@sonr.io/hway

v0.0.3

Published

4 months ago

Highway service - bridge between the Public Internet and Sonr blockchain

0High
0Medium
0Low

prnk28

highway bridge blockchain sonr service

Highway Service (hway)

Highway is a high-performance task processing service for Sonr's decentralized vault system. It provides asynchronous, durable execution of cryptographic operations using WebAssembly enclaves and Redis-backed job queues.

Overview

Highway acts as a distributed task processor that handles secure cryptographic operations for the Sonr blockchain ecosystem. It leverages:

Asynq for reliable job queue management with Redis
Proto.Actor for actor-based concurrency
WebAssembly enclaves for secure cryptographic operations
IPFS integration for decentralized storage

Quick Start

Prerequisites

Redis server running on 127.0.0.1:6379
Go 1.24.4 or later

Installation

# Build and install the Highway service
make install

# Or build directly
cd cmd/hway
go build -o hway .

Running the Service

# Start the Highway service
./hway

The service will connect to Redis and begin processing vault tasks with the following configuration:

Concurrency: 10 workers
Queue Priorities:
- critical: 6 workers
- default: 3 workers
- low: 1 worker

Architecture

Highway implements a multi-layered architecture for secure task processing:

�����������������    ������������������    �����������������
   Task Queue    ����  Highway Service ����  Vault Actor    
   (Redis)              (Asynq)             (Proto.Actor)   
�����������������    ������������������    �����������������
                                                        
                                                        �
                                               �����������������
                                                 WASM Enclave   
                                                  (Extism)      
                                               �����������������

Core Components

Task Processing Layer (main.go)
- Asynq server configuration
- Task routing and worker management
- Redis connection handling
Actor System (internal/vault/plugin/actor.go)
- Proto.Actor based concurrency
- Behavioral state management
- Lifecycle management for WASM plugins
Plugin Interface (internal/vault/plugin/plugin.go)
- WebAssembly plugin abstraction
- Secure cryptographic operations
- Type-safe method calls
Task Definitions (internal/vault/tasks/)
- Task type definitions
- Payload serialization
- Task processing logic

Supported Operations

Highway supports the following cryptographic operations through its vault system:

Key Generation

// Generate a new cryptographic key pair
type GenerateRequest struct {
    ID string `json:"id"`
}

type GenerateResponse struct {
    Data      *mpc.EnclaveData `json:"data"`
    PublicKey []byte           `json:"public_key"`
}

Digital Signatures

// Sign a message
type SignRequest struct {
    Message []byte           `json:"message"`
    Enclave *mpc.EnclaveData `json:"enclave"`
}

type SignResponse struct {
    Signature []byte `json:"signature"`
}

Signature Verification

// Verify a signature
type VerifyRequest struct {
    PublicKey []byte `json:"public_key"`
    Message   []byte `json:"message"`
    Signature []byte `json:"signature"`
}

type VerifyResponse struct {
    Valid bool `json:"valid"`
}

Vault Management

Export to IPFS

type ExportRequest struct {
    Enclave  *mpc.EnclaveData `json:"enclave,omitempty"`
    Password []byte           `json:"password,omitempty"`
}

type ExportResponse struct {
    CID     string `json:"cid,omitempty"`
    Success bool   `json:"success"`
}

Import from IPFS

type ImportRequest struct {
    CID      string `json:"cid,omitempty"`
    Password []byte `json:"password,omitempty"`
}

type ImportResponse struct {
    Enclave *mpc.EnclaveData `json:"enclave,omitempty"`
    Success bool             `json:"success"`
}

Vault Refresh

type RefreshRequest struct {
    Enclave *mpc.EnclaveData `json:"enclave,omitempty"`
}

type RefreshResponse struct {
    Okay bool             `json:"okay"`
    Data *mpc.EnclaveData `json:"data,omitempty"`
}

Task Management

Creating Tasks

Tasks are created using the Asynq task creation utilities:

import "github.com/sonr-io/sonr/internal/vault/tasks"

// Create a vault generation task
task, err := tasks.NewVaultGenerateTask(userID)
if err != nil {
    return err
}

// Enqueue the task
client := asynq.NewClient(asynq.RedisClientOpt{Addr: "127.0.0.1:6379"})
info, err := client.Enqueue(task)

Task Types

Highway currently supports the following task types:

vault:generate - Generate new cryptographic key pairs

Additional task types can be registered by:

Defining the task type constant in internal/vault/tasks/types.go
Creating appropriate payload and response structures
Implementing the task processor
Registering the handler in main.go

Configuration

Redis Configuration

Highway connects to Redis using the following default settings:

const redisAddr = "127.0.0.1:6379"

Worker Configuration

asynq.Config{
    Concurrency: 10,
    Queues: map[string]int{
        "critical": 6,  // High priority tasks
        "default":  3,  // Normal priority tasks
        "low":      1,  // Low priority tasks
    },
}

Actor System Configuration

const KRequestTimeout = 20 * time.Second

Security Model

Highway implements a multi-layered security approach:

WebAssembly Isolation: All cryptographic operations run in WASM enclaves
Actor Encapsulation: Each vault actor maintains isolated state
Encrypted Storage: Vault data is encrypted before IPFS storage
Password Protection: Additional password layer for import/export operations
Request Validation: All requests undergo validation before processing

Development

Adding New Task Types

Define the task type:

// In internal/vault/tasks/types.go
const TypeNewOperation = "vault:new_operation"

Create payload structures:

type NewOperationPayload struct {
    Field1 string `json:"field1"`
    Field2 int    `json:"field2"`
}

func NewNewOperationTask(field1 string, field2 int) (*asynq.Task, error) {
    payload, err := json.Marshal(NewOperationPayload{
        Field1: field1,
        Field2: field2,
    })
    if err != nil {
        return nil, err
    }
    return asynq.NewTask(TypeNewOperation, payload), nil
}

Implement the processor:

func (processor *VaultProcessor) ProcessNewOperation(ctx context.Context, t *asynq.Task) error {
    var p NewOperationPayload
    if err := json.Unmarshal(t.Payload(), &p); err != nil {
        return fmt.Errorf("json.Unmarshal failed: %v: %w", err, asynq.SkipRetry)
    }

    // Process the task
    // ...

    return nil
}

Register the handler:

// In main.go
mux.Handle(tasks.TypeNewOperation, tasks.NewVaultProcessor())

Testing

Highway includes comprehensive test suites for:

Task processing logic
Actor system behavior
WASM plugin integration
Redis queue operations

Run tests with:

make test-vaults

Monitoring and Observability

Highway provides detailed logging for:

Task processing events
Actor lifecycle management
Plugin operation results
Error conditions and recovery

All logs use structured logging with slog for consistent formatting and filtering.

Performance Considerations

Concurrency: Adjust worker count based on CPU cores and workload
Queue Priorities: Balance task priorities according to business requirements
Redis Memory Usage: Monitor Redis memory consumption with large task volumes
WASM Performance: Plugin operations are CPU-intensive; size workers accordingly

Troubleshooting

Common Issues

Redis Connection Failed

could not run server: dial tcp 127.0.0.1:6379: connect: connection refused

Ensure Redis server is running on the configured address
Check Redis configuration and network connectivity

Plugin Load Failed

failed to create enclave host: plugin load error

Verify WASM plugin file exists and is accessible
Check plugin manifest configuration
Review Extism runtime requirements

Actor Initialization Failed

Enclave actor failed to start

Review plugin loading prerequisites
Check system memory and resource availability
Verify Proto.Actor system configuration