numenor-labs/discourse
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
discourse/discovery/STACK_GUIDANCE.md
Justin Carper 771c84c9b1 discovery
2025-02-20 10:50:17 -05:00

81 lines
6.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## Language and Tool Choices
### 1. **Go for Core Backend Services**
- **Why**: As your primary language, Go is perfect for the backbone of your system—handling core logic like managing commitments, verifying cryptographic proofs, and interacting with a public ledger. Go excels at concurrency, networking, and has solid built-in cryptographic support via the `crypto` package (e.g., `crypto/sha256` for hashing).
- **Use Case**: Build the main services here, such as processing submissions, verifying data, and serving as the central hub for other components.
### 2. **Python for Cryptographic Prototyping**
- **Why**: While youre more comfortable in Go, Python offers mature libraries for advanced cryptography, like blind signatures (e.g., `blind-signatures` package), which are less developed in Go. Pythons ecosystem also supports prototyping complex cryptographic components quickly.
- **Use Case**: Implement cryptographic primitives like blind signatures in Python, then expose them to your Go services via gRPC.
### 3. **JavaScript and Elm for the Frontend**
- **Why**: Your experience with JavaScript, combined with your colleagues Elm expertise, makes this a strong frontend combo. Elms type safety and functional nature ensure a secure, reliable user interface, while JavaScript can handle client-side cryptographic tasks via interop.
- **Use Case**: Use Elm to build the UI, guiding users through processes like submitting data or generating tokens. Leverage JavaScript libraries (e.g., `crypto-js`) for client-side cryptography when needed.
### 4. **Protocol Buffers and gRPC**
- **Why**: Your preference for Protocol Buffers and gRPC aligns perfectly with building secure, efficient communication between services. Go has excellent gRPC support, and Connect-wrapped gRPC adds HTTP/1.1 compatibility for broader client access.
- **Use Case**: Define service interfaces with Protocol Buffers and use gRPC for communication between your Go backend, Python cryptographic services, and Elm frontend (via JavaScript interop).
---
## Recommended Implementation Approach
### **1. Core Services in Go**
- **What**: Build the backend in Go to handle the systems core functionality—e.g., managing data submissions, verifying cryptographic proofs, and storing or retrieving data from a ledger.
- **How**:
- Use Gos `crypto` package for basic operations like hashing commitments.
- Implement gRPC servers to connect with other components.
- If you later integrate a blockchain (e.g., Ethereum), use `go-ethereum` to interact with it.
### **2. Cryptographic Components**
- **Blind Signatures**:
- **What**: Implement blind signatures in Python using the `blind-signatures` library, which is more mature than Go equivalents like `schollz/blind`.
- **How**: Create a Python microservice that generates and verifies blind signatures, exposing it via gRPC to your Go backend.
- **Zero-Knowledge Proofs (ZKPs)**:
- **What**: ZKPs are complex, with mature tools in other ecosystems (e.g., `snarkjs` in JavaScript, `circom` for circuit design). Go has emerging options like `gnark`, but you can lean on your Python/JS experience.
- **How**:
- Define ZKP circuits in Circom (a domain-specific language).
- Generate proofs in JavaScript (using `snarkjs`) or Python, and verify them in Go with a library like `gnark` or custom bindings.
### **3. Public Ledger**
- **Option 1: Centralized Database (Start Here)**:
- **What**: Use PostgreSQL with Gos `database/sql` package for simplicity and speed.
- **How**: Store commitments, signatures, and proofs with tamper-evident hashes (e.g., SHA-256) to mimic some blockchain properties initially.
- **Option 2: Blockchain (Later Upgrade)**:
- **What**: Transition to a blockchain like Ethereum for decentralization.
- **How**: Write smart contracts in Solidity and use `go-ethereum` in your Go services to interact with the chain.
### **4. Frontend with Elm**
- **What**: Build a secure, user-friendly interface in Elm, leveraging your colleagues expertise.
- **How**:
- Handle user interactions (e.g., submitting opinions, generating tokens) in Elm.
- For cryptographic operations (e.g., commitments), use JavaScript interop to call libraries like `crypto-js` or `sjcl`.
### **5. Communication with gRPC**
- **What**: Tie everything together with gRPC for secure, type-safe communication.
- **How**:
- Define your APIs in Protocol Buffers (e.g., `.proto` files).
- Implement gRPC servers in Go for the backend and in Python for cryptographic services.
- Use gRPC clients in Elm (via JavaScript interop) to connect to the backend.
---
## Why This Approach Works for You
- **Plays to Your Strengths**: Go is your core skill, so it handles the heavy lifting. Python and JavaScript fill gaps where Gos ecosystem is less mature, using languages youve worked with before.
- **Leverages Your Team**: Your Elm developer can own the frontend, ensuring a high-quality UI while you focus on the backend and integration.
- **Matches Your Preferences**: Protocol Buffers and gRPC are central to the architecture, providing the efficient, secure communication you enjoy working with.
- **Scalable Design**: Start simple with a centralized database, then scale to a blockchain if needed, all while keeping your codebase modular and maintainable.
---
## Next Steps to Get Started
1. **Go Backend**: Set up a basic gRPC server in Go using Protocol Buffers. Implement a simple hashing function with `crypto/sha256` to test commitments.
2. **Python Cryptography**: Prototype blind signatures in Python with `blind-signatures` and expose them via a gRPC service.
3. **Elm Frontend**: Work with your Elm developer to create a basic UI that sends requests to your Go backend via gRPC (using JS interop).
4. **ZKP Exploration**: Experiment with Circom and `snarkjs` to build a small ZKP circuit, then verify it in Go with `gnark`.
5. **Ledger Setup**: Start with PostgreSQL in Go, storing hashed data, and plan for a blockchain pivot later if required.
---
## Conclusion
This approach lets you use Go for the core, Python for cryptography where Go lacks, Elm for a secure frontend, and gRPC for communication—all aligned with your skills and preferences. Youll build a solid system thats secure, efficient, and extensible, with room to grow into more advanced features like blockchain integration.
Reference in New Issue View Git Blame Copy Permalink