firesafe icon indicating copy to clipboard operation
firesafe copied to clipboard

Published 20 hours ago verified publisher icon tomlarkworthy

Atomic cross tree updates

Open martinleopold opened this issue 8 years ago • 5 comments

Hey Tom!

I came to this repo because of a problem I'm facing in a current project: https://stackoverflow.com/questions/32723117/firebase-secure-and-atomic-transfer-of-credits-between-user-accounts

I have a few questions about the Item Shop example and your docs about HSM in general:

  • Why do the guard clauses reference newData? Shouldn't they work on data instead?
  • In the BUY_WATER transition, the signal should be BUY_WATER as well and the effect should reference the water variable instead of sword.
  • What is the difference between the names of .transitions and the signal provided for them? Is it so I can specify a transition like INITIALIZE that doesn't have a signal?
  • In https://github.com/tomlarkworthy/firesafe/blob/master/models/shop.hsm, why are .variables and .states declared as objects? Is there any more information I can specify?

I can provide a PR for these issues if you give me heads up!

martinleopold avatar Sep 24 '15 18:09 martinleopold

  • yes
  • yes
  • the same signal can drive multiple transitions. Its a bit weird but that's the UML spec. Like a calculator has the button "3" but the meaning of that (the state and state transitions) is context dependent. So its usual to make signals user facing, and transition are internal state labels.
  • I think variables would be better modeled as an array of names. You can't put anything in them. Its just denoting the additional labels in the state diagram. I decided that because everything in Firebase is objects I would not use arrays either.

This project is pretty old and not actively maintained, on the other hand its pretty effective at what it does in its niche, but its not officially supported by Firebase. I'll help you where I can. My general advice is that if you need atomic transactions in production, it's probably easier to implement it in a server process elsewhere and sync the results to Firebase.

tomlarkworthy avatar Sep 24 '15 20:09 tomlarkworthy

Check out the new Firebase features which might make your day:= https://www.firebase.com/blog/2015-09-24-atomic-writes-and-more.html

tomlarkworthy avatar Sep 25 '15 17:09 tomlarkworthy

They sure do (I hope)! Transactions are still limited to a single branch though, but this change makes things a big chunk easier. Thanks for your help!

martinleopold avatar Sep 30 '15 18:09 martinleopold

I think Firesafe is still a viable tool for me to model and implement security. (How) is it possible to model hierachical states? (e.g. "ACCEPTED" state in attached image)

file-page1

martinleopold avatar Oct 03 '15 12:10 martinleopold

Hi Martin, So there is a diagram on page 20 of this slide show, which more or less enumerates all the cases for hierarchy: http://www.cis.upenn.edu/~lee/06cse480/lec-HSM.pdf

This is been encoded in a test case found here: https://github.com/tomlarkworthy/firesafe/blob/master/test/exhaustive_hsm_test.js

The firesafe source code for that diagram is here: https://github.com/tomlarkworthy/firesafe/blob/master/models/exhaustive.hsm

tomlarkworthy avatar Oct 04 '15 20:10 tomlarkworthy