| ▲ | shay_ker 2 hours ago | |
Very dumb question - sending code over the network to be executed elsewhere feels like a security risk to me? I’m also curious how this looks with browser or mobile clients. Surely they’re not sending code to the server? | ||
| ▲ | pchiusano 2 hours ago | parent | next [-] | |
Mobile or browser clients talk to a Unison backend services over HTTP, similar to any other language. Nothing fancy there.[1] > sending code over the network to be executed elsewhere feels like a security risk to me? I left out many details in my explanation and was just describing the core code syncing capability the language gives you. You can take a look at [2] to see what the core language primitives are - you can serialize values and code, ask their dependencies, deserialize them, and load them dynamically. To turn that into a more industrial strength distributed computing platform, there are more pieces to it. For instance, you don't want to accept computations from anyone on the internet, only people who are authenticated. And you want sandboxing that lets you restrict the set of operations that dynamically loaded computations can use. Within an app backend / deployed service, it is very useful to be able to fork computations onto other nodes and have that just work. But you likely won't directly expose this capability to the outside world, you instead expose services with a more limited API and which can only be used in safe ways. [1] Though we might support Unison compiling to the browser and there have already been efforts in that direction - https://share.unison-lang.org/@dfreeman/warp This would allow a Unison front end and back end to talk very seamlessly, without manual serialization or networking [2] https://share.unison-lang.org/@unison/base/code/releases/7.4... | ||
| ▲ | rlmark an hour ago | parent | prev [-] | |
Not a dumb question at all! Unison's type system uses Abilities (algebraic effects) for functional effect management. On a type level, that means we can prevent effects like "run arbitrary IO" on a distributed runtime. Things that run on shared infrastructure can be "sandboxed" and prevented with type safety. The browser or mobile apps cannot execute arbitrary code on the server. Those would typically call regular Unison services in a standard API. | ||