Summary

We’ve made progress toward enabling membranes in Holochain, with the goal of making security on networks much more effective and robust. We’ve also made some minor updates to allow for getting link counts and gracefully shutting down Conductors, and patched an hc run problem that was preventing hashes from being properly established. All told, the updates in this week’s Dev Pulse represent continued iterations and improvements that will strengthen Holochain overall.

Highlights

  1. Breaking Change: Init Replaces Genesis for Zome Instance Launches
  2. Breaking Change: Zomes Require Validation Callback
  3. Links Counts for Zome Developers
  4. Conductor Shutdown When Exiting Instance
  5. Hashes for Configured DNA files Fixed in hc run

Details

Holochain Dev Pulse July 22–July 29, 2019

1. Breaking Change: Init Replaces Genesis for Zome Instance Launches (#1508)

We wanted developers to have a way to perform certain actions in response to peers joining a network, as well as be able to validate that the peer is permitted to join if certain conditions are met. Initially, we did this through the genesis function in the define_zome! and proc macro HDKs, but then noticed that developers were using it more like a zome function that happened to be called during initialization. Additionally, we found that combining the initialization and validation functions created some confusion and was not very effective.

We have therefore decided to replace genesis with init for initialization, and validate_agent for validation.

In keeping with our developers’ clear preferences, init essentially works like a zome function that takes no parameters and is called during startup. In the future, init will have the ability to take parameters from the Conductor.

For validation, validate_agent will work with the agent’s public key, as well as the DNA and validate_agency parameters, to confirm peer identities. Every validating agent on the network will be required to use validate_agent in order to enforce membrane requirements. See below for more details.

Agent Validation

2. Breaking Change: Zomes Require Validation Callback (#1497)

As previously mentioned, we are working toward enabling membranes for security purposes, and getting validation right is essential to making sure the membranes work as designed. Here, we explicitly make it possible to write a validation callback for AgentIds — the second entry on the local chain — may be run by agents on the network when a new agent joins for the first time. With custom app entries, this is done through the same entry!() macro that defines the entry type; however, because this is a system entry type, there is no entry!() macro that defines it. There is, therefore, a different syntax to allow DNA developers to define the AgentId validation.

This major change will affect existing zomes. Zome developers must add a validate_agent callback using either the old HDK or the proc macro HDK. We expect this to be the last big code change for a while.

validate_agent callback

The actual implementation of membranes that would take the result of the agent validation is not yet complete, but is the next step on the implementation roadmap. To elaborate, validate_agent will not currently stop you from gossiping, but will prevent you from seeing another agent (e.g., linking to their agent ID).

You may be familiar with the get_links function; it provides notifications when a link has been edited or deleted. Building on this method, we’ve developed get_links_count, which provides a count for the number of links. There will be many cases where getting the links is not what you need — for example, when you check an inbox with all your new messages, you don’t want the full content of those messages, just the number of them. This method will save network bandwidth, particularly if you have a lot of links.

Links counted

4. Conductor Shutdown When Exiting Instance (#1599)

Previously, when Conductors received signals to interrupt or kill their instance, there was no way for them to shut down gracefully. Coincidently, we wanted to make it easier to test what happens when a Conductor is killed and respawned and added a shutdown process for n3h. This process has been applied to Conductors, which can now handle kill signals and tell n3h that it is about to shut down.

5. Hashes for Configured DNA files Fixed in hc run (#1603)

Recently, we introduced Conductor configuration sanitization, which requires configuration files to specify the hash of the DNA being installed. After releasing that update, we received some feedback from users (#1600) that revolved around going back to optional DNA hashes in order to make zome code changes without updating the hash every time.

Hashes
Going forward, in order to run DNAs when developing, we recommend using hc run. That way, we can keep the sanitization checks in place for production, since they were explicitly meant for when the production Conductor is being used during development.

Sanitization prevents later instantiations of the production Conductor finding the source chain in the storage and not reinitializing it with a potentially changed DNA file, which could lead to confusion in multiple instances.

There was an issue found in hc run while creating a test instance that meant it was not setting the right hash. That error has now been fixed, so we want to reiterate our recommendation to use hc run to automatically set the DNA hash during development. We are working on adding new features to hc run so that it mirrors the experience of using the production Conductor in development.

Development Status: