Update to CCF Specification 1.0 #7
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes:
- Update copyright for Flow Foundation.
- Removed "Status: RC3"
- Added "Version: 1.0.0" and removed "Revision".
- Update "Scope" to highlight some scope-related items earlier:
- Some requirements are explicitly defined as optional.
- CCF-based formats or protocols MUST specify when optional
requirements are used.
- "Deterministic CCF Encoding Requirements" is optional so
individual formats and protocols MUST specify when to use it
(as previously stated deeper in this document).
This update corresponds to Cadence PR 3107: onflow/cadence#3107 This change does not affect CCF Codec because it was already implemented and deployed in the codec.
This update corresponds to Cadence PR 3131: onflow/cadence#3131 This change does not affect CCF Codec because it was already implemented and deployed in the codec.
This update corresponds to Cadence PR 2581: onflow/cadence#2581
6 tasks
This update corresponds to Cadence PR 2523 and subsequent changes to inclusiverange and inclusiverange-type: onflow/cadence#2523 This change does not affect CCF Codec because it was already implemented and deployed in CCF codec.
This update corresponds to Cadence PR 3139: onflow/cadence#3139 This change does not affect CCF Codec because it was already implemented and deployed in CCF codec.
This change does not affect CCF Codec because it was already implemented and deployed in CCF codec.
6 tasks
This change does not affect CCF Codec because it was already removed (deprecated) and deployed in CCF codec.
This was referenced Oct 24, 2024
turbolent
approved these changes
Nov 15, 2024
4 tasks
Minor updates to text that do not affect CCF codecs.
Removed list of CBOR codec implementations. Inspired by seeing a draft RFC that includes a list of implementations with a note to remove that list before publication (it was useful to keep during draft status).
It is outside the scope of CCF Specification to specify encoding of version numbers for CCF itself, CCF-based formats, or CCF-based protocols. For example, CCF-based formats and protocols are free to specify an encoding that uses SemVer, sequence-based versioning, other versioning, or no versioning. Each CCF message is a CBOR data item. Given this, some CCF-based formats or protocols may want to specify using CBOR Sequences (RFC 8742) to provide a version number in the first CBOR data item, followed by CBOR data item(s) encoded in CCF.
Update "Why CBOR" to be clearer and flow better.
Mention "CBOR is a binary data format..." in case reader never heard of it.
Replace "IETF RFC" with just "RFC" to be more concise.
Add this to "Interoperability and Reuse of CBOR Codecs" because this important aspect is often overlooked:
When evaluating and comparing codecs, benchmarks
and tests should include decoding malicious data.
These changes do not affect CCF codecs.
Update text for readability (grammar) and fix some typos. The only other change was updating a CDDL comment to replace the word "info" with "information". This change does not affect CCF codecs.
This commit makes it harder to miss the difference between SHOULD and MUST related to deterministic encoding. Added: "However, some CCF-based protocols may not require deterministic CCF encodings." Moved this to the start of new paragraph to make it harder to miss: "CCF-based protocols MUST specify when encoders are required to emit deterministic CCF encodings. For example:"
The word "must" was replaced with "MUST" in a sentence to make it more clear it is an absolute requirement.
|
Out of the last 10 commits, 9 were done in the past couple of days. However, github.com is incorrectly showing 5 of those were done months ago. Fortunately, clicking on the commit shows the correct date. These edits to the specs were done from a web browser (and I reboot linux regularly), so maybe this is a github.com website bug that is triggered depending on navigation used to reach the edit button for the updated document. |
While at it, also update "Scope" section to improve readability.
Changes were done at github.com/fxamacker/ccf_draft to reduce noise here during the weekend. For details (individual commits), see: - fxamacker/ccf_draft#103 - fxamacker/ccf_draft#104 NOTE: There were no changes to CDDL.
|
Commit 1d5dd35 here includes all changes from March 28-30, 2025 at https://github.com/fxamacker/ccf_draft. Changes were done at github.com/fxamacker/ccf_draft to reduce noise here during the weekend. For details (individual commits), see:
NOTE: There were no changes to CDDL. |
This commit clarifies text in all the examples. Also fixed some formatting for consistency.
|
Commit cf54d91 matches the latest updates from https://github.com/fxamacker/ccf_draft/blob/main/ccf_specs.md. NOTE: There were no changes to CDDL. |
fxamacker
commented
Mar 31, 2025
|
|
||
| - `composite-type.id` MUST be unique in `ccf-typedef-message` or `ccf-typedef-and-value-message`. | ||
|
|
||
| - `composite-type.cadence-type-id` MUST be unique in `ccf-typedef-message` or `ccf-typedef-and-value-message`. | ||
|
|
||
| - `field-name` MUST be unique in `composite-type`. | ||
| - `field-name` MUST be unique in `composite-type.fields`. |
There was a problem hiding this comment.
This is more explicit and doesn't affect existing CCF codec implementation.
|
|
||
| It is outside the scope of this document to specify individual CCF-based protocols (e.g., events). For example, CCF-based protocols MUST specify when encoders are required to emit CCF encodings that satisfy "Deterministic CCF Encoding Requirements." | ||
|
|
||
| This document does not specify how to encode version numbers of CCF itself or CCF-based protocols. CCF-based protocols can specify an encoding that uses CalVer, SemVer, sequence-based versioning, any other versioning, or no versioning. Some CCF-based protocols may want to use CBOR Sequences ([RFC 8742](https://www.rfc-editor.org/rfc/rfc8742.html)) to provide a version number in the first CBOR data item, followed by CBOR data item(s) representing CCF message(s). |
There was a problem hiding this comment.
Versioning is explicitly mentioned because people sometimes have strong preferences about versioning. Also, different CCF-based protocols can have very different priorities when choosing how to encode metadata like version numbers.
|
|
||
| ## Abstract | ||
|
|
||
| Cadence Compact Format (CCF) is a data format designed for compact, efficient, and deterministic encoding of [Cadence](https://github.com/onflow/cadence) external values. Cadence is a modern resource-oriented programming language used by [Flow](https://github.com/onflow/flow-go) blockchain. | ||
| Cadence Compact Format (CCF) is a binary data format designed for compact, efficient, and deterministic encoding of [Cadence](https://github.com/onflow/cadence) external values. Cadence is a modern resource-oriented programming language used by [Flow](https://github.com/onflow/flow-go) blockchain. |
There was a problem hiding this comment.
Added "binary" because some readers might not know CCF is a binary data format.
|
|
||
| - More compact encoding. Cadence type info is not repeatedly encoded unnecessarily in a message. E.g. for a homogeneous array of a Cadence composite type, each element will not have its Cadence composite type info encoded repeatedly. | ||
| - Cadence external values: CCF supports all Cadence built-in types and user-defined types (e.g., composite types). For extensibility, CCF reserves multiple ranges of CBOR tag numbers (unassigned by IANA) for future Cadence built-in data types. |
There was a problem hiding this comment.
This replaces two bullet points and clarifies extensibility (we use CBOR tags and reserve ranges of CBOR tag numbers for future Cadence built-in types).
|
|
||
| CBOR codecs are available in various programming languages. Examples include: | ||
| When evaluating or comparing codecs, benchmarks should include decoding malicious data. |
There was a problem hiding this comment.
Added this because it is important and often overlooked by teams evaluating codec implementations or data format designs.
| - `fxamacker/cbor` was designed with security in mind and passed multiple security assessments in 2022. A [nonconfidential security assessment](https://github.com/veraison/go-cose/blob/v1.0.0-rc.1/reports/NCC_Microsoft-go-cose-Report_2022-05-26_v1.0.pdf) produced by NCC Group for Microsoft Corporation includes parts of fxamacker/cbor. | ||
| - `fxamacker/cbor` is used in projects by Arm Ltd., Cisco, Dapper Labs, EdgeX Foundry, Fraunhofer‑AISEC, Linux Foundation, Microsoft, Mozilla, Tailscale, Teleport, [and others](https://github.com/fxamacker/cbor#who-uses-fxamackercbor). Notably, it was already [used by Cadence](https://github.com/onflow/cadence/blob/master/runtime/interpreter/encode.go) for internal value encoding. | ||
| - `fxamacker/cbor` is maintained by the author of this document. | ||
| Projects implementing a CCF codec should evaluate more than one CBOR codec for standards compliance, security, and other factors. |
There was a problem hiding this comment.
Removed list of specific CBOR codec implementations in various languages because it doesn't really belong in a data format specification (except maybe during early drafts).
|
👌 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR updates CCF Specs to version 1.0 and matches the deployed version of CCF Codec.
Primarily, this PR adds new Cadence types and other updates to match changes in Cadence:
FunctionType.Purityin CCF codec cadence#3107ReferenceType.Authorization) to CCF codec cadence#3139Other changes in this PR:
Note
Scope of specs hasn't changed because the added text only highlights what is stated deeper inside the document.