You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some vats are entirely stateless or maintain all of their state in secondary storage (notably the comms vat and likely also the vattp vat once a little work is done on it). For these vats, replaying their transcript on restart is pointless, because the purpose of replay is to recover hidden internal state which makes no sense if there isn't any. If replay is pointless, then it follows that the transcript serves no operational purpose and therefor we can save disk space (in the case of the comms vat, potentially very large amounts of disk space) by not recording the transcript in the first place. Not recording the transcript may also provide a modest performance boost for these vats by virtue of skipping the disk writes and the logic that drives them.
Description of the Design
The most obvious thing is to have this be a new configuration option, say stateless or noTranscript, presumably a boolean. It makes sense to control it as a configuration option (rather than, say, putting it into the vat's initialization code) because although we'd like to be able to dispense with the transcript for operations, it may prove helpful during development and shakedown to have a recording of what happened if something went wrong.
When this flag is enabled, the recording of the transcript will be skipped. The replay logic will also have to be changed to regard the absence of a transcript for such vats as normal and expected.
Security Considerations
Care needs to be take to ensure that any vat that employs this option is actually stateless, lest some kind of visible non-determinism leak in.
The text was updated successfully, but these errors were encountered:
What is the Problem Being Solved?
Some vats are entirely stateless or maintain all of their state in secondary storage (notably the comms vat and likely also the vattp vat once a little work is done on it). For these vats, replaying their transcript on restart is pointless, because the purpose of replay is to recover hidden internal state which makes no sense if there isn't any. If replay is pointless, then it follows that the transcript serves no operational purpose and therefor we can save disk space (in the case of the comms vat, potentially very large amounts of disk space) by not recording the transcript in the first place. Not recording the transcript may also provide a modest performance boost for these vats by virtue of skipping the disk writes and the logic that drives them.
Description of the Design
The most obvious thing is to have this be a new configuration option, say
stateless
ornoTranscript
, presumably a boolean. It makes sense to control it as a configuration option (rather than, say, putting it into the vat's initialization code) because although we'd like to be able to dispense with the transcript for operations, it may prove helpful during development and shakedown to have a recording of what happened if something went wrong.When this flag is enabled, the recording of the transcript will be skipped. The replay logic will also have to be changed to regard the absence of a transcript for such vats as normal and expected.
Security Considerations
Care needs to be take to ensure that any vat that employs this option is actually stateless, lest some kind of visible non-determinism leak in.
The text was updated successfully, but these errors were encountered: