Synchronization protocol
NodalMerge synchronization exchanges missing room history and converges by deterministic replay. This page focuses on synchronization flow. For message catalog details, seeprotocol/websocket-messages.
Sync goals
The synchronization protocol is designed to:- Converge peers with deterministic outcomes
- Minimize payload size for long-lived rooms
- Support reconnect and out-of-order delivery
- Degrade gracefully across mixed client capability sets
Session phases
A typical session runs through:- Handshake
- Difference computation
- Catch-up transfer
- Steady-state incremental replication
1) Handshake
Client starts withhello. Server validates session constraints and returns welcome.
Handshake responsibilities include:
- Peer identity extraction
- Optional room token validation when room is locked
- Subscription scope initialization
- Capability negotiation
- Initial sync hints (frontier / diff metadata)
2) Difference computation
Afterhello, server computes what each side is missing.
Conceptually:
only_in_clienttells server what client must uploadonly_in_servertells server what it should send to client
- Baseline known/frontier comparison
- IBF-assisted symmetric diff when negotiated
- MST-assisted refinement for deeper divergence
3) Catch-up transfer
Server sendswelcome first, then optional catch-up pack if needed.
Catch-up contains encoded missing nodes so client can import and replay to current server view.
Important behavior:
- Catch-up can be filtered by subscription scope
- Empty filtered catch-up is a valid outcome
- Catch-up may be skipped when there is no missing server history
4) Steady-state replication
After catch-up, protocol shifts to incremental replication.Client push
Client sendspack with newly produced nodes.
Server:
- Decodes and validates pack
- Applies accepted nodes
- Broadcasts accepted nodes to room peers
Server/peer push
Peers receive relayedpack messages representing accepted room history deltas.
Clients import, dedupe, and replay deterministically.
On-demand pull paths
When needed, clients can request specific missing segments:requestfor missing nodes from known setmst-requestandmst-donefor MST-guided sync completion
Subscription updates
Client can change sync scope at runtime viasubscribe.
Server acknowledges and applies updated filtering for relayed packs.
Scope filtering is a transport/materialization control, not a write-authority control.
Reconnect behavior
Reconnect is expected and normal. On reconnect, client repeats handshake and diff process:- Re-establish session and negotiated capabilities
- Recompute missing history
- Apply catch-up and resume steady-state deltas
Backpressure and safety controls
Synchronization includes explicit protection against unhealthy sessions. Typical controls include:- Per-peer ingress rate limits
- Lagging subscriber handling with controlled disconnect
- Explicit close/retry paths instead of silent divergence
Failure semantics
Protocol failures should be explicit and classifiable:- Invalid payload format -> reject/close
- Unauthorized/expired auth context -> reject/close
- Rate-limit or overload conditions -> controlled disconnect and resync path