A simple configuration-based module for inter-network RPC in Holochain hApps.

Related tags

Network programming dnaAuthorization
Overview

DNA Auth Resolver

A simple configuration-based module for inter-network RPC in Holochain hApps.

About

(TLDR; this module replaces what was formerly known as "bridging" in Holochain-Redux.)

You have a Holochain application composed of multiple coordinated application 'cells'. These cells want to talk to each other but need some way of assigning capabilities to each other in order to do so. This helper module and related zome provides this functionality.

It works by providing a layer for mapping pre-known request identifiers onto the actual zome & method names deployed into a DNA. An open-access endpoint living at the pre-known remote_auth zome name in the destination DNA is used to request and assign separate capability tokens which can be retrieved and used at runtime to authenticate method calls between apps.

Usage

In the origin zome

(the one where a record has been modified which will trigger an update in some destination zome in a remote DNA)

  1. Include the hc_zome_dna_auth_resolver_storage crate in the zome module to ensure that its capability storage EntryDef is available: 
    [dependencies]
hc_zome_dna_auth_resolver_storage = {git = "https://github.com/holochain-open-dev/dna-auth-resolver", tag = "X.X.X" package = "hc_zome_dna_auth_resolver_storage"}
    use hc_zome_dna_auth_resolver_storage::*;
  2. Wherever your cross-DNA logic is triggered, import the _lib crate and use the helper methods to communicate with the remote zome: 
    [dependencies]
hc_zome_dna_auth_resolver_lib = {git = "https://github.com/holochain-open-dev/dna-auth-resolver", tag = "X.X.X" package = "hc_zome_dna_auth_resolver_lib"}
    use hc_zome_dna_auth_resolver_lib::{DNAConnectionAuth, ensure_authed};

// define external permission ID to map to in destination zome config
pub const remote_permission_id: &str = "EXTERNAL_PERMISSION_IDENTIFIER";

// pull destination DNA hash from somewhere
let to_dna: DnaHash = //...

// transparently request & retrieve auth data for remote DNA/zome
let auth_data = ensure_authed(to_dna, remote_permission_id)?;

// use auth data to make request
let DNAConnectionAuth { claim, method } = auth_data;
let resp = hdk::call(
	Some(CellId::new(to_dna, claim.grantor().to_owned())), 
	method.0, method.1, 
	Some(claim.secret().to_owned()), 
	payload,
);

In the destination DNA

(the one containing the zome being "driven" by the origin DNA/zome)

  1. Build and include a compiled-to-WASM version of the hc_zome_dna_auth_resolver crate, with the name remote_auth. The zome name is important.
    1. One possible way of doing this is to re-export the crate from this module in your own derived crate: 
      [package]
name = "hc_zome_my_app_auth_resolver"
version = "0.1.0"
edition = "2018"
private = true

[dependencies]
hc_zome_dna_auth_resolver = {git = "https://github.com/holochain-open-dev/dna-auth-resolver", tag = "X.X.X", package = "hc_zome_dna_auth_resolver"}

[lib]
path = "src/lib.rs"
crate-type = ["cdylib", "rlib"]
      extern crate hc_zome_dna_auth_resolver;
    2. Include the built zome artifacts in your DNA bundle, along with the destination zomes. 
      zomes:
  # ...
  - name: remote_auth
    bundled: "../../target/wasm32-unknown-unknown/release/hc_zome_my_app_auth_resolver.wasm"
  2. Add this configuration block to the DNA properties: 
    properties:
  # ...
  remote_auth:
    permissions:
 	 - extern_id: EXTERNAL_PERMISSION_IDENTIFIER
 	   allowed_method: [TARGET_ZOME_NAME, TARGET_FUNC_NAME]

Troubleshooting

Errors relating to missing EntryDef for "dna_authed_method_mapping":

This can happen for zomes which define the entry_defs extern themselves rather than using convenience macros; in which case any entry types defined with #[hdk_entry] are overridden by the returned array.

In such cases, you can add this EntryDef to your EntryDefsCallbackResult:

EntryDef {
	id: CAP_STORAGE_ENTRY_DEF_ID.into(),
	visibility: EntryVisibility::Private,
	crdt_type: CrdtType,
	required_validations: 1.into(),
	required_validation_type: RequiredValidationType::default(),
},

Building / developing

Written in Rust. Uses regular Cargo manifests & package commands, best included as dependencies in your other packages.

To reference these crates directly from Github, you can use (eg.)

hc_zome_dna_auth_resolver_lib = {git = "https://github.com/holochain-open-dev/dna-auth-resolver", tag = "X.X.X" package = "hc_zome_dna_auth_resolver_lib"}

Built with this module

hdk_records is a high-level record and index management library for highly modular Holochain apps.

License

Apache-2.0

You might also like...
Layer 4 load balancer with dynamic configuration loading
Layer 4 load balancer with dynamic configuration loading

Convey Layer 4 load balancer with dynamic configuration loading featuring proxy, passthrough and direct server return modes Features Stats page (at /s

Ben Parli 289 Jan 1, 2023
Fullstack development framework for UTXO-based dapps on Nervos Network

Trampoline-rs The framework for building powerful dApps on the number one UTXO chain, Nervos Network CKB. This is an early-stage, currently very incom

TannrA 2 Mar 25, 2022
Astar Network is an interoperable blockchain based the Substrate framework and the hub for dApps within the Polkadot Ecosystem
Astar Network is an interoperable blockchain based the Substrate framework and the hub for dApps within the Polkadot Ecosystem

Astar Network is an interoperable blockchain based the Substrate framework and the hub for dApps within the Polkadot Ecosystem. With Astar Network and

Astar Network (Plasm) 43 Dec 14, 2022
Simple in-network file transfer with barely any overhead.

fftp fftp is the "Fast File Transport Protocol". It transfers files quickly between computers on a network with low overhead. Motivation FTP uses two

leo 4 May 12, 2022
Hotwire allows you to study network traffic of a few popular protocols in a simple way
Hotwire allows you to study network traffic of a few popular protocols in a simple way

Hotwire Hotwire is a gtk GUI application that leverages the wireshark and tshark infrastructure to capture traffic and explore the contents of tcpdump

null 194 Dec 30, 2022
The netns-rs crate provides an ultra-simple interface for handling network namespaces in Rust.

netns-rs The netns-rs crate provides an ultra-simple interface for handling network namespaces in Rust. Changing namespaces requires elevated privileg

OpenAnolis Community 7 Dec 15, 2022
Network simulation in Rust

netsim - A Rust library for network simulation and testing (currently linux-only). netsim is a crate for simulating networks for the sake of testing n

Andrew Cann 115 Dec 15, 2022
A private network system that uses WireGuard under the hood.

innernet A private network system that uses WireGuard under the hood. See the announcement blog post for a longer-winded explanation. innernet is simi

Tonari, Inc 4.1k Dec 29, 2022
A Curve-like AMM for Secret Network

A Curve-like AMM for Secret Network. Supports a varibale number of tokens with the same underlying value.

Enigma 16 Dec 11, 2022
Owner
Shadman Baig
Software Developer specialized in machine learning and natural language processing
Shadman Baig
GitHub
Rust wrapper for Eclipse iceoryx™ - true zero-copy inter-process-communication

iceoryx-rs Experimental rust wrapper for the iceoryx IPC middleware. clone and build The iceoryx repo is include as git submodule, therefore keep in m

null 43 Jan 4, 2023
Elkodon - true zero-copy inter-process-communication in rust

elkodon - Zero-Copy Lock-Free IPC Purely Written In Rust Introduction Performance Getting Started Publish Subscribe Events Custom Configuration Suppor

null 12 Nov 27, 2023
Eclipse iceoryx2™ - true zero-copy inter-process-communication in pure Rust

iceoryx2 - Zero-Copy Lock-Free IPC Purely Written In Rust Introduction Performance Getting Started Publish Subscribe Events Custom Configuration Suppo

null 136 Jan 1, 2024
Futures implementation for JSON-RPC

futures-jsonrpc Futures + JSON-RPC A lightweight remote procedure call protocol. It is designed to be simple! And, with futures, even more flexible! T

Victor Lopes 12 May 19, 2022
JSON-RPC endpoint proxy that dumps requests/responses for debugging

json_rpc_snoop How to build Ensure you have cargo installed and in your PATH (the easiest way is to visit https://rustup.rs/) make This will create t

null 10 Dec 14, 2022
Fast Discord RPC Client written in Rust

Discord RPC Client Examples Big image, small image, details and one button discordrpc -c 942151169185316874 -d 'untypeable nickname' --button-1-text '

Oskar 10 Jan 1, 2023
Volo is a high-performance and strong-extensibility Rust RPC framework that helps developers build microservices.

Volo is a high-performance and strong-extensibility Rust RPC framework that helps developers build microservices.

CloudWeGo 1.3k Jan 2, 2023
Docker containers on a synthetic network. Run applications in a context that lets you manipulate their network conditions.

Synthetic Network Docker containers on a synthetic network. Run applications in a context that lets you manipulate their network conditions. Dependenc

Daily 58 Dec 15, 2022
Prometheus instrumentation service for the NGINX RTMP module.

nginx-rtmp-exporter Prometheus instrumentation service for the NGINX RTMP module. Usage nginx-rtmp-exporter [OPTIONS] --scrape-url <SCRAPE_URL> O

kaylen ✨ 2 Jul 3, 2022
Leaksignal Proxy-Wasm Filter Module

Website | Docs | Blog | Slack ?? There are all kinds of sensitive data flowing through my services, but I don’t know which ones or what data. ?? LeakS

LeakSignal 27 Feb 5, 2023