herocode/hero
12
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases Wiki Activity
7d7ff0f0ab
hero/interfaces/websocket/server/docs/ARCHITECTURE.md
Timur Gordon 7d7ff0f0ab initial commit
2025-07-29 01:15:23 +02:00

6.9 KiB
Raw Blame History

server Architecture

This document provides a detailed look into the internal architecture of the server crate, focusing on its Actix-based design, the structure of the authentication service, and the request lifecycle.

1. Core Design: The Actix Actor System

The server is built around the Actix actor framework, which allows for highly concurrent and stateful handling of network requests. The key components of this design are:

  • HttpServer: The main Actix server instance that listens for incoming TCP connections.
  • App: The application factory that defines the routes for the server.
  • CircleWs Actor: A dedicated actor that is spawned for each individual WebSocket connection. This is the cornerstone of the server's design, as it allows each client session to be managed in an isolated, stateful manner.

When a client connects to the /{circle_pk} endpoint, the HttpServer upgrades the connection to a WebSocket and spawns a new CircleWs actor to handle it. The circle public key is extracted from the URL path to identify which circle the client wants to connect to. All further communication with that client, including the entire authentication flow, is then processed by this specific actor instance.

2. Module Structure

The server crate is organized into the following key modules:

  • lib.rs: The main library file that contains the spawn_circle_server function, which sets up and runs the Actix server. It also defines the CircleWs actor and its message handling logic for all JSON-RPC methods.
  • auth/: This module encapsulates all the logic related to the secp256k1 authentication system.
    • signature_verifier.rs: A self-contained utility module that provides the verify_signature function. This function performs the core cryptographic verification of the client's signed nonce.
    • types.rs: Defines the data structures used within the authentication service.
  • webhook/: This module provides HTTP webhook handling capabilities for external services.
    • mod.rs: Main webhook module with route configuration and exports.
    • handlers/: Contains individual webhook handlers for different providers (Stripe, iDenfy).
    • verifiers.rs: Signature verification utilities for webhook authenticity.
    • types.rs: Local webhook types (configuration, errors, verification results).

3. Request Lifecycle and Authentication Flow

The diagram below illustrates the flow of a typical client interaction. The entire process, from fetching a nonce to executing a protected command, occurs over the WebSocket connection and is handled by the CircleWs actor.

sequenceDiagram
    participant Client
    participant ActixHttpServer as HttpServer
    participant CircleWsActor as CircleWs Actor
    participant SignatureVerifier as auth::signature_verifier

    Client->>+ActixHttpServer: Establishes WebSocket connection
    ActixHttpServer->>ActixHttpServer: Spawns a new CircleWsActor
    ActixHttpServer-->>-Client: WebSocket connection established

    Note over CircleWsActor: Session created, authenticated = false

    Client->>+CircleWsActor: Sends "fetch_nonce" JSON-RPC message
    CircleWsActor->>CircleWsActor: Generate and store nonce for pubkey
    CircleWsActor-->>-Client: Returns nonce in JSON-RPC response

    Client->>Client: Signs nonce with private key

    Client->>+CircleWsActor: Sends "authenticate" JSON-RPC message
    CircleWsActor->>+SignatureVerifier: verify_signature(pubkey, nonce, signature)
    SignatureVerifier-->>-CircleWsActor: Returns verification result

    alt Signature is Valid
        CircleWsActor->>CircleWsActor: Set session state: authenticated = true
        CircleWsActor-->>-Client: Returns success response
    else Signature is Invalid
        CircleWsActor-->>-Client: Returns error response
    end

    Note over CircleWsActor: Client is now authenticated

    Client->>+CircleWsActor: Sends "play" JSON-RPC message
    CircleWsActor->>CircleWsActor: Check if authenticated
    alt Is Authenticated
        CircleWsActor->>CircleWsActor: Get public key from authenticated connections map
        CircleWsActor->>CircleWsActor: Execute Rhai script with public key
        CircleWsActor-->>-Client: Returns script result
    else Is Not Authenticated
        CircleWsActor-->>-Client: Returns "Authentication Required" error
    end

This architecture ensures a clear separation of concerns and a unified communication protocol:

  • The HttpServer handles connection management.
  • The CircleWs actor manages the entire session lifecycle, including state and all API logic.
  • The auth module provides a self-contained, reusable signature verification utility.

4. Webhook Integration Architecture

In addition to WebSocket connections, the server supports HTTP webhook endpoints for external services. This integration runs alongside the WebSocket functionality without interference.

Webhook Request Flow

sequenceDiagram
    participant WS as Webhook Service
    participant HS as HttpServer
    participant WH as Webhook Handler
    participant WV as Webhook Verifier
    participant RC as RhaiDispatcher
    participant Redis as Redis

    WS->>+HS: POST /webhooks/{provider}/{circle_pk}
    HS->>+WH: Route to appropriate handler
    WH->>WH: Extract circle_pk and signature
    WH->>+WV: Verify webhook signature
    WV->>WV: HMAC verification with provider secret
    WV-->>-WH: Verification result + caller_id
    
    alt Signature Valid
        WH->>WH: Parse webhook payload (heromodels types)
        WH->>+RC: Create RhaiDispatcher with caller_id
        RC->>+Redis: Execute webhook script
        Redis-->>-RC: Script result
        RC-->>-WH: Execution result
        WH-->>-HS: HTTP 200 OK
    else Signature Invalid
        WH-->>-HS: HTTP 401 Unauthorized
    end
    HS-->>-WS: HTTP Response

Key Webhook Components

  • Modular Handlers: Separate handlers for each webhook provider (Stripe, iDenfy)
  • Signature Verification: HMAC-based verification using provider-specific secrets
  • Type Safety: Webhook payload types defined in heromodels library for reusability
  • Script Integration: Uses the same Redis-based Rhai execution system as WebSocket connections
  • Isolated Processing: Webhook processing doesn't affect WebSocket connections

Webhook vs WebSocket Comparison

Aspect WebSocket Webhook
Connection Type Persistent, bidirectional HTTP request/response
Authentication secp256k1 signature-based HMAC signature verification
State Management Stateful sessions via CircleWs actor Stateless HTTP requests
Script Execution Direct via authenticated session Via RhaiDispatcher with provider caller_id
Use Case Interactive client applications External service notifications
Data Types JSON-RPC messages Provider-specific webhook payloads (heromodels)