Communication-Safe Web Programming in TypeScript with Routed Multiparty Session Types

TL;DR

This paper introduces STScript, a toolchain for generating communication-safe TypeScript APIs for web applications, supported by RouST, a new session type theory enabling multiparty routing and safety guarantees.

Contribution

It presents RouST, a novel session type theory for multiparty communication with routing, and STScript, a toolchain that generates safe, protocol-compliant TypeScript APIs for web development.

Findings

STScript effectively supports modern web programming with real-world case studies.

RouST guarantees communication safety in multiparty web interactions.

The generated APIs integrate seamlessly with Node.js and React.js frameworks.

Abstract

Modern web programming involves coordinating interactions between browser clients and a server. Typically, the interactions in web-based distributed systems are informally described, making it hard to ensure correctness, especially communication safety, i.e. all endpoints progress without type errors or deadlocks, conforming to a specified protocol. We present STScript, a toolchain that generates TypeScript APIs for communication-safe web development over WebSockets, and RouST, a new session type theory that supports multiparty communications with routing mechanisms. STScript provides developers with TypeScript APIs generated from a communication protocol specification based on RouST. The generated APIs build upon TypeScript concurrency practices, complement the event-driven style of programming in full-stack web development, and are compatible with the Node.js runtime for server-side endpoints and the React.js framework for browser-side endpoints. RouST can express multiparty interactions routed via an intermediate participant. It supports peer-to-peer communication between browser-side endpoints by routing communication via the server in a way that avoids excessive serialisation. RouST guarantees communication safety for endpoint web applications written using STScript APIs. We evaluate the expressiveness of STScript for modern web programming using several production-ready case studies deployed as web applications.