Skip to content

refactor: reduce NotebookSyncClient to pure relay — drop AutoCommit #600

New issue
New issue
Closed
#608
Closed
refactor: reduce NotebookSyncClient to pure relay — drop AutoCommit#600
#608
@rgbkrk

Description

@rgbkrk
rgbkrk
opened on Mar 8, 2026

The Tauri relay (NotebookSyncClient) still holds a full AutoCommit Automerge replica. With daemon-owned loading (#598) complete, the relay's doc is only needed for:

  1. get_doc_bytes() — frontend fetches full doc bytes to seed its WASM handle
  2. SyncUpdate metadata diffing — detects metadata changes to emit notebook:metadata_updated events

3. get_cells() in save_notebook_asremoved in PR #602
4. Cell population via initialize_notebook_syncremoved in PR #602

Remaining work

Reroute get_doc_bytes()

The frontend calls invoke("get_automerge_doc_bytes") at bootstrap to seed the WASM handle. Currently this reads from the relay's AutoCommit. Options:

  • Daemon request: Add a NotebookRequest::GetDocBytes that returns the daemon's canonical doc bytes. The relay forwards the response without parsing.
  • WASM export: Have the frontend WASM export its own bytes. But on first bootstrap, the WASM doc is empty — it needs bytes from somewhere.

Daemon request is the cleaner path.

Move metadata change detection to frontend

The relay's run_sync_task uses SyncUpdate.notebook_metadata to detect metadata changes and emit notebook:metadata_updated. The frontend WASM doc already has full metadata — when receive_sync_message applies changes, the frontend can diff and emit events locally.

Strip the relay

  • Remove doc: AutoCommit from NotebookSyncClient
  • Reduce SyncCommand enum — remove AddCell, DeleteCell, UpdateSource, AppendSource, ClearOutputs, AppendOutput, SetExecutionCount, GetCells, SetMetadata, GetMetadata, GetDocBytes
  • Keep: SendRequest, ReceiveFrontendSyncMessage, and lifecycle commands
  • Keep peer_state + frontend_peer_state — Automerge sync protocol still needs peer state tracking

runtimed-py is unaffected

The Python SDK uses connect_split (not connect_split_with_raw_sync) and legitimately operates as a full Automerge peer. The simplification is Tauri-path-specific.

Impact

Eliminates 8 correctness findings from the protocol audit (including 2 High severity):

  • sync_to_daemon() broadcast dropping
  • changed_rx.recv() Lagged/Closed handling
  • Triple-merge divergence risk
  • try_send silent drops on changes_tx
  • biased select starvation
  • Virtual sync handshake 10-iteration limit
  • raw_sync_tx send failures
  • receive_and_relay_sync_message wrong peer state

Size

L (but closer than originally scoped — cell population and get_cells() already removed)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions