HackerLangs
TopNewTrendsCommentsPastAskShowJobs

int08h

no profile record

Submissions

Roughenough 2.0 RFC-draft compliant cryptographic time sync

github.com
2 points·by int08h·9 mesi fa·1 comments

comments

int08h
·6 mesi fa·discuss
Right, I understand your meaning better.

I agree with you: no matter how good of a job the code (by construction or types or otherwise) does of “making unsafe states unrepresentable”, that in no way makes a real world complex system “safe” by itself.

Code can be structured so that valves may only be open OR closed, but nothing stops the real world from returning a sensor reading that says “the valve is <undefined>”. To remain a “safe” system, the system must deal with inconsistent states like “heisen-valves”.
int08h
·7 mesi fa·discuss
Hmm, it seems you actually agree with the OP:

OP says (your quote):

> [Most production incidents] are due to the code entering a state that should never have been possible.

You say:

> [...] it is more true that most production incidents are due to the system entering into one of thousands of unsafe states which were possible and latent in production potentially for years

I see you both agree that a broken system enters an "unsafe state" (your words) or a "state that should never have been possible" (OP's words).

"Unsafe state" and "state that should not have been possible" are, in practice in a real system, the same practical thing. I suspect you both would agree "system confuses a string for an integer and acts based on erroneous value" or "system acts on internal state that indicates the valve is both open and closed" would be states that a system should not be in. Outside pedantry, your descriptions are practically synonymous with each other.
int08h
·9 mesi fa·discuss
I've released version 2.0 of roughenough, a Rust implementation of the draft IETF Roughtime protocol (https://datatracker.ietf.org/doc/draft-ietf-ntp-roughtime/). The Roughtime protocol provides cryptographic secure time synchronization with detection of server malfeasance.

Release 2.0.x of roughenough is a rewrite of the implementation to be simpler, more comprehensive, and more performant. The repo has multiple crates that implement:

  * Performance-oriented async UDP server
  * Command-line client with multiple output formats
  * Multiple backends for secure key management for the server
  * Clients can (optionally) report malfeasance to a remote server for analysis