@borkdude I want your feedback on my idea. Do you also think it is a good idea to use a babashka/node.js process as a sandboxing boundary for untrusted SCI scripts? Both babashka and node.js consume less RAM than JVM clojure. Both can enforce memory limit. Both can be killed safely after a timeout.
yeah makes sense. babashka + SCI is used like this e.g. on clojure IRC in a bot that can execute arbitrary code examples and is killed on timeout
I think limiting execution time/step and memory consumption of a turing-complete language like SCI is a hard problem. If you want a limited scripting language, you better design it from scratch.
yes, SCI does explicitly not support that, so if you want to limit turing completeness, find something else or write your own
I think turing-complete languages are known for non-deterministic termination. A turing-complete language can't deterministically terminate itself.
you are stating obvious facts about turing completeness. is there a question in there or?
I mean people forget this fact when they try to limit execution steps of SCI. It's probably an unsolvable problem.
So, I think running untrusted SCI scripts in a proper sandboxing environment like babashka/node.js processes is the right solution. You just need to find a sandboxing environment that doesn't consume a lot of RAM.
yep
What I'd really love to have a "metered sci" "You get 10 thousand cycles"
sure, that's been suggested before and I also tried it but it has performance consequences and it'll never be perfect since clojure.core functions aren't interpreted and you can still use unlimited resources with those
hmmm I would think that as long as the turing completeness provided is only by sci's compbination of clojure.core fns, and each of them would by themselves run in some bounded deterministic time, then the overall turing complete action would be time bounded. But yeah I guess you can't accurately measure the underlying cycles
(doall (range))Hmmm... Yeah, you'd have to detect all those.
you need to control the VM or the host
ask the JVM folks ;)
or Node.js or whatever
wasm maybe
wasm isn't a host
But I don't think I need fine grained cycle knowlege. Just bounded cycles
the infinite seqs are a problem though
even with finite stuff, you can construct stuff that takes longer that you'd wish for
I'm wanting it for a distrubed computation utility token scenario, where you need to just measure work evenly across peers
As long as the cost profile is fair between peers
As long as it is deterministic and gives the same invoice for services rendered on both peers
John, time is the most fundamental currency in the universe. Meter time. Time and attention are the two most fundamental currencies in the universe. Money is an imaginary medium of exchange, but time and attention are real. Even your utility tokens are an imaginary medium of exchange. Money is not real. Your tokens are not real. Time is real. • Enforce a timeout from outside, and charge per an execution that has a hard timeout • Charge per second of execution, and don't enforce a hard timeout. You can charge each second differently for different CPU cores. Run one SCI script at a time in one process. Then, each SCI job gets one dedicated CPU core.
Cloud platforms sell shared/dedicated CPU cores per month. You should do the same perhaps.
Perhaps, sell dedicated/shared CPU cores per month, week, day, second, whatever.
Sell time. Become a time lord.
lol