 Get these speaker notes up. All right. Hi. Yeah, like Liam said, my name is Jordan. I Come to you from Colorado in the US My daytime job I work in fintech But I don't use wise web assembly there. We all of my experience has really come from curiosity we're going in and Yeah, there's the big disclaimer. I've never done this before so Prepare to laugh at me. It's cool However, I did do that for a decade. So I'm pretty confident myself So if you need tips on parking a 35,000 ton ship, I can do that This is much more intimidating though. So I appreciate you all and bear with me The story I'm going to share with you all day is really a story about how accepting this community has been how it's been to Learn web assembly not from a day-to-day job But really going in the docks reading the code and then hopefully building an application with it that actually works Here's my rule resume I'm going to circle to a Lot of my frustration and I decided to share this with y'all because a lot of my frustration actually started when I was more in the cybersecurity field a Lot of the a lot of the work we did was you pull data out of the sim you analyze the data You try and find the outliers you shingle it you try and do all the stuff But after doing it for almost five six years I found out that me and my Tier one tier two analysts we had scripts that we ran we emailed or select each other those scripts I might change something they might change something ultimately the scripts diverged and Sometimes they got stuck in source code management sometimes they didn't and It got extremely hard to to know like what the real truth was and that's kind of where it comes in what to trust And how if I must have here the next job I got was in the Kubernetes space Which eventually land me as a go developer which I do today, and I love a lot so Some of the challenges that I've met Trying to introduce this new technology, and we've all been there Alpha beta libraries, you know things at that level they break. It's okay. That's what we expect However, it's really hard to get buy-in from leadership when I said hey, this is worth the time pay my salary I promise you we'll get something on this It's gonna break and like well. We're not there yet And that's kind of and then those are a lot of things I've run into Documentation the one of the hardest things I've been is this this ecosystems primarily in rust I don't speak rust. I don't understand rust. It's very much over my head. I do go But I spent a lot of my time reading rust code and trying to port it over and the real way I've learned is I've taken a lot of rust code ported it to go We'll never go anywhere pun not intended But that's how I learn But then I had my co-workers. I also have to motivate if I want to get leadership on board Maybe I need like a cadre of co-workers behind me. How do I motivate them like team? There's this thing. It's coming It'll board. It'll be awesome But I can't really convince a lot of them to spend their free time learning it because you know family everyone has their reasons But like family other obligations. It's hard to get that by in I Have them All right, so what will we be talking about today? We're gonna be talking about all these things in the terms of like what they mean to me What do they what does zero trust mean? What is secure software to me? How does web assembly help and then we're gonna get into wasm cloud Which is really how I cut my teeth on web assembly how I learned it So I use it and quite frankly the experience has been Really great with some you know bumps along the way, but they have a team behind them that helps Bar nine hands down anytime of day and they've been pretty amazing. They're all sitting over here if y'all want to meet them And then we're gonna wrap in tail scale and wire guard for fun really You'll see my stack here in a minute and you'll understand why and then can we do this with the role of application and Spoiler we can So again, what is secure software? This is secure software to me as it relates to the application. I'm gonna show you here in a minute So a lot of people talk about sandboxing today one of my favorite things about web assembly as You put code in the sandbox if it's not allowed outside the sandbox It doesn't go outside the sandbox and that's really powerful and we'll see a short demo of that in a minute Then can we distribute it? My first few god years in kubernetes Just trying to understand all the intricate parts of that because I came in in like 2018 kubernetes I wasn't early all the pieces all the moving parts. It was mind-blowing being an early being early to web assembly and early these frameworks has really allowed me the time to go slow and understand where they're coming, you know what they're doing and Specifically distributed framework in wasm cloud. I've had a lot of opportunity to really take the time to understand it That's not really secure software because I wrote it, but I wanted to put a dog on there All right, so then for my requirement a piece of secure software needs to be needs to have access Authentication and authorization. We're gonna really lean on gnats and tell scale for that and Then obviously at the high level we're gonna wrap it with TLS But what you're gonna what you're gonna witness in this is what I'm gonna write is About 20 lines, you know 20 lines of code plus the front end the front end doesn't count But it's it's not much because I'm really gonna lean on these pioneers in the space to to empower me All right, so these are the textbook definitions of zero trust and what it means I read them all I distilled it to what I could and Assented and I was sitting in our the wasm cloud slack channel one day when one of my co-worker Z Said this and I finally realized yeah, that's what I agree and zero trust is not about mistrust it's actually about segmenting trust and That really opened my eyes and provided me with like I see a pathway I now see how WebAssembly wasm cloud and these other pieces will really Tie this together. It's not that I don't trust any one of them or don't trust this. It's that Security is an onion you have to wrap the onion as many layers as you can Semaining trust is a way to wrap that onion all right so this is straight from WebAssembly's website, so I don't need to read it to you but The the feature I'm really gonna lean on in this demonstration is the sandboxing We're gonna look at this piece of code so this piece of code has two parts My boss said you need to write the best hello world app in the world and I did I wrapped it in pink and then Someone came along the way and decided I'm going to Hijack your code. You're not gonna see it because you're working too hard it slips through the You know code review and we're gonna we're gonna hijack your application So over here we have the exact same as code segment running And I don't know why the gifts are so slow. I apologize But we're gonna run it straight and then we're gonna compile it to wazzy and run it with wasm time And you very much see that over there Not only did the Xfill server which is this bottom half the screen get the data, you know We can also see at the top Then you know the the request was successful over here. I'm actually not printing the error We still get our business logic of hello world But if I were to print that error what you would see is you're you know, you do not have access to you Do not have authorization to do that You know Perform this I should have printed up there. You can't do that Which is really powerful because essentially at this point. We're running a Segment of code that was hijacked, but it's stuck in the sandbox and can't get out So moving on to the next Lego block of wasm cloud Now I need to distribute my app. I want it portable Polyglot polyglot something we'll see in a minute. Kelsey brought it up earlier if everyone if we need 50 postgres drivers How annoying that being how how likely are we to bring in you know You know Attract all these people we're actually gonna see that in wasm cloud. It's written once it's gonna be read us not Postgres, but it's written once it's written in rust It works. I don't have to use it I'm gonna do everything else and go and we're just going to interact via the RPC with this You know reddest driver That's an entire actor. So that is what business logic looks like it takes in an HTTP request It does not care from what I can have an HTTP server written and go I can have it in zig I can have it written in rust it doesn't care it takes the request It performs your business logic, and then it puts it back on the RPC That's really powerful to me. I no longer have to worry about these you know Segments of code that I've spent hours of my life writing like how many times have I imported they should be server and go How many times have I Turn the knobs on that how many times have I brought in different? You know database drivers And it equates the hundreds a line of code that don't really matter to me when Ironically enough, I'm writing one H. You know API endpoint that has like seven codes seven lines of code And the whole project has 300 lines of code. It's just maddening so While well it was some club does all these pieces. We're really focused it on on those four so Sign modules so one of the awesome things I Love about this platform is Once you compile your web assembly module down right tiny go rust whatever you want to do go soon You have this web assembly module you can run in wasm time You cannot take that way saying web assembly module and run in wasm cloud and the reason being it only invokes Signed modules so right out of the box. I know that without proper access to a key set This module that I'm running can't actually run And what you're gonna see is actually two keys an account key that says hey This person or this organization they sign this so if you were to look at for example the wasm cloud repo they have a whole you know list of Supported actors supportive providers and you can Guarantee that that team wrote that and provide and publish them because that key is also published and you can compare them And then we have a module key Which says this module in a succession so version one version two version three is the same module So they can't for example take this echo actor and Just slip a new vert you know a new You know new business like same echo actor, but it does it in a different way No, if you don't want to do that we check the module key. It's always that lineage of model and then Not only do we get this the power of the sandbox from wasm time or you know the wasm runtime We also get with a second layer of of capability control security in Wasm cloud because what they're gonna say is when you're signing it you sign it with the contract That it's allowed to do so for example here this actor can Take requests and that's it. It cannot use that same connection to you know Require you know Instigator requests from itself, so it can't reach out to the internet for a note on its own It can only do a single receive requests, so Now we're gonna see it in action. What you have is Can you see my mouse? Yeah These are the exact same actor, but you'll note that this side has this HTTP server piece here That's me telling the The platform that hey this this actor it's allowed to talk over the RPC bus and receive HTTP calls Over here. You'll see a 500 error on The exact same set of code the only difference is when we signed it signed it with the same keys signed it with the same Actor and module key, but we forgot to give it a capability and If we were I think I actually have it There you go if we were to actually look at the error you can see Invocation fails simply because we haven't signed it with the right claim Again adding to that layer, you know that layer of security. That's pretty powerful Then we get to another layer of security policies This is also very powerful because Policies are nothing more than a wasm cloud actor itself. It's still signed. It still has the same invocations But we can say If we look at my the example here, we're gonna say in our cluster only official wasm cloud as Dictated by their public key is allowed to run here. So again over here. We have the exact same actor running twice On the bottom. I freshly compiled it and on the top. I'm using the one out of the OCI registry Same code same everything We get denied by policy again Very powerful because we're not learning a new technology. I'm not bringing in like OPA or anything. I'm I'm staying within Actor small understandable units of code and then lastly The last security feature I'm gonna talk about our invocation. So when one actor talks to a provider a provider to an actor They speak over an RPC bus like this for example what I've done is we have the echo I invoke the echo and these three messages Whatever go over the RPC the request the response and number two is The runtime saying hey, we logged this your invocation was successful because You know we checked to ensure that the signatures are correct We checked to make sure that you know the hashes inside the claims are correct. Everything's happy And if we actually blew up The jot that's inside of that invocation You know we get we get this and this is a go representation of the rust code that does the verification Which you can see? We take the origin we take the target we take the operation which in this example is handling HGP server handle request We hash it we hex it and then we stick it back in there And then when it gets to the other side not only does it check to make sure that it's coming from a valid source It actually checks to make sure that the payload has not been Edited along the way so our onions just getting more and more layers of security And now we're at the point with can we do something real with this? And this is kind of where the demo is not that impressive, but it almost took me six seven months to figure it all out Because it's all new. I you know you learn how Actors are invoked you under you understand how web assembly modules run in the runtime Man, oh, yeah, there's Jim And a quick note on telescope. You know what it is. It's a it's an open-source VPN built on wire guard essentially They have a really robust feature set one of them is this TS net What TS net let's us do is it actually allows us to Create a telnet node so a machine out of an HD a go HTTP server So what we're actually to see is I'm going to take a wasm cloud HD server provider, which has Been upgraded to a tell scale node, and we're actually going to run our application on our telnet In wasm cloud with no external well one external Redis, but no external resources That's not important Alright, so ultimately if you've never seen the wasm cloud dashboard. This is what we're gonna end up looking like We're gonna start an API gateway We're gonna start two providers one for Redis one for tails tail scale or so an HTTP server and From Joe's talk earlier, you'll notice these contracts in the middle These are not wazzy contracts because wazzy Is so new and the team will happily tell you that wazzy is coming to to wasm cloud soon But for now they are Extremely similar in their capabilities their contracts that that decide what capabilities These providers can do and then the actors at the same time will be signed with those capabilities Oh one thing I like to point out because I find it very interesting So this is a view application actually There we go That was a view application. The view application is actually compiled Built and then compiled into a rust act rust wasm Actor so Within our web assembly module. We're actually hosting an entire view application Which kind of blew my mind the first time I saw it So that when you see this, there's no there's no like separate HTTP server serving web pages somewhere We're going to hit our provider Providers gonna route all the traffic to the gateway the gateway has two endpoints for often and I'll see if it doesn't want either Those endpoints it's going to forward it to another wall web assembly Module that will then in turn serve web pages. I think that's kind of fascinating Okay Here this goes. I am cheating. I will be copying pasting these commands. I'm not brave enough to do it live Let's find them cool All right, so No tricks up my sleeve. I'm actually going to start wasm cloud right in front of you There is nothing running already Life demo Except that all right so at this point I have the host running if we were to look at the dashboard You'd see an empty dashboard We're going to start our two actors So our UI and our API gateway both web assembly modules And if you're interested in ever playing with this these all of these artifacts have been added to GitHub container registry for All right, and then we're going to start To providers so this will be the way we ingress via HTTP and access our red a server That is an actor. That was the wrong section And the last thing we're going to do is actors and providers. They talk over an RPC bus But it's not automatic. We can start these they're running. They're sitting there idle. What we're actually going to do is Provide a link To the on to the bus that says this actor and this provider are allowed to communicate All right, so now we're going to So this is what it looks like just like the picture from earlier We have two actors we have two providers and they're linked together and if we go This is the nerve-wracking part Very cool So now what I'm showing you is from my laptop. We're accessing my telnet, which is the Minotaur hammerhead Ui via wasm cloud, which is so cool because these web pages are in a web assembly module I'm accessing it over Tail scale. I know this kind of blew my mind when I did it. So that's part one but Just hosting our application, you know Isn't enough we need to be able to turn the knobs of things like reliability sustainability and scalability And I've got a fine minimize Sorry Which is the next thing we're gonna actually show so at this point we have an application that's running on my local machine That only I can access because I'm the only one With access to my telnet, but if we use a tool like Cosmonic, which is a Platform for wasm cloud. This is the same exact application running But The powerful thing is it's running on Three different hosts and I think two different clouds. So we have a gateway that's running in AWS We have a to-do app running in GCP. We have a tel scale also running in AWS And what's really cool is this Redis provider is still running on my laptop So There we go So what's mind-blowing about this is if you can see the URL to do that Minotaur hammerhead TS net all of you have Access to this right now. It is live. It's on the internet by way of Tel scales funnel capability. It's being hosted from a Redis server on my laptop a Ui in one cloud a gateway in another cloud It's all tying it together with the power of this RPC bus called, you know, the wasm clouds lattice And a few things that I want to point out on this page because they might go overlooked is You'll notice that I'm authenticated I'm authenticated because By way of traversing that telnet Tel scale knows who I am So within my gateway and my gateway says if Jordan from this telnet access Then he's clear to use the application and then the little green dot that can be completely ignored is Another piece of the gateway actor providing authorization So that's actually providing a JWT By way of Authentication of tail scale that gives me the power to actually interact with this app So you can know I can sit here and and do all the things now What's cool is Tell scale offers things like well I need my I need my shell back um tail scale offers Ackolist that says You don't even have to be in my telnet if I share this piece this node with you you can access it So I actually have a Let's see I Have a second tell scale account That I'm gonna switch over to And if everything goes right I'm not a front-end developer. So sometimes you have to hit refresh You'll see not only did I just switch authentication. It's gonna add a new picture if you hover over it. I've got a New user But this user even though that he's authenticated to the account to the application is not authorized So that green dot will never turn green and you'll note that means I can never actually interact with this app But I can access it And whatever logic I want to so Now we have in my opinion a secure distributed application that By power of cause you know wasm cloud and cosmetic should have no downtime and this is a real-world application I could let people sign up and interact with it and I have no overhead of users you all you know You you access it, you know, if you're connected to your telnet you have access to the to the application and then The last thing I want to say is With zero trust I found that doesn't actually exist. You've got to trust something right we trust in keys for which is Given to us by the folks over at Senadia by way of gnats. It's an add 255 19 way for doing things like Signing and and that that type of stuff Tail scale gives us access control list. We trust them. They're the experts. I don't need to roll custom roll access control list wasm time gives us module sandboxing and then wasm cloud gives us distributed You know way to ensure my invocations are from who I want them to and policy so I can lock it down if I feel like it and After a year of not knowing what WebAssembly was to now This has been a really amazing journey where actually most of you in this room has probably helped me at one point If you get slacked by either Captain America the Hulk, it's me But yeah amazing community The potential here is endless and I really see how we can build some amazingly secure and fun things with it That's all I really have Thank you Jordan, thank you very much. I'm questions for Jordan Hi, I'm Christoph. Thank you for the talk. I really think that the world needs another to-do application So I will post your link on Hacker news and all of a sudden millions of people will use your application To phrase the question differently. What about like performance application of like this distributed application? Yeah, so I will say I'm a happy hacker, but what I have found is in my testing I have actually run this exact application on Raspberry Pi's and then giving it access to the entire wasm cloud slack channel with like a few hundred people and I really and At my home over a 5g connection and I really haven't seen any latency or Problems with it and no one's complained. So I don't have any formal statistics or metrics on it, but my experience has been Even on like the worst possible network and device. I've given it. It's it's held its own so Yeah Thanks for the talk In hindsight, what would you like to have known one year ago when you started your journey with West Web assembly? That I need to understand rust No a Year ago, I think the the one thing I want to know is I never really jumped into a project where It's on me to run down Solutions right we have an amazing team Amazing people in this community But if you really want to understand like what wasm time is doing how wit works, you know We have documentations. It's not always complete. You have to go look at the code and kind of grok it yourself I've spent many many hours Trying to understand code segments and if I couldn't then porting it to a language. I did understand Only because that's how my mind learned it and now that we get thrown away because you don't you don't want my code and production other questions Jordan I think you kind of under sold some of the neatest things of your demo the go and rust code working together We're gonna have more of that later today in the component talk with Peter Hewlin and God Bedford from Fastly. I really appreciate you coming out today. Thank you so much for sharing your time with us Thank you for having me