Protocol Specification

This page documents the Better-State wire protocol used by the client SDK and server. It defines WebSocket events, payload shapes, acks, and error contracts.

Overview

Better-State synchronizes JSON documents per key within a namespace. Clients connect using Socket.IO and exchange a small set of events:

auth → authenticate into a namespace using an API key
subscribe → join rooms for keys and receive state:init
mutate → submit operation-based mutations (no code execution on server)
state:update → server broadcast of authoritative state + version

JSON values

Values are JSON-serializable (objects, arrays, strings, numbers, booleans, null). Non-JSON types should be avoided.

Paths

Many operations target a JSON pointer-like path (e.g. /cards/abc/title). Paths are conservative and slash-separated.

WebSocket Events

Event direction:

Event	Direction	Purpose
auth	client → server	Authenticate using API key
auth:ok	server → client	Auth success
auth:error	server → client	Auth failure
subscribe	client → server	Subscribe to keys (rooms)
state:init	server → client	Initial snapshot per key
mutate	client → server	Submit mutations for a key
mutate:ack	server → client	Ack mutation ids + server version + dedupe info
mutate:error	server → client	Reject mutation request (bad_request/conflict/forbidden)
state:update	server → client	Broadcast authoritative value + version

auth / auth:ok / auth:error

auth (client → server)

payload

2 apiKey: string,

3 clientId: string

apiKey maps to a namespace. clientId is a caller-provided identifier used for debugging/analytics.

auth:ok (server → client)

payload

1{ sessionId: string }

auth:error (server → client)

payload

1{ message: string }

state:update

When the server accepts mutations for a key, it broadcasts an authoritative update to all subscribed clients (including the sender).

payload

2 key: string,

3 value: unknown, // JSON value

4 version: number

Clients should treat version as authoritative and monotonically increasing per key.

mutate / mutate:ack / mutate:error

mutate (client → server)

Submit a batch of mutations for a key. The batch is processed atomically.

payload

2 key: string,

3 baseVersion?: number,

4 mutations: Array<{

5 id: string,

6 clientTs: number,

7 op: JsonOp,

8 value?: unknown

9 }>

10}

baseVersion enables optimistic concurrency. If it is provided and does not match the server's current version, the server rejects with code: "conflict".

Each mutation must include a unique id. The server usesid for idempotency/deduplication.

JsonOp

Mutations are operation-based (no arbitrary code execution). Common operations:

JsonOp examples

1// Replace the entire document

2{ type: "set", value: anyJsonValue }

4// Shallow merge object fields (object-only)

5{ type: "merge", value: { ... } }

7// Delete at path

8{ type: "del", path: "/a/b" }

10// Put value at path

11{ type: "put", path: "/a/b", value: anyJsonValue, createMissing?: boolean }

13// Increment a numeric value at path

14{ type: "inc", path: "/counter", by?: number }

16// Array helpers

17{ type: "arrayInsert", path: "/items", index?: number, value: anyJsonValue }

18{ type: "arrayRemove", path: "/items", index: number }

19{ type: "arrayMove", path: "/items", from: number, to: number }

20{ type: "arraySplice", path: "/items", index: number, deleteCount: number, items?: anyJsonValue[] }

mutate:ack (server → client)

Server acknowledges mutation ids so the client can clear its offline queue deterministically.

payload

2 mutationIds: string[],

3 version: number,

4 insertedIds: string[],

5 duplicateIds: string[]

mutationIds: echoes all ids from the request batch
insertedIds: ids newly inserted into the server log (applied)
duplicateIds: ids already present (no-op)

mutate:error (server → client)

Rejection payloads are structured. Minimal fields include code and message; other fields depend on the error type.

bad_request

2 code: "bad_request",

3 message: string,

4 details?: object

conflict

2 code: "conflict",

3 message: "Version conflict",

4 key: string,

5 baseVersion: number,

6 serverVersion: number

forbidden (policy)

2 ok: false,

3 code: "forbidden",

4 message: "Policy violation",

5 key: string,

6 reason: "no_matching_rule" | "batch_too_large" | "op_not_allowed" | "path_denied" | "path_not_allowed",

7 opIndex?: number,

8 opType?: string,

9 path?: string,

10 appliedRule?: { name?: string; keyPrefix: string },

11 details?: object

12}

For conflicts, recommended client behavior is: resubscribe to fetch the latest version, then retry pending mutations with the updated base version.

Error Codes

Code	Meaning	Typical action
bad_request	Invalid payload or violates hard limits	Fix client request
conflict	baseVersion mismatch	Resubscribe and retry
forbidden	Policy rejects operation	Change policy or client behavior
internal_error	Unexpected server error	Retry / report / inspect logs

Guarantees

Idempotency — mutation id is deduped by the server (exactly-once effect for at-least-once delivery).
Authoritative version — server increments version for newly inserted events only.
Ordering — server ordering is derived from (server_ts, seq).
Safe mutations — server applies validated JSON operations; no client code execution.

Limits

The server enforces hard limits to protect availability. Configurable via environment variables:

Variable	Default	Meaning
MAX_KEY_LENGTH	200	Max key length for mutate requests
MAX_MUTATIONS_PER_BATCH	100	Max number of mutations per mutate
MAX_WS_JSON_BYTES	256kb	Max JSON payload size for mutate over WS
MAX_HTTP_JSON_BYTES	256kb	Max JSON payload size for REST endpoints

Protocol Specification

Overview

JSON values

Paths

WebSocket Events

auth / auth:ok / auth:error

auth (client → server)

auth:ok (server → client)

auth:error (server → client)

subscribe / state:init

subscribe (client → server)

state:init (server → client)

state:update

mutate / mutate:ack / mutate:error

mutate (client → server)

JsonOp

mutate:ack (server → client)

mutate:error (server → client)

Error Codes

Guarantees

Limits