Skip to content

feat(sdk): DSPX-1465 refactor TDF architecture with streaming support and segment-based writing #2785

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Oct 9, 2025
Merged

feat(sdk): DSPX-1465 refactor TDF architecture with streaming support and segment-based writing #2785

merged 12 commits into from
Oct 9, 2025

Conversation

@elizabethhealy
Copy link
Member

@elizabethhealy elizabethhealy commented Oct 3, 2025
edited
Loading

Proposed Changes

  • introduces an experimental package for streaming TDF creation
  • adds new packages for TDF writers, assertions, key splitting, and related functionality
  • allows for out-of-order segment writing and includes features like cryptographic assertions and attribute-based access controls

Checklist

  • I have added or updated unit tests
  • I have added or updated integration tests (if appropriate)
  • I have added or updated documentation

Testing Instructions

@github-actions github-actions bot added comp:sdk A software development kit, including library, for client applications and inter-service communicati size/xl labels Oct 3, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Oct 3, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 182.745759ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 99.93129ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 358.090569ms
Throughput 279.26 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 38.27324583s
Average Latency 380.953527ms
Throughput 130.64 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 26.400210892s
Average Latency 262.940313ms
Throughput 189.39 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Oct 3, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 186.840931ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 99.589808ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 355.412099ms
Throughput 281.36 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 38.492800814s
Average Latency 383.550533ms
Throughput 129.89 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 26.609236538s
Average Latency 265.02629ms
Throughput 187.90 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Oct 6, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 178.884339ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 107.413705ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 363.725323ms
Throughput 274.93 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 39.027357716s
Average Latency 388.227948ms
Throughput 128.12 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 27.335674037s
Average Latency 272.307852ms
Throughput 182.91 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Oct 6, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 176.422636ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 99.458341ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 358.531082ms
Throughput 278.92 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 38.580877373s
Average Latency 383.729086ms
Throughput 129.60 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 27.123366441s
Average Latency 270.409013ms
Throughput 184.34 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Oct 6, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 193.610011ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 99.493522ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 361.185275ms
Throughput 276.87 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 39.42662908s
Average Latency 391.159747ms
Throughput 126.82 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 27.559286568s
Average Latency 274.617734ms
Throughput 181.43 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Oct 6, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 176.820867ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 93.407562ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 354.053165ms
Throughput 282.44 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 38.630055345s
Average Latency 385.228611ms
Throughput 129.43 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 27.289780728s
Average Latency 272.055403ms
Throughput 183.22 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Oct 7, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 175.882675ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 93.182137ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 364.182549ms
Throughput 274.59 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 38.414147749s
Average Latency 382.188405ms
Throughput 130.16 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 27.082997987s
Average Latency 270.038084ms
Throughput 184.62 requests/second

@elizabethhealy
Copy link
Member Author

/gemini review

@elizabethhealy elizabethhealy changed the title feat(sdk): Dspx 1465 tdf for streaming feat(sdk): Dspx-1465 refactor TDF architecture with streaming support and segment-based writing Oct 7, 2025
gemini-code-assist[bot]
gemini-code-assist bot reviewed Oct 7, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces an experimental package for streaming TDF (Trusted Data Format) creation. The changes are extensive, adding new packages for TDF writers, assertions, key splitting, and related functionality. The implementation allows for out-of-order segment writing and includes features like cryptographic assertions and attribute-based access controls. The code is well-structured with good test coverage, including unit, integration, and security-focused tests. However, I've identified a few areas for improvement, particularly concerning correctness in cryptographic operations and manifest generation, as well as some opportunities for code simplification and consistency.

@elizabethhealy elizabethhealy marked this pull request as ready for review October 8, 2025 15:00
@elizabethhealy elizabethhealy requested review from a team as code owners October 8, 2025 15:00
@github-actions
Copy link
Contributor

github-actions bot commented Oct 8, 2025

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 175.881464ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 100.951216ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 368.469551ms
Throughput 271.39 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 39.805069551s
Average Latency 395.834295ms
Throughput 125.61 requests/second

NANOTDF Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 27.518137279s
Average Latency 274.466273ms
Throughput 181.70 requests/second

@elizabethhealy elizabethhealy changed the title feat(sdk): Dspx-1465 refactor TDF architecture with streaming support and segment-based writing feat(sdk): DSPX-1465 refactor TDF architecture with streaming support and segment-based writing Oct 8, 2025
@elizabethhealy elizabethhealy added this pull request to the merge queue Oct 9, 2025
Merged via the queue into main with commit ea9b278 Oct 9, 2025
52 of 54 checks passed
@elizabethhealy elizabethhealy deleted the dspx-1465-tdf-for-streaming branch October 9, 2025 21:42
@opentdf-automation opentdf-automation bot mentioned this pull request Oct 9, 2025
Merged
github-merge-queue bot pushed a commit that referenced this pull request Oct 10, 2025
@opentdf-automation
chore(main): release sdk 0.9.0 (#2766)
8058b82 
🤖 I have created a release *beep* *boop*
---


##
[0.9.0](sdk/v0.8.0...sdk/v0.9.0)
(2025-10-09)


### Features

* **sdk:** DSPX-1465 refactor TDF architecture with streaming support
and segment-based writing
([#2785](#2785))
([ea9b278](ea9b278))
* **sdk:** Experimental zipstream lib, add segment-based streaming ZIP
writer, ZIP64 modes
([#2782](#2782))
([b381179](b381179))
* **sdk:** sdk should optionally take in a logger
([#2754](#2754))
([f40d05f](f40d05f))


### Bug Fixes

* **core:** deprecate policy WithValue selector not utilized by RPC
([#2794](#2794))
([c573595](c573595))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@imdominicreed imdominicreed imdominicreed approved these changes

@strantalis strantalis strantalis approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

comp:sdk A software development kit, including library, for client applications and inter-service communicati size/xl

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@elizabethhealy @imdominicreed @strantalis