πŸ“ πŸ–₯ πŸ’ πŸ“ƒ

…and so it was for many years…

…and so it was for many years… πŸ¦–β˜„πŸŒ‹πŸŒΎπŸ°πŸ’πŸš€

Is the way we do things today the β€œone true way”? Will we be doing things this way in 2025? 2050? 2100? Does knowledge always progress from good to better? Are we stuck in a local maxima?

WebNative πŸš€ Natural Consequences β€’ Server-focus β€’ Must learn more of stack β€’ Single source of truth β€’ DevOps, Docker, k8s β€’ Latency assumption β€’ FE deeply concerned with data sync

WebNative πŸš€ What Even is a β€œServer”?

  1. Auth gatekeeper (because multi-tenant data) 2. Resource availability 3. Out-of-band compute (e.g. batch tasks)

WebNative πŸš€ What Even is a β€œServer”?

  1. Auth gatekeeper (because multi-tenant data) 2. Resource availability 3. Out-of-band compute (e.g. batch tasks) s i h t r e b m e m e R ! t s i l

What if we turn the web architecture Inside Out? πŸ”

WebNative πŸš€ Like Native… but for the Web 🧐

WebNative πŸš€ Like Native… but for the Web 🧐

WebNative πŸš€ Like Native… but for the Web 🧐

WebNative πŸš€ Like Native… but for the Web 🧐

WebNative πŸš€ Like Native… but for the Web 🧐

WebNative πŸš€ Like Native… but for the Web 🧐

WebNative πŸš€ Like Native… but for the Web 🧐

WebNative πŸš€ New Assumptions, New Approach β€’ 2021 != 1991 β€’ Don’t need to rely on client/server β€’ Browsers are super powerful β€’ UI & data = only essential parts β€’ Post-serverless, edge++ β€’ New primitives (β€œgame changers”) β€’ Location independent data πŸ™Œ β€’ Browser-based encryption πŸ’ͺ β€’ Consistency models (OT, CRDTs, RAFT) 🀝 β€’ i.e. State transfer -> state synchronization β€’ New features naturally fall out of the architecture β€’ Recognize that we’re increasingly connected/networked ffi β€’ Local-first means network e cient (in the normal case)

WebNative πŸš€ Bootstrapping from Browsers APIs β€’ WebCrypto API β€’ Web Workers β€’ Service Workers β€’ IndexedDB β€’ PWA & Web App Manifest

WebNative πŸš€ How Many Steps Can We Skip?

WebNative πŸš€ How Many Steps Can We Skip? Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Developer πŸ‘©πŸ’»

WebNative πŸš€ How Many Steps Can We Skip? Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ REST / JSON-RPC / GraphQL ↕ Server βš™ Data Store πŸ—ƒ DevOps πŸ“€ Developer πŸ‘©πŸ’»

WebNative πŸš€ How Many Steps Can We Skip? Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ REST / JSON-RPC / GraphQL ↕ Current Server βš™ Data Store πŸ—ƒ DevOps πŸ“€ Developer πŸ‘©πŸ’»

WebNative πŸš€ How Many Steps Can We Skip? Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ REST / JSON-RPC / GraphQL ↕ Current Server βš™ Data Store πŸ—ƒ DevOps πŸ“€ Developer πŸ‘©πŸ’» Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ WebNative πŸš€ Developer πŸ‘©πŸ’»

WebNative πŸš€ How Many Steps Can We Skip? Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ REST / JSON-RPC / GraphQL ↕ Current Server βš™ Data Store πŸ—ƒ DevOps πŸ“€ Developer πŸ‘©πŸ’» Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ WebNative πŸš€ Developer πŸ‘©πŸ’» Proposed

WebNative πŸš€ How Many Steps Can We Skip? Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ Current Users πŸ‘¨πŸ«πŸ‘©πŸ­πŸ§‘βš•πŸ‘· Browser πŸ–₯ WebNative πŸš€ REST / JSON-RPC / GraphQL ↕ Developer πŸ‘©πŸ’» Server βš™ Quick iteration πŸ”„ Data Store πŸ—ƒ DevOps πŸ“€ Developer πŸ‘©πŸ’» Focus on end users πŸ’ Lower barrier to entry πŸ‘¨πŸŽ¨ Proposed

WebNative πŸš€ Constraints β€’ Vanilla browser, no plugins β€’ UX as good or better than existing β€’ Literally no distinction between local and production β€’ No server required, put it in the browser β€’ User controlled identity & data β€’ Open to participation β€’ Accessible o ine ffl β€’ At least as secure as existing apps

WebNative πŸš€ Mini-Demo

WebNative πŸš€ Mini-Demo

WebNative πŸš€ Code

WebNative πŸš€ Code Auth doesn’t even leave your browser πŸ‘†

WebNative πŸš€ Code

If React is β€œjust the view layer”, then WebNative is β€œjust the data layer” It turns out the data layer touches lots of other things

WebNative πŸš€ Stack

WebNative πŸš€ Stack 1st & 3rd Party Dev’s App Business Logic & View

WebNative πŸš€ Stack 1st & 3rd Party Dev’s App Business Logic & View API Platform Abstractions WebNative SDK

WebNative πŸš€ Stack ⬆ Apps ⬇ Core Technology 1st & 3rd Party Dev’s App Business Logic & View API Platform Abstractions WebNative SDK

WebNative πŸš€ Stack 1st & 3rd Party Dev’s App Business Logic & View API Platform Abstractions WebNative SDK ⬆ Apps ⬇ Core Technology Command/Mutation UCAN Auth & ID Read/Query Cryptree Identity did:key

WebNative πŸš€ Stack 1st & 3rd Party Dev’s App Business Logic & View API Platform Abstractions WebNative SDK ⬆ Apps ⬇ Core Technology Command/Mutation UCAN Auth & ID Read/Query Cryptree Transport DNS, IPFS, PubSub, Matrix Identity did:key

WebNative πŸš€ Stack 1st & 3rd Party Dev’s App Business Logic & View API Platform Abstractions WebNative SDK ⬆ Apps ⬇ Core Technology Durable Structured Store WebNative Database Durable File Store WebNative File System Durable Data Command/Mutation UCAN Auth & ID Read/Query Cryptree Transport DNS, IPFS, PubSub, Matrix Identity did:key

WebNative πŸš€ Stack 1st & 3rd Party Dev’s App Business Logic & View API Platform Abstractions WebNative SDK ⬆ Apps ⬇ Core Technology Broadcast Collaboration, Chat, Instant Sync Soft Realtime Store Durable Structured Store WebNative Database O ine & Async Sharing Exchange Store Durable File Store WebNative File System Durable Data Command/Mutation UCAN ffl Auth & ID Global: Aggregation, Forms, Feeds Gossip Broadcast Read/Query Cryptree Transport DNS, IPFS, PubSub, Matrix Identity did:key

WebNative πŸš€ Painting a Picture πŸ–Ό β€’ Go from zero to production on a plane ✈ β€’ Move data to compute and vice versa πŸ”„ β€’ Publish updates from inside the browser πŸš€ β€’ Code is data = self modifying apps 🐣 β€’ Anyone can be a service provider (lower bar to entry) πŸ’πŸ’ β€’ Including adversarial cooperation

Content Addressed Data

Content Addressed Data It works offline and online, totally distributed & concurrent, anyone can create or request data, & data is always changing.

Content Addressed Data It works offline and online, totally distributed & concurrent, anyone can create or request data, & data is always changing.

Content Addressed Data It works offline and online, totally distributed & concurrent, anyone can create or request data, & data is always changing. Great!

Content Addressed Data It works offline and online, totally distributed & concurrent, anyone can create or request data, & data is always changing. Great!

Content Addressed Data It works offline and online, totally distributed & concurrent, anyone can create or request data, & data is always changing. Great! How do you even get a consistent pointer?

Content Addressed Data Pushing Bytes Around 🚚

Content Addressed Data Unique Hash ~ UUID++

Content Addressed Data Unique Hash ~ UUID++

Content Addressed Data Arbitrary Content

Content Addressed Data Arbitrary Content

Content Addressed Data Location Addressing β€’ Predominantly single-source (per file) server/client β€’ Like a key/value store {ip => {path => content}} β€’ DNS maps names to IP addresses β€’ Focused on the physical network β€’ Mutable addressing β€’ www.foo.com/baz may be JSON today, but a video tomorrow β€’ …or altered content

Content Addressed Data Location Addressing β€’ Predominantly single-source (per file) server/client β€’ Like a key/value store {ip => {path => content}} β€’ DNS maps names to IP addresses β€’ Focused on the physical network β€’ Mutable addressing V I R T UA L A D D R E S S P H Y S I C A L L O C AT I O N β€’ www.foo.com/baz may be JSON today, but a video tomorrow β€’ …or altered content

Content Addressed Data Universal / Content-Based Routing β€’ A layer of abstraction above location β€’ Like a key/value store {hash(content) => content} β€’ Content hash AKA β€œcontent identifier” or CID β€’ Special β€œuniversal” relationship to content V I R T UA L A D D R E S S β€’ Focused on the data β€’ Who cares where it’s stored? β€’ E cient auto-caching β€’ Still have paths β€’ Immutable DAG ffi β€’ No loops P H Y S I C A L L O C AT I O N

Content Addressed Data Universal / Content-Based Routing β€’ A layer of abstraction above location β€’ Like a key/value store {hash(content) => content} CONTENT ID β€’ Content hash AKA β€œcontent identifier” or CID β€’ Special β€œuniversal” relationship to content V I R T UA L A D D R E S S β€’ Focused on the data β€’ Who cares where it’s stored? β€’ E cient auto-caching β€’ Still have paths β€’ Immutable DAG ffi β€’ No loops P H Y S I C A L L O C AT I O N

Content Addressed Data Hash-Linked Data

Content Addressed Data Hash-Linked Data { Qm123456…: { data: β€œHello world”, links: [ {name: β€œcompany”, hash: Qmabcdef…} {name: β€œlicense”, hash: Qmzyxwvu…} ] } }

Content Addressed Data Hash-Linked Data { { Qm123456…: { data: β€œHello world”, links: [ {name: β€œcompany”, hash: Qmabcdef…} {name: β€œlicense”, hash: Qmzyxwvu…} ] } } Qmabcdef…: { data: β€œFISSION”, links: [ {name: β€œcity”, hash: Qm1gb5sn…}, {name: β€œabout”, hash: Qmzyxwvu…} ] } }

Content Addressed Data Hash-Linked Data { { Qm123456…: { data: β€œHello world”, links: [ {name: β€œcompany”, hash: Qmabcdef…} {name: β€œlicense”, hash: Qmzyxwvu…} ] } } Qmabcdef…: { data: β€œFISSION”, links: [ {name: β€œcity”, hash: Qm1gb5sn…}, {name: β€œabout”, hash: Qmzyxwvu…} ] } } ipfs cat /ipfs/Qm123456…/company/about/founder => β€œBrooke”

Content Addressed Data Tradeoffs β€’ Equality vs identity β€’ Recovering identity from structural equality, but not vice-versa β€’ Caching is trivial β€’ Data fetches β€’ Artifacts β€’ Results of computation β€’ Zooko’s Triangle

Content Addressed Data P2P Discovery, Lookup, Transport

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» β˜• πŸ’» πŸ’

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» β˜• πŸ’» πŸ’

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» πŸ’» πŸ’» πŸ’» β˜• πŸ’» πŸ’» πŸ’ πŸ’» πŸ’» πŸ’» πŸ’» πŸ’»

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» πŸ’» πŸ’» πŸ’» β˜• πŸ’» πŸ’» πŸ’ πŸ’» πŸ’» πŸ’» πŸ’» πŸ’»

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» πŸ’» πŸ’» πŸ’» β˜• πŸ’» πŸ’» πŸ’ πŸ’» πŸ’» πŸ’» πŸ’» πŸ’»

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» πŸ’» πŸ’» πŸ’» β˜• πŸ’» πŸ’» πŸ’ πŸ’» πŸ’» πŸ’» πŸ’» πŸ’»

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» πŸ’ πŸ’»

Content Addressed Data P2P Discovery, Lookup, Transport πŸ’» πŸ’» πŸ’ πŸ’»

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» πŸ’» πŸ‘©πŸ’» ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» πŸ’» πŸ‘©πŸ’» ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» ☁ πŸ”— https://yourname.example.com TXT => CID πŸ’» πŸ‘©πŸ’» πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» πŸ’» πŸ‘©πŸ’» ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» πŸ’» πŸ‘©πŸ’» ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» πŸ’» πŸ‘©πŸ’» ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» πŸ’» πŸ‘©πŸ’» ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» 🧘 ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» 🧘 ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» ☁ πŸ”— https://yourname.example.com TXT => CID 🧘 πŸ‘¨πŸŽ€

Content Addressed Data Mutable Pointer Broadcast: DNSLink πŸ’»πŸ–₯ πŸ–₯πŸ’» 🧘 ☁ πŸ”— https://yourname.example.com πŸ‘¨πŸŽ€

Content Addressed Data

Content Addressed Data So we have a universal namespace.

Content Addressed Data So we have a universal namespace.

Content Addressed Data So we have a universal namespace. Great!

Content Addressed Data So we have a universal namespace. Great!

Content Addressed Data So we have a universal namespace. Great! Well that seems pretty insecure…

Securing Data Access Fixing the Leaky Pipes 🚿

Securing Data Access Grouped by User, Not by App

Securing Data Access Grouped by User, Not by App

Securing Data Access Grouped by User, Not by App f f f Alice’s Stu Bob’s Stu Carol’s Stu

Securing Data Access Grouped by User, Not by App Bob’s Photo Gallery πŸ–Ό f f f Alice’s Stu Bob’s Stu Carol’s Stu

Securing Data Access Grouped by User, Not by App Bob’s Photo Gallery πŸ–Ό Alice’s Stu Bob’s Stu Carol’s Stu f f f Carol’s Videogame πŸ‘Ύ

Securing Data Access Grouped by User, Not by App Alice’s Stu Mu Alic sic e’s Pla 🎢 yer Bob’s Photo Gallery πŸ–Ό Bob’s Stu Carol’s Stu f f f Carol’s Videogame πŸ‘Ύ

Securing Data Access WNFS Layout

Securing Data Access WNFS Layout alice.fission.name

Securing Data Access WNFS Layout Public Photos Avatars Apps alice.fission.name

Securing Data Access WNFS Layout alice.fission.name Public Photos Avatars Private Apps Photos Apps Family Photos My Gallery

Securing Data Access WNFS Layout alice.fission.name Public Photos Avatars Private Apps Shared By Me Photos Apps Family Photos My Gallery Keys and Keys Keysand and Pointers Pointers Pointers

Securing Data Access WNFS Layout alice.fission.name Public Photos Avatars Private Apps Shared By Me Photos Apps Family Photos My Gallery Keys and Keys Keysand and Pointers Pointers Pointers Shared w/ Me Keys and Pointers

Securing Data Access Virtual Nodes

Securing Data Access Virtual Nodes Raw Node

Securing Data Access Virtual Nodes Raw Node File Node Raw Data Metadata

Securing Data Access Virtual Nodes Raw Node File Node Raw Data Metadata Directory Node Index Metadata

Securing Data Access Virtual Nodes File Node Raw Node β€’ Virtual Node Raw Data β€’ Consistent interface β€’ Arbitrary metadata β€’ Tags, creators, MIME, sources, &c Metadata Directory Node Index Metadata

Securing Data Access Hard & Soft Links

Securing Data Access Hard & Soft Links β€’ Hard links β€’ New for the web! β€’ Direct reference β€’ 2 pointers ~ duplicate

Securing Data Access Hard & Soft Links β€’ Hard links β€’ New for the web! β€’ Direct reference β€’ 2 pointers ~ duplicate β€’ Soft links β€’ Like a symlink or web link β€’ 2 pointers ~ latest β€’ May break β€’ Always some version available

Securing Data Access Hard & Soft Links β€’ Hard links β€’ New for the web! β€’ Direct reference β€’ 2 pointers ~ duplicate β€’ Soft links β€’ Like a symlink or web link β€’ 2 pointers ~ latest β€’ May break β€’ Always some version available

Securing Data Access Hard & Soft Links β€’ Hard links β€’ New for the web! β€’ Direct reference β€’ 2 pointers ~ duplicate β€’ Soft links β€’ Like a symlink or web link β€’ 2 pointers ~ latest β€’ May break β€’ Always some version available

Securing Data Access Hard & Soft Links β€’ Hard links β€’ New for the web! β€’ Direct reference β€’ 2 pointers ~ duplicate β€’ Soft links β€’ Like a symlink or web link β€’ 2 pointers ~ latest β€’ May break β€’ Always some version available

Securing Data Access Hard & Soft Links β€’ Hard links β€’ New for the web! β€’ Direct reference β€’ 2 pointers ~ duplicate β€’ Soft links β€’ Like a symlink or web link β€’ 2 pointers ~ latest β€’ May break β€’ Always some version available

Securing Data Access Persistent Versioning & Events

Securing Data Access Persistent Versioning & Events Photos@r0 Vacation Avatars@r0 beach.png caricature.jpg Revision 0

Securing Data Access Persistent Versioning & Events Photos@r0 Vacation Avatars@r0 beach.png caricature.jpg Revision 0 πŸ•™

Securing Data Access Persistent Versioning & Events Photos@r0 Photos@r1 Vacation Avatars@r0 Avatars@r1 beach.png caricature.jpg headshot.png Revision 0 Revision 1 πŸ•™

Securing Data Access Persistent Versioning & Events Photos@r0 ChildEvent Vacation Avatars@r0 beach.png caricature.jpg Photos@r1 InsertNew Revision 0 headshot.png Revision 1 πŸ•™ Avatars@r1

Securing Data Access Persistent Versioning & Events Photos@r0 ChildEvent Vacation Avatars@r0 beach.png caricature.jpg Photos@r1 InsertNew Revision 0 headshot.png Revision 1 πŸ•™ Avatars@r1

Securing Data Access Persistent Versioning & Events Photos@r0 ChildEvent Vacation Avatars@r0 beach.png caricature.jpg Photos@r1 InsertNew Revision 0 Avatars@r1 headshot.png Revision 1 πŸ•™ Generation 0

Securing Data Access Persistent Versioning & Events Generation 0 Generation 1 Photos@r0 ChildEvent Vacation Avatars@r0 beach.png caricature.jpg Photos@r1 InsertNew Revision 0 headshot.png Revision 1 πŸ•™ Avatars@r1

Securing Data Access Rearranged Photos@r1 Photos@r0 Vacation Avatars@r0 beach.png caricature.jpg Avatars@r1 headshot.png

Securing Data Access Private Nodes πŸ™ˆ CBOR Binary Encrypted Node πŸ”’ AES256 + πŸ”‘ Virtual Node = Index πŸ”‘ πŸ”‘ Metadata πŸ”‘

Securing Data Access Cryptree πŸŽ„ Virtual Node Virtual Node πŸ”‘ Index πŸ”‘ πŸ”‘ Metadata πŸ”‘ πŸ”‘ πŸ”‘ Index Metadata

Cryptree πŸŽ„ Virtual Node Virtual Node πŸ”‘ Index πŸ”‘ πŸ”‘ Metadata πŸ”‘ πŸ”‘ name: β€œbeach.jpg” revision: 42 key: β€œB374A26A71490437A…” πŸ”‘

, } , { Securing Data Access Index Metadata

πŸ”‘ Cryptree πŸŽ„ Virtual Node Virtual Node πŸ”‘ Index πŸ”‘ πŸ”‘ Metadata πŸ”‘ πŸ”‘ name: β€œbeach.jpg” revision: 42 key: β€œB374A26A71490437A…” πŸ”‘

, } , { Securing Data Access Index Metadata

πŸ”‘ Cryptree πŸŽ„ Virtual Node Virtual Node πŸ”‘ Index πŸ”‘ πŸ”‘ Metadata πŸ”‘ πŸ”‘ name: β€œbeach.jpg” revision: 42 key: β€œB374A26A71490437A…” πŸ”‘

, } , { Securing Data Access Index Metadata

Securing Data Access Subtree Read Access

Securing Data Access Encrypted Tree is Surprisingly Efficient

Securing Data Access Encrypted Tree is Surprisingly Efficient HAMT (weight 16)

Securing Data Access Encrypted Tree is Surprisingly Efficient HAMT 163 = 4,096 items (weight 16) 164 = 65,536 items

Securing Data Access Encrypted Tree is Surprisingly Efficient HAMT 163 = 4,096 items (weight 16) 164 = 65,536 items Append-only Quick Read/Write Merkleized Concurrency Friendly

Securing Data Access Encrypted Tree is Surprisingly Efficient HAMT 163 = 4,096 items (weight 16) 164 = 65,536 items Append-only Quick Read/Write Merkleized Concurrency Friendly πŸ”‘

Securing Data Access Namefilters & Hiding Paths

Securing Data Access Namefilters & Hiding Paths β€’ Bare Filter β€’ parentFilte β€’ AND bloom(SHA(aesKey) β€’ AND bloom(SHA(aesKey ++ revision) β€’ Saturation β€’ nameFilter AND bloom(SHA(nameFilter) ) ) ) r β€’ Repeat until threshold bits flipped

Securing Data Access Access-Mediated Collaborative Rooting

Securing Data Access Access-Mediated Collaborative Rooting Rev 0

Securing Data Access Access-Mediated Collaborative Rooting Rev 0

Securing Data Access Access-Mediated Collaborative Rooting Rev 0 Rev 1 (Partial)

Securing Data Access Access-Mediated Collaborative Rooting Rooting progress Rev 0 Rev 1 (Partial)

Securing Data Access Access-Mediated Collaborative Rooting Rooting progress Rev 0 Rev 1 (Partial)

Securing Data Access Access-Mediated Collaborative Rooting Rooting progress No common root at this layer! Attached via HAMT Rev 0 Rev 1 (Partial)

Securing Data Access Progressive Fast Forward Rev 0 Rev 1 (Partial)

Securing Data Access Progressive Fast Forward Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward current rev + 2n Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward current rev + 2n Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward current rev + 2n β€”2m current rev + 2n Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward current rev + 2n β€”2m current rev + 2n Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward current rev + 2n β€”2m current rev + 2n Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access Progressive Fast Forward current rev + 2n β€”2m current rev + 2n O(2 * log n) Θ(1) πŸŽ‰ Rev 3 (Complete) Rev 0 Rev 1 (Partial) Rev 2 (Partial)

Securing Data Access File Sharing

Securing Data Access File Sharing Shared by Me

Securing Data Access File Sharing Shared by Me did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur

Securing Data Access File Sharing Shared by Me did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur Human Readable Name πŸ”‘ Symlink

Securing Data Access File Sharing Shared by Me did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur Human Readable Name πŸ”‘ Symlink

Securing Data Access File Sharing Shared by Me did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur Human Readable Name πŸ”‘ Symlink

Securing Data Access File Sharing Shared by Me Shared with Me did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB did:key:zStEksDrxkwYmpzqB dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU dAQjjx1PRbHG3fq4ChGeJcYU YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur YU44a4CBUExTTjeCbop6Uur Human Readable Name πŸ”‘ Symlink

Securing Data Access

Securing Data Access So we can read recursively encrypted trees that live anywhere.

Securing Data Access So we can read recursively encrypted trees that live anywhere.

Securing Data Access So we can read recursively encrypted trees that live anywhere. Great!

Securing Data Access So we can read recursively encrypted trees that live anywhere. Great!

Securing Data Access So we can read recursively encrypted trees that live anywhere. Great! How do you do writes if a a server can’t check the content?

User Controlled, Serverless, Universal Auth & ID …and UCAN Too πŸ’ͺ

UCAN Self-Sovereign Identity πŸ”‘

UCAN Self-Sovereign Identity β€’ W3C πŸ”‘

UCAN Self-Sovereign Identity β€’ W3C β€’ Microsoft πŸ”‘

UCAN Self-Sovereign Identity β€’ W3C β€’ Microsoft β€’ Government of British Columbia πŸ”‘

UCAN Self-Sovereign Identity β€’ W3C β€’ Microsoft β€’ Government of British Columbia β€’ Based on public-key cryptography πŸ”‘

UCAN Self-Sovereign Identity β€’ W3C β€’ Microsoft β€’ Government of British Columbia β€’ Based on public-key cryptography β€’ Truly β€œuniversal” user IDs πŸ”‘

UCAN Self-Sovereign Identity β€’ W3C β€’ Microsoft β€’ Government of British Columbia β€’ Based on public-key cryptography β€’ Truly β€œuniversal” user IDs β€’ Agnostic about backing πŸ”‘

UCAN Self-Sovereign Identity β€’ W3C β€’ Microsoft β€’ Government of British Columbia β€’ Based on public-key cryptography β€’ Truly β€œuniversal” user IDs β€’ Agnostic about backing β€’ For users, devices, and more πŸ”‘

UCAN Object Capability Model (OCAP)

UCAN Object Capability Model (OCAP) β€’ ACL is β€œreactive auth” / OCAP is β€œproactive auth”

UCAN Object Capability Model (OCAP) β€’ ACL is β€œreactive auth” / OCAP is β€œproactive auth” β€’ OCAP contains all the info about access

UCAN Object Capability Model (OCAP) β€’ ACL is β€œreactive auth” / OCAP is β€œproactive auth” β€’ OCAP contains all the info about access β€’ Generally some reference, proof, or key β€’ Rights to anything directly created (parenthood) β€’ The right to delegate subset of access to another (introduction)

UCAN Object Capability Model (OCAP) β€’ ACL is β€œreactive auth” / OCAP is β€œproactive auth” β€’ OCAP contains all the info about access β€’ Generally some reference, proof, or key β€’ Rights to anything directly created (parenthood) β€’ The right to delegate subset of access to another (introduction) β€’ Long history (e.g. X.509, SDSI, SPKI, Macaroons)

UCAN 3rd-party Redelegation & Attenuation

UCAN 3rd-party Redelegation & Attenuation πŸ–₯

UCAN 3rd-party Redelegation & Attenuation πŸ–₯ βš™

UCAN 3rd-party Redelegation & Attenuation πŸ–₯ πŸ”Ÿ βš™

UCAN 3rd-party Redelegation & Attenuation πŸ–₯ πŸ”Ÿ βš™ πŸ› 

UCAN 3rd-party Redelegation & Attenuation πŸ–₯ πŸ”Ÿ βš™ 2⃣ πŸ› 

UCAN JWT

UCAN Auth Chaining β€’ OCAP, provable chains, revocable β€’ Non-exportable 2048-bit RSA (WebCrypto), Ed25519 & BLS everywhere else

UCAN OAuth vs UCAN Sequence

UCAN OAuth vs UCAN Sequence

UCAN OAuth vs UCAN Sequence (Verifiable & user originated)

Final Thoughts πŸ™Š

Final Thoughts More Coming β€” Embarrassingly Distributed Deductive Database

Final Thoughts More Coming β€” Embarrassingly Distributed Deductive Database Source I

Final Thoughts More Coming β€” Embarrassingly Distributed Deductive Database Source I User+App A

Final Thoughts More Coming β€” Embarrassingly Distributed Deductive Database Source I User+App A Source II

Final Thoughts More Coming β€” Embarrassingly Distributed Deductive Database B Source II Us e r+A pp Source I User+App A

Final Thoughts More Coming β€” Embarrassingly Distributed Deductive Database pp D User+App C User+App A B r+A r+A Us e Us e Source II pp Source I

Final Thoughts More Coming β€” Embarrassingly Distributed Deductive Database β€’ Assert, refute, time, source D User+App C β€’ Merge / split easily β€’ Access control = di erent views β€’ JSON in the front, Datalog in the back πŸ§‘πŸŽ€ β€’ Help define API? calendly.com/walkah ff pp User+App A B r+A r+A Us e Us e Source II pp Source I

Final Thoughts More Coming β€” Universal Distributed Compute Off-Platform Side Effect Stream Platform Effect Stream Pure Function Stream Base Event Stream

Final Thoughts Stack 1st & 3rd Party Dev’s App Business Logic & View API Platform Abstractions WebNative SDK ⬆ Apps ⬇ Core Technology Broadcast Collaboration, Chat, Instant Sync Soft Realtime Store Durable Structured Store WebNative Database O ine & Async Sharing Exchange Store Durable File Store WebNative File System Durable Data Command/Mutation UCAN ffl Auth & ID Global: Aggregation, Forms, Feeds Gossip Broadcast Read/Query Cryptree Networking DNS, IPFS, PubSub, Matrix Identity did:key

Final Thoughts 60+ Year Trend

Final Thoughts 60+ Year Trend High Touch Invisible Custom Product / Rental Commodity / Utility

Final Thoughts 60+ Year Trend High Touch Ba rrie r to Ent ry Invisible Custom Product / Rental Commodity / Utility

Final Thoughts 60+ Year Trend High Touch Bespoke Private Ownership Ba rrie r to Ent ry Shared Hosting Serverless Universal Invisible Custom Product / Rental Commodity / Utility

https://fission.codes https://guide.fission.codes https://discord.gg/zAQBDEq πŸ˜„ Thank You, Speakeasy JS πŸŽ‰ brooklyn@fission.codes github.com/expede @expede shop.fission.codes Code: SPEAKEASYJS