Skip to content

Semantic Invariant Enforcement at the Store-Service Boundary [HIGH] #1631

Description

@HayimShaul

Description
Before committing any write, the store service should validate that the payload satisfies the structural and relational invariants of the target table: a TokenRequest payload must deserialize without error; a Transaction row must reference an existing Requests.tx_id; a TokenLock may only be created for a (tx_id, idx) that exists in Tokens and is not already held by a different consumer; a Wallet row's identity_hash must resolve to a registered identity. These checks prevent malformed, duplicate, or logically impossible records from corrupting vault state, audit trails, and balance calculations. Architects should be aware that exhaustive re-validation against large datasets (e.g., checking every existing token entry on each write) can impose significant latency penalties at scale. The recommended approach is to enforce cheap structural checks unconditionally, and to scope relational/cross-table checks to the minimum set of invariants whose violation would cause downstream correctness failures -- deferring expensive consistency sweeps to background reconciliation jobs rather than the hot write path.

*Short Summary
Table 1: Where Missing Checks Should Be Implemented

    | Validation Type | DB Schema | Application Layer | Recommendation |
    |----------------|-----------|-------------------|----------------|
    | **Unique IDs** | ✅ Implemented | N/A | **Keep in DB** - Primary keys are perfect for this |
    | **Referential Integrity** | ✅ Partial | N/A | **Add missing FKs in DB** - Cheap structural checks |
    | **Required Fields** | ✅ Implemented | N/A | **Keep in DB** - NOT NULL is efficient |
    | **Data Types** | ✅ Implemented | N/A | **Keep in DB** - Type system handles this |
    | **TokenRequest Deserialization** | ❌ Can't do | ✅ **Add here** | **Application Layer** - Requires protobuf parser |
    | **Signature Verification** | ❌ Can't do | ✅ **Add here** | **Application Layer** - Requires crypto library |
    | **Identity Validation** | ❌ Can't do | ✅ **Add here** | **Application Layer** - Requires X.509/key parsing |
    | **TokenLock Existence Check** | ✅ **Add FK** | ✅ **Add check** | **Both** - FK for structure, app for race conditions |
    | **Cross-Table Consistency** | ❌ Too complex | ✅ **Add here** | **Application Layer** - Requires aggregations |
    | **Business Logic** | ❌ Can't express | ✅ **Add here** | **Application Layer** - Requires custom rules |
    | **PP Hash Validation** | ✅ **Add FK** | ✅ **Add check** | **Both** - FK for reference, app for hash matching |

Metadata

Metadata

Assignees

Labels

Type

Fields

No fields configured for Task.

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions