search

Synk Workspace Architecture

This page aims to provide you a better understanding of Synk Workspace, from an architectural standpoint, as well as for some technical details implementation.

hashtag
High level view

Using this schematic, you can understand all the systems components, which may interact with internal or external systems.Let's deep dive with the first system, the Wallet provider with a practical scenario and a detailed technical explanation.

hashtag
Wallet Provider

As you may ask, how do we guarantee that an user can instanciate and use only it's own workspace. We achieve that by leveraging Oauth2 on top of Wallet providers. It means we are able to generate JWT Tokens (fully on your browser), signed by your wallet, which are then forwarded to the dApp and Apps Instances.For that, we rely on login.xyzarrow-up-right (the official ETH login provider) to ensure that you are the user. The signature mechanism returns a JWT (Json Web Token) which obfuscate your user unique identifier (you wallet address) to a specific hash, ensuring anonymity and non repudiation to your future workloads in case of a breach.

hashtag
System Frontend

We are building the dApp by keeping one simple thing in mind, it must run anywhere, and client-side only. Following this guideline will enable us to make the platform even more sustainable over time, by deploying it on as many web3 CDN-based technologies as possible.

hashtag
System Backend

As for the backend of Synk Workspace, our guideline is to follow web3 as much as possible to benefit from the technological added value of the ecosystem. With that in mind, we are making it versatile, and compatible with multiple web2 and web3 cloud providers. We will leverage some providers to have privacy layer for app orchestration as well as confidential computing to ensure safety on remote nodes.

hashtag
System Backend - Nodes

The minimal requirement for a node is at least to run on a trusted infrastructure provider or on privates nodes. In both cases, the nodes MUST support Secure Enclave Technology meaning Applications are running in enclaves encrypted using user wallet.To get access to the most advanced and privacy focused nodes, we will make partnerships with different actors and develop smart contracts for orchestration obfuscation.

hashtag
System backend - Application

Applications embedded in Synk Workspace relies on OCI (Open Container Initiative, a fancy acronym to say Docker containers). In addition to the application packaged and hardened according to the state of the art, and a bit of tuning to improve the UX, we are also bringing on board a video server streaming software which forward a stream to the dApp.

hashtag
System backend - Video Feed

The streaming service is a bidirectionnal feed between you and the instanciated application. It provides you a video of the application in real time, and you interact with it via your keyboard, mouse or touchscreen as you would in a real-world device.

hashtag
System backend - Network

When using SYNK, each client creates a container to run their chosen application. All containers for a given client operate within the same namespace but are isolated from one another using strict, hardened firewall rules. This setup enhances both network security and efficiency by preventing unauthorized communication between containers while optimizing interactions.

PreviousUser LogsNextStaking Application Access

Last updated