Internet DRAFT - draft-toomim-braid
Internet-Draft M. Toomim
Expires: Jan 8, 2020 Invisible College
Intended status: Proposed Standard R. Walker
Invisible College
July 8, 2019
The Braid Protocol: Synchronization for HTTP
Braid is a proposal for a new version of HTTP that transforms it from
a state *transfer* protocol into a state *synchronization* protocol.
Braid puts the power of Operational Transform and CRDTs onto the web,
improving network performance and robustness, and enabling
peer-to-peer web applications.
At the same time, Braid creates an open standard for the dynamic
internal state of websites. Programmers can access state uniformly,
whether local or on another website. This creates a separation of UI
from State, and allows any user to edit or choose their own UI for any
website's state.
We have a working prototype of the Braid, and have deployed it with
production websites. This memo describes the protocol, how it
differs from prior versions of HTTP, and a plan to deploy it in a
backwards-compatible way, where web developers can opt into the new
synchronization features without breaking the rest of the web.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts. The
list of current Internet-Drafts is at
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
The list of Internet-Draft Shadow Directories can be accessed at
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Synchronization . . . . . . . . . . . . . . . . . . . . . . . . 7
3. Deployment and Upgrade Plan . . . . . . . . . . . . . . . . . 10
4. Proposed Changes to HTTP. . . . . . . . . . . . . . . . . . . 11
4.1. Linked JSON . . . . . . . . . . . . . . . . . . . . . . . 12
4.2. Generalized request/response . . . . . . . . . . . . . . . 13
4.3. Subscriptions . . . . . . . . . . . . . . . . . . . . . . 14
4.4. Versioning . . . . . . . . . . . . . . . . . . . . . . . . 15
4.4.1. Versions . . . . . . . . . . . . . . . . . . . . . . . . 16
4.4.2. Patches . . . . . . . . . . . . . . . . . . . . . . . . 17
4.4.3. Merge Types . . . . . . . . . . . . . . . . . . . . . . . 18
4.4.4. Acknowledgements . . . . . . . . . . . . . . . . . . . . 19
5. Network Messages . . . . . . . . . . . . . . . . . . . . . . 20
6. Security Considerations . . . . . . . . . . . . . . . . . . . 23
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
8. Copyright Notice . . . . . . . . . . . . . . . . . . . . . . 23
9. Author's Address . . . . . . . . . . . . . . . . . . . . . . 23
1. Introduction
HTTP was initially designed to transfer static pages. If a page
changes, it is the client's responsibility to issue another GET
request. This made sense when pages were static and written by hand.
However, today's websites are dynamic, generated from databases, and
continuously mutate as their state changes. Now we need state
*synchronization*, not just state *transfer*.
Unfortunately, there is no standard way to synchronize. Instead,
programmers write non-standard code; wiring together custom protocols
over WebSockets and long-polling XMLHTTPrequests with stacks of
Javascript frameworks. The task of connecting a UI with data is one
that every dynamic website has to do, but there is no standard way to
do it.
======= HTTP Websites ======= ====== Braid Websites ======
Today's websites are Braid generalizes HTTP and
generated from multiple REST into a uniform standard
layers of state across that synchronizes state
multiple computers. Each within and between dynamic
layer has a different API. websites.
x Non-standard state API o Standard state API
/ \
: o o o o : Webpage DOM o o o o State
: \| \| : \| \|
: x x : HTML Templates o o State
: /| /| : /| /|
: x x x x : JS Models o o o o State
\ | | | | / | | | |
| | | | | | | |
o o o o - http:// - o o o o - braid:// -
/ | | | | \ | | | |
: x x x x : Views o o o o State
: | \| | : | \| |
: x x x : Controllers o o o State
: \ / \| : \ / \|
: x x : Models o o State
: \ / : \ /
\.... x ../ Database o State
Today's programmers have to On the braid, each piece of
learn each API, and wire them state (o) has a URL; whether
together, making sure that public, or internal to a
changes to shared state client or server. Any state
synchronize across all can be a function of other
layers and computers. state, and dynamically
recomputes when its
dependencies change. Braid
guarantees the network will
As the web becomes more dynamic and data-driven, the complexity of the
non-standard Javascript stack grows, and an increasing amount of data
is inaccessible to the open web. The result is a web which is open on
the surface, but closed internally: websites can link to each other's
*pages*, but cannot easily share each other's internal *state*.
We can solve this by generalizing HTTP into a *synchronization*
protocol, which replaces the complex Javascript stack, while providing
new features, and making website internal state accessible anywhere
desired, and realtime synchronized by default.
We have a working prototype of the Braid protocol, and have deployed
it with production websites. The prototype is implemented as a
polyfill library, which adds Braid features to existing browsers and
This document describes the new protocol, how it differs from prior
versions of HTTP, and a plan to deploy it in a backwards-compatible
way, where web developers can opt into the new synchronization
features without breaking the rest of the web.
2. Synchronization
Braid incorporates the abilities of Operational Transform and CRDTs.
These are approaches to solving *synchronization*.
Synchronization is a problem that occurs whenever two or more
computers or threads access the same state. Synchronization code is
tricky to write, and can result in clobbers, corruptions, or race
This is a challenging problem, which has seen a number of partial
attempts in HTTP, such as e-tags, cache control, PATCH, JSON-diff, and
Luckily, a set of maturing synchronization technologies (such as
Operational Transform and CRDTs) can now automate and encapsulate
synchronization within a library. They can synchronize arbitrary JSON
data structures across an arbitrary set of computers that make
arbitrary mutations, and consistently merge their edits into a valid
result, without a central server, in the face of arbitrary network
delays and dropouts. In other words, it is now possible to interact
with state stored anywhere on a network as if it is a local variable,
and program as if it is already downloaded and always up-to-date.
Unfortunately, each synchronizer implements a different protocol, with
a different set of features and tradeoffs. Braid proposes a common
language for synchronizers, so that they can interoperate, and
implements it as an extension to HTTP.
This lets multiple synchronizers interoperate, if they agree on a way
to consistently resolve ambiguities -- a *merge type*. We have run
tests that succesfully interoperate a CRDT and OT system over the
common Braid protocol.
When applying synchronization to the web, we see the power of
synchronization manifest in these concrete ways:
- Caches update automatically and instantly, because servers promise
to push changes to their subscribers. This obsoletes the
`cache-control` and `refresh` headers, and the `max-age`
heuristic. Users never need to force-clear their cache.
- Updates go over the network as diffs, which can be much smaller
than the resources they modify, significantly reducing network
- Web apps get an offline mode for free. Edits from multiple
clients merge automatically once they come online. Network
failures recover transparently.
- *Reload* buttons in browsers become unnecessary, and can be
removed for braid sites. Browsers automatically discover and
display the most recent version on their own.
- Web apps require roughly 70% less code to build (in our
experiments), because programmers do not need web frameworks or
custom logic to wire together a stack of server-state and
client-state. This work is automated by the protocol.
- Every <textarea> can become a collaborative editor (like Google
Docs) for free.
- Servers become optional. Many apps can function without a server,
because peers can synchronize with one another directly over the
- In standardizing synchronization, we implicitly create a standard
for state. This allows state to be shared between different sites
without the need for an extra API.
- Standardizing the representation of *state* allows us to separate
the representation of UI and state. Most HTTP websites *inject*
the state that they receive into templates representing UI
components. Braid sites can instead understand UI components as
lenses through which to view state. This improves the semantics
of UI rendering, allows state to be inspected by clients directly,
and makes it easier to build multiple alternative UIs for a single
Standardized state and synchronization allows the topology of content
on the web to be less centralized.
Closed Networks
- - - - Before the web, people used
/ \ / \ closed networks like America
| x x | | x x | Online. Content was
| | | | encapsulated behind
\ x / \ x / proprietary protocols.
- - - -
Aol Compuserve
HTTP Websites
- o--------------o - The web lets any site define
/ o--------o \ *pages* at URLs. A site can
| x x o------o x x | *link* to another site's pages,
| o------o o adding value to both sites.
\ x o o x /
- o--------------o -
Facebook NY Times
Braid Websites
o--o _---------o o The braid lets any site define
|/ o'-------o | | *states* at URLs. A state can
o---o---o---------o---o--o---o be a *function* of other states.
/ \ / \ o------o \ \ When a state changes, the others
o o---o \__. o o o automatically synchronize with it,
o--o `-----o--o like a spreadsheet.
My Stuff Your Stuff
3. Deployment and Upgrade Plan
Braid makes fundamental changes to HTTP and REST, which creates an
opportunity to unify a number of disparate features (SSE, E-tags,
Cache-control, PATCH, JSON-Diff) within a simple integrated design.
Rather than shoe-horn these changes into the existing HTTP semantics,
we propose a new simpler layer, with a backwards-compatible mapping to
HTTP's existing semantics. This allows existing applications to
interoperate, but new applications can opt-in to a simpler web API
that provides more synchronization features.
We can deploy these semantics in two phases:
1. The first phase requires no changes to existing web browsers,
making it easy for users to experiment with the protocol's
semantics in existing websites.
In this phase, browsers fetch the initial HTML page over the
existing HTTP protocol, which includes Javascript code that
initiates a WebSocket connection that runs the Braid protocol.
This WebSocket version of the Braid protocol provides the full
synchronization functionality, but is less performant --
requiring an extra round-trip to initiate.
2. If and when the WebSocket protocol stabilizes and achieves
real-world adoption, we can add the Braid semantics into HTTP
itself, in a new layer via an HTTP Upgrade header [RFC 2616,
section 14.42].
Both versions of the protocol can maintain backwards-compatibility
with existing HTTP clients and servers. Any client accessing a Braid
server via HTTP 1, 2, or 3 will be able to GET, PUT, and POST Braid
state, but without full synchronization capabilities. Likewise, Braid
clients can access state on HTTP servers, but will have to poll the
server for updates.
4. Proposed Changes to HTTP
Braid is composed of a set of opt-in changes that any browser or
server can implement.
First, whereas HTTP is explicitly client/server, Braid is capable of
running peer-to-peer. To do this, it generalizes the explicit
request/response pattern of HTTP into a set of common messages, opened
over a persistent two-way connection.
Additionally, Braid specifies a new content-type for a resource:
Linked JSON. This provides a standard format for dynamic state, akin
to how HTML specifies a standard for the presented content of a
This section first describes Linked JSON, and then the changes to HTTP
networking methods, and finally the versioning features that ensure a
peer-to-peer network of edits converge to the same version.
4.1. Linked JSON
Whereas HTML defines a common format for the presented content of web
pages, braid defines a common format for their internal data, or
state: Linked JSON. This extends standard JSON with two additional
- A *link*, which lets one piece of JSON, at one URL, to link to
another piece of JSON at another URL
- A *binary blob*, which lets one encode a binary file (such as an
image) as a value.
We encode links within JSON like:
"foo": 3,
"bar": 5,
"something else": {"link": "braid://"}
Any object with a field named "link" is special, and interpreted as a
link. To encode an actual field named link, you prefix it with an
underscore, like:
{"_link": "this is not a link"}
To encode an underscore, you use two underscores, like "__", and so
Links allow programmers to combine data across multiple services, even
on multiple websites, and to represent non-tree data as JSON, such as
circular graphs and relational tables. Foreign keys can be specified
as links to other queries. Cycles can be specified as a link back to
the root of an object.
Binary data is encoded similarly, as:
{"binary": "<base64-encoded string>", "content-type": "<type>"}
The content-type is optional.
4.2. Generalized request/response
In HTTP, a client sends a *request* to the server, and that request is
met with a *response*. By contrast, a Braid connection is two-way, so
messages can be initiated by either party. Rather than giving a
response to a message, a Braid server sends a separate message that
acts as the response. It turns out that a GET response message has
the same effect on a peer as a SET request message-- both set the
state on the recipient.
| HTTP | Braid | Meaning |
| ------------ | ----------- | ----------------------------- |
| Get Request | Get message | "I want this" |
| Get Response | Set message | "This is the current version" |
| Put Request | Set message | "This is the current version" |
| Put Response | Ack message | "I accept this version" |
In the Braid model, whenever a client requests some state, it also
subscribes to new versions of that state. This requires only minor
changes to the semantics of HTTP.
In the Braid protocol, a GET message not only returns the current
value of state, but also *subscribes* to future updates. The
subscription continues until the client sends a FORGET. Finally,
Braid unifies the PUT, POST, and PATCH methods in to a single
SET method, which is able to both create state and change state.
| HTTP method | Braid method | What's new |
| -------------- | ------------ | --------------------------------- |
| Get | Get | Also subscribes to future updates |
| - n/a - | Forget | Ends a "Get" subscription |
| Put/Post/Patch | Set | Also updates all subscribers |
| Delete | Delete | Also updates all subscribers |
The traditional distinction between PUT and POST is that PUT requests
are idempotent, allowing them to be cached and retried, whereas POST
is often not. However, the Braid protocol allows idempotence to be
distinguished by re-using a version on Set -- if two messages set a
state to the same version, they are idempotent, and equivalent to a
In their simplest forms, these messages are otherwise semantically
identical to their corresponding HTTP methods. When robust
synchronization is required, these messages will include optional
*versioning* features.
4.4. Versioning
Even though there are many synchronizers, it is possible for them to
communicate in a common language. Different synchronizers use
different data structures internally, and have different network
messages-- however, the *information* they send can all be represented
with a common set of objects:
- VERSIONS define points in time, irrespective of space
- LOCATIONS define points of space, irrespective of time
- PATCHES replace regions of space, across spans of time
These three objects are enough to represent any type of change to a
JSON data structure. We have verified this experimentally, by
implementing a translation algorithm that converts the network
messages of ShareDB (an Operational Transform synchronizer) and
Automerge (a CRDT synchronizer) into these objects, and back again,
and verifying that the synchronizers still work in fuzz testing.
However, synchronizers also differ in how they resolve conflicting
changes to the same region of state. We can generalize the behavior
of these resolvers by defining *merge types*:
- MERGE TYPES define how edits to the same location resolve
If a synchronizer expresses state changes using versions, locations,
and patches, and specifies its merge types, then it can synchronize
with any other braid synchronizer implementing the same merge types,
no matter their internal implementation.
Finally, synchronizers also broadcast *acknowledgements* of the
versions they have received, in order to tell their peers that they
have moved forward in time, and will no longer refer to old history
when sending patches. This allows their peers to prune their history
logs, and free up unused memory:
- ACKNOWLEDGEMENTS of versions allow peers to prune historical memory
The rest of this section explains how these concepts work together.
Time on a network is ambiguous as a result of latency. If multiple
peers edit the same state at the same time, we cannot say that one
happened before the other, and time forks. When they communicate
their changes over the network, they merge their edits, and time
(O) All peers are aware of version (O).
/ \
/ \
(A) (B) Two peers make simultaneous edits creating versions (A)
\ / and (B) respectively, and time forks.
\ /
(M) Once a peer sees both of the edits, time merges again.
Until a peer makes an edit with (A) and (B) as parents,
the merge is only implicit-- there is no need for to
assign an ID to it.
Thus the shape of time is not a line but a Directed Acyclic Graph-- a
DAG. Every change to state creates a new version. This version has
*parents*: all recent (leaf) versions that the client had seen when it
made its edit. The edit becomes the *child* of its parents. We can
say that one version came before another only if the first version is
an *ancestor* of the second.
Every version is identified by a unique ID. There is no requirement
on the format of the ID, only that it be a unique string.
When a peer makes an edit, it broadcasts the edit's version ID, its
parents version IDs, and a patch from its parents state to its state.
4.4.2. Patches
When a peer changes some state, it encodes that change as a patch. A
SET message includes 'patches' as an array of patches. All patches
are *replace* operations, that replace one region of space with a new
value. The region being replaced is specified as a start and end
index of the previous state, which is computed by merging all the
parents of the version using its merge type.
Insertions are implemented as replacing a zero-length region with a
non-zero-length region, and deletes replace a non-zero length region
with a zero-length one.
Here are some example patches targeting object 'obj'
(ie, {set: 'obj', patches: [...]} )
.foo[0].bar = null # Replace[0].bar with null
[3:3] = "asdf" # Insert the string 'asdf' at index 3 of
string obj. Illegal if array.
[3] = "a" # Set char 3 of string obj to 'a'
or element 3 of array obj to 'a'
[3] = "asdf" # Illegal if string.
If array, set obj[3] to 'asdf'
[3:4] = [1, 3, 5] # Splice [1,3,5] into array obj, replacing
element 3. Illegal if string.
[4:4] = [{msg: "hi"}] # Insert an object at the end of array obj
[3:10] = "" # Delete characters 3-10 in string obj
= false # Set the entire object obj to false
.foo[0].bar = undefined # Delete[0].bar
4.4.3. Merge Types
Different applications want to resolve conflicts in different ways.
For instance, strings in a collaborative text editor will want to
merge clobbering edits by inserting everything typed, and deleting
everything deleted, and breaking ordering ties arbitrarily; but if two
debits to a bank account balance occur in parallel, we will want to
merge the debits by adding the differences together.
A "merge type" specifies how any two edits made in parallel are merged
together. If two synchronizers implement the same merge type for some
state, they will converge to a consistent result after arbitrary
merges. Merge types are specified by unique strings, such as
"sync9-string" or "sharedb-rich-text".
LWW(vid) # Last-write-wins, sorted by version ID
text(vid) # Merges text edits like Google Docs
counter # Merges additions and subtractions by summing
All peers synchronizing with a piece of state will need to implement
the same merge types. We envision a handful of merge types will
likely cover most situations on the web. Each field in a JSON object
can merge using a different merge type. One way to specify merge
types of JSON objects is with a schema:
id: <string> : LWW(vid)
body: <string> : text(vid)
authors: <array> : text(vid) [
author_id: <string> : LWW(vid)
likes: <int> : counter
However, we have not yet implemented configurable merge types in our
prototype, or settled on a way to communicate them in the protocol.
Thus, we do not specify merge types in the network examples given
4.4.4. Acknowledgements
In order merge two versions, a synchronizer generally needs enough
history to trace a path of time back from both versions through a
common "fork point." Thus, in order to synchronize perfectly, peers
need to store historical versions in time back to any fork point from
which they expect another peer to send an edit.
To allow other peers to prune history, any peer thus needs to inform
them that it no longer intends to base edits onto versions from the
past. A general way to do this is for peers to agree to always make
edits to the most recent versions they have. Then, a peer will be
able to prune old history as long as it knows which versions of
history all other peers have seen. Once all peers have seen a more
recent version, a peer can know that they will not base an edit on one
of its ancestors.
In the Braid protocol, peers can communicate which versions they have
seen using ACK messages. Each ACK specifies the URL and version of
the state that the peer has seen. When a peer sends an ACK, it means
"everyone who I have sent this version to has also acknowledged its
receipt." Then, once the original sender has received all
acknowledgements from all peers, it sends out a final "ack-complete"
message, which communicates "everyone in the entire network has
acknowledged receipt of this version." This is enough information for
any peer to then know that no peer will be sending an edit based on a
prior ancestor.
However, this spec does not yet handle the case where a peer goes on
and offline in a peer-to-peer network. We are currently working on
implementing a solution to this and will update this draft when the
spec has been finished and tested.
5. Network Messages
We present some examples of the Braid protocol, from the perspective
of a client communicating with a server.
Basic session with no versioning:
Send: {get: "text"} [1]
Recv: {set: "text", val: "Hello"} [2]
Send: {set: "text", val: "Hello, World!"} [3]
Send: {forget: "text"} [4]
[1]: The client requests the most recent version of "text"
[2]: The server sends the client the value of "text"
[3]: The client changes the value to "Hello, World!"
[4]: The client unsubscribes from edits to "text"
Basic session with versioning:
Send: {get: "text"} [1]
Recv: {set: "text", val: "Hello", version: "v1"} [2]
Send: {set: "text", version: "v2", [3]
patches: ['[5:5] = ", World!"'],
parents: ["v1"]}
Send: {forget: "text"} [4]
[1]: The client requests the most recent version of "text"
[2]: The server sends the client the value of "text"
[3]: The client adds ", World!" on to the end of "text"
[4]: The client unsubscribes from edits to "text"
JSON locations and more complex versioning:
Send: {get: "user/fred", parents: ['62347']} [1]
Recv: {set: "user/fred", [2]
patches: ['.name[0] = "F"'],
version: '2h38a',
parents: ['62347']}
Send: {ack: "user/fred", version: "2h38a"} [3]
Send: {set: "user/fred", [4]
patches: [".name[4:4] = \" Wilson\""],
version: "36x02",
parents: ["2h38a"]}
Recv: {ack: "user/fred", version: "36x02"} [5]
Send: {forget: "user/fred"} [6]
[1]: The client requests the current version of "/current_user",
as a patch based on version 62347, which it has in cache.
[2]: The server responds with a SET containing a patch.
[3]: The client acknowledges receipt of the new version.
This enables the server to prune its history of old versions.
[4]: The client updates the current user's name to "Fred Wilson".
[5]: The server acknowledges receipt of the new version.
This enables the client to prune its history.
[6]: The client is done with current_user, and unsubscribes.
GET semantics:
Send: {get: "val"} [1a]
Recv: {set: "val", val: ..., version: "vX"} [1b]
Send: {get: "val", version: "vX"} [2a]
Recv: {set: "val", version: "vX", val: ...} [2b]
Send: {get: "val", parents: ["vPA", "vPB"]} [3a]
Send: {get: "val", parents: ["vPA", "vPB"], [3b]
version: "vX", patches: ...}
Send: {get: "val", version: "vX", [4a]
parents: ["vPA", "vPB"]}
Send: {get: "val", version: "vX", [4b]
parents: ["vPA", "vPB"], patches: ...}
[1a]: The client requests the document "val".
[1b]: The server sends the client the most recent version, giving
the explicit value of the document as well as the ID of the
most recent version. The server also subscribes the client
to new updates.
[2a]: The client requests version "vX" of document "val".
[1b]: The server sends the client version "vX", giving the explicit
value of the document at version "vX" as well as the ID "vX".
The server does NOT subscribe the client to new updates.
[3a]: The client requests the document "val" as a patch based on
parent versions "vPA" and "vPB".
[3b]: The server sends the client the most recent version, giving
its value as a patch against the implicit merge of the given
parents "vPA" and "vPB", even if these are not the original
parents of version "vX". The server also subscribes the
client to new updates.
[4a]: The client requests version "vX" of document "val" as a patch
based on parent versions "vPA" and "vPB".
[3b]: The server sends the client version "vX", giving its value as
a patch against the implicit merge of the given parents "vPA"
and "vPB", even if these are not the original parents of
version "vX". The server does NOT subscribe the client to new
6. Security Considerations
Although this protocol enables and encourages web programmers to make
more internal available and shared, it has the same fundamental
security model as HTTP. State at any URL can have access control
controlling who can access it.
However, additional work will be needed to analyze the security
concerns of specific uses of the protocol.
7. IANA Considerations
This document has no actions for IANA.
8. Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
( in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of the
Trust Legal Provisions and are provided without warranty as described
in the Simplified BSD License.
9. Author's Address
Michael Toomim
Invisible College, Berkeley
2053 Berkeley Way
Berkeley, CA 94704
Rafie Walker
Invisible College, Berkeley
2053 Berkeley Way
Berkeley, CA 94704