A platform for self-hosting internet services.

Matthew Carr 875060adac Wrote tests to verify delivery of exit notifications. 1 år sedan
.vscode d1edbd4366 Wrote the cryptography section of the new paper. 2 år sedan
crates 875060adac Wrote tests to verify delivery of exit notifications. 1 år sedan
doc d626f90ffb Started working out the definitions of the sector 1 år sedan
dockerfiles 4c31710ee0 * Updated all of the binary crates to use btconfig. It seems like 2 år sedan
tools ae4184b88b * Used the std ilog2 method in merkle_stream::log2. 2 år sedan
website d54e2c55bf Added a new deploy script to upload the site to freja. 2 år sedan
.dockerignore abfcd2af55 Wrote a dockerfile for building a container for btfsd. 2 år sedan
.gitignore 6c6ea66321 Cloned the docsy example site and started modifying it. 2 år sedan
Cargo.lock 2f75793d5d Added support to the btrun kernel for sending exit notifications. 1 år sedan
Cargo.toml 159cb2606d * Added a script for building docs for the entire workspace. 2 år sedan
LICENSE 4526f6d4b8 * Moved inessential material out of the README. 2 år sedan
README.md 43f461f7a9 Renamed btmsg to bttp. 2 år sedan
ROADMAP.md 4526f6d4b8 * Moved inessential material out of the README. 2 år sedan

README.md

Blocktree

Blocktree is a platform for building distributed systems. It aims to make it easy to create secure and reliable services using the actor model.

The goals of the system include the following:

  • Provide a message passing IPC mechanism which is high performance and cryptographically secure. This interface must support fire-and-forget, remote procedure call, and pub-sub messaging patterns.
  • Enable applications to define protocols in terms of the messages they send and receive (e.g. session types) and implement a runtime which checks for protocol adherence.
  • Implement a network file system which is highly-available, distributed, and which allows client-side encryption.
  • Perform the cryptographic key management necessary to implement access control.
  • Use the network file system to orchestrate OCI containers and Wasm modules.

Non-goals of the systems include:

  • Writing device drivers and controlling hardware.
  • Providing a framework for building frontend apps.
  • Communication over non-IP networks.

Crates

Blocktree is broken into the following main crates:

  • btlib: Contains common traits and structs. The cryptographic code lives in the crypto module. TPM support is provided by the tpm module.
  • btrun: Contains the actor runtime.
  • btserde: Defines the serde compact binary serialization format used to store data on disk and transmit over the network.
  • bttp: Defines the message passing interface.
  • btfproto: Defines the message protocol used to communicate with file servers.
  • btfsd: Implements a file server daemon.
  • btfuse: Implements a FUSE daemon which allows local or remote file systems to be mounted.

The remaining crates contain tests and code which facilitates them.

Building

Blocktree requires the nightly rust compiler. The preferred way of installing this is using rustup. Once you have rustup installed you can install the nightly toolchain with rustup toolchain install nightly.

Building is as simple as executing cargo build in the root of this repository. The test suite can be run with cargo test. In order to run the tests swtpm, libtss2 and libfuse need to be installed.

Design Principles

  • The blocktree is the network, and is used for translating blocktree paths to network endpoints.
  • IPC is performed by passing messages.
  • Messages are addressed using blocktree paths.
  • Processes are cryptographically bound to the path where they receive messages.
  • File system access is performed by passing messages.

Performance Measurement with flamegraph on Linux

In order to use the flamegraph crate to on Linux you need to setup unprivileged access to the perf utility by your user account. After installing perf (on Arch with pacman -S perf), perform the following as root (if perf is not installed at /usr/bin/perf use which perf to locate it):

# groupadd perf_users
# cd /usr/bin
# ls -alhF perf
-rwxr-xr-x  2 root root  11M Oct 19 15:12 perf
# chgrp perf_users perf
# ls -alhF
-rwxr-xr-x  2 root perf_users  11M Oct 19 15:12 perf
# chmod o-rwx perf
# ls -alhF
-rwxr-x---  2 root perf_users  11M Oct 19 15:12 perf
# setcap "cap_perfmon,cap_sys_ptrace,cap_syslog=ep" perf
# setcap -v "cap_perfmon,cap_sys_ptrace,cap_syslog=ep" perf
perf: OK
# getcap perf
perf = cap_sys_ptrace,cap_syslog,cap_perfmon+ep

(source: https://www.kernel.org/doc/html/latest/admin-guide/perf-security.html) Finally add your user account to the perf_users group:

# usermod -aG perf_users <your username>

You'll need to logout and back in for the new group to take effect. You can confirm you're in the group with:

> groups
tss audio <your username> perf_users

The you can run flamegraph as your user account with:

> cargo flamegraph --unit-test <crate name> -- test::<test name>

(source: https://crates.io/crates/flamegraph)

Test coverage with tarpaulin

The tarpaulin crate can be used to generate code coverage reports. You can install it with cargo with cargo install tarpaulin. To generate an HTML report for the entire repository, execute cargo tarpaulin --out Html from the root of this repository. The generated report will be saved to the root of the repository. You can generate coverage reports for specific crates by first navigating to the crates directory then executing the above command. Note that even if you run the tool in a subdirectory, the report will still be saved in the root of the repository. Please do not commit the coverage report.

License

Copyright 2023 Delease, LLC. The software contained in this repository is licensed under the GNU Affero General Public License Version 3 or later. A copy of this license is provided in the LICENSE file in the root of this repository. A license which allows for the usage of this software without disclosing the source code of the system containing it may be purchased by contacting Delease, LLC.