...
- High level of security risks - direct usage of low-level API (World State View) may give hackers a possibility to execute malicious scenarios
- Direct dependency on WASM runtime - we make it a part of our public API without possibility to optimize it and tune a lot
- Low control over custom Iroha Special Instructions - harder to check permissions and more strict requirements to custom Iroha Special Instructions review process
- Wide spread of client side tools and technologies - with an ability to use low-level API it will be harder to develop and maintain client-side tools, like explorers.
Concerns
- Set of out-of-the-box instructions should be well-defined, it's also good to have an ability to add new OOB instructions with new versions of Iroha if needed.
Assumptions
...
- Mechanism of arguments passing should be made as close to compile time as possible to prevent runtime errors in custom instructions
Assumptions
- We value simplicity and security over low-level control and customization (extensibility)
- Any Iroha fork can deal with own set of out-of-the-box Iroha Special Instructions if all peers in their ledger will run this fork
- Iroha Special Instructions domain specific language will be client oriented with less user-friendly "backend"
Risks
- Solution will not meet requirements of Iroha modules and 3rd party applications `[2;7]`
- Performance of initial version will be slow `[7;7]`
- We will need to extend set of out-of-the-box instructions soon `[5;5]`
Additional Information
Resources
...