A seasoned Erlang and Elixir developer with over ten years of experience in the field. Author and maintainer of bookish-spork open source library. Previously served as the Chief Technology Officer at Bookmate. A proud father of two beautiful children. Speedcubing enthusiast.
Server-less has become mainstream, and all relevant cloud platforms offer corresponding runtime environments. Elixir or Erlang can only be used in a roundabout way or lose their charm because they require their own platform.
Starfish.team provides a payment processing platform called Hellgate. Our service can be complemented with extension points to map customer-specific use cases. We have provided server-less / function as a service as an ideal starting point for these extensions.
In this talk, we present an approach for executing customised extensions on the same runtime as our core system. This requires elementary security mechanisms, which we achieve by analysing the code of the functions. In contrast to conventional white listing approaches, we can execute much more specific code (in the sense of a DSL) and prevent malicious calls.