Action Delivery

How actions are distributed and received across the federated Cloudillo network.

Outbound Actions

When a user creates an action, it’s distributed to relevant recipients:

Algorithm: Distribute Action

Input: action_token, action_type
Output: Result<()>

1. Determine recipients based on action_type:
   a. "POST" → All followers of the user
   b. "CMNT" / "REACT" → Owner of parent post
   c. "CONN" / "FLLW" → Target from action audience (aud claim)
   d. "MSG" → All conversation participants
   e. Other → No recipients (skip)

2. For each recipient instance:
   a. Construct URL: https://cl-o.{recipient_id_tag}/api/inbox
   b. POST action token as JSON: {"token": "..."}
   c. Continue on error (best-effort delivery)

3. Return success

Inbound Actions

Cloudillo provides two endpoints for receiving federated actions, optimized for different use cases.

Async Inbox (/api/inbox)

The standard endpoint for most federated actions:

HTTP Endpoint: POST /api/inbox

Handler Algorithm:
1. Extract action token from JSON payload
2. No authentication required (token is self-authenticating)
3. Create ActionVerifierTask with token
4. Schedule task in task scheduler (for async processing)
5. Return HTTP 202 (Accepted) immediately
   - Verification and processing happen asynchronously
   - Prevents network timeouts on slow verification

Sync Inbox (/api/inbox/sync)

A synchronous endpoint for actions requiring immediate confirmation:

HTTP Endpoint: POST /api/inbox/sync

Handler Algorithm:
1. Extract action token from JSON payload
2. No authentication required (token is self-authenticating)
3. Process action SYNCHRONOUSLY (not queued)
4. Verify signature, check permissions, store action
5. Return HTTP 200 (OK) with result, or error response

Use Cases:
- Identity registration tokens (IDP:REG)
- Actions where sender needs immediate confirmation
- Critical federation handshakes

When to use each endpoint:

  • /api/inbox: Default for most actions (POST, CMNT, REACT, MSG, etc.)
  • /api/inbox/sync: Only for critical operations requiring immediate feedback

Delivery Guarantees

Persistent Delivery with Retry

  • Delivery tasks are persisted to survive server restarts
  • Automatic retry with exponential backoff
  • Comprehensive failure handling

Retry Policy

Cloudillo uses exponential backoff for delivery retries:

RetryPolicy Configuration:
  initial_wait:  10 seconds    # First retry delay
  max_wait:      12 hours      # Maximum delay between retries
  backoff_step:  50 seconds    # Backoff increment per retry

Retry Schedule Example:

Attempt 1: Immediate
  ↓ fails
Attempt 2: 10s later (initial_wait)
  ↓ fails
Attempt 3: 60s later (10s + 50s backoff)
  ↓ fails
Attempt 4: 110s later (60s + 50s backoff)
  ↓ fails
...continues with 50s backoff steps...
  ↓
Maximum wait capped at 12 hours between attempts
  • Task deduplication: Key pattern delivery:{action_id}:{recipient} prevents duplicate deliveries
  • Persistent delivery: Tasks survive server restarts via MetaAdapter storage

Failure Handling

On POST /api/inbox result:

1. Success (2xx):
   - Remove from delivery queue
   - Log successful delivery

2. Temporary Error (network timeout, 5xx, connection refused):
   - Keep in queue
   - Schedule retry with backoff
   - Continue retrying until max attempts

3. Permanent Error (4xx status, validation error):
   - Log error with context
   - Mark as undeliverable
   - Remove from queue (don't waste resources)

Related Actions & Fan-out

When certain actions are approved, they trigger delivery of related actions to additional recipients:

APRV (Approval) Fan-out

When a user approves another user’s content (e.g., repost), the system distributes the original content to the approver’s followers:

APRV Fan-out Algorithm:

1. User A creates POST action
2. User B reposts (creates APRV referencing POST)
3. On APRV creation:
   a. Fetch User B's followers
   b. For each follower:
      - Create delivery task for original POST
      - Include APRV context (who approved)
   c. Followers receive both POST and APRV

Use Cases:

  • Repost/Share: Original post reaches approver’s audience
  • Endorsement: Endorsed content gets wider distribution
  • Curated feeds: Content discovery through trusted connections
Trigger Action Related Actions Delivered Recipients
APRV (Approval) Original referenced action Approver’s followers
CONV (Conversation) Participant subscriptions All participants
INVT (Invitation) Conversation context Invited user

See Also