Skip to content

aschweig/sealedstructs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
src/sealedstructs
src/sealedstructs
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENCE
LICENCE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

sealedstructs

Introduction

Experimental implementations of persistent (immutable) data structures in pure Python, using structural sharing and lexical encapsulation.

Contents

  • ListNode -- persistent singly-linked list
  • PersistentMap -- persistent hash map with 4-way hash trie

Rationale

Python relies on conventions (leading underscores, documentation, discipline) to enforce encapsulation. This works well when all code is trusted and carefully written but two trends are eroding that assumption:

  1. Supply-chain risk: Malicious or compromised packages are increasingly common. The aiocpa incident is one example; the link notes PyPI receives over 500 malware reports per month.

  2. High-volume generated code: As LLMs produce more code, the audit burden grows. Structural invariants -- enforced by construction -- reduce the surface area where subtle bugs can hide.

A particular concern with generated code is training data poisoning: if attackers introduce enough subtly flawed examples into training data, models learn to reproduce those patterns. The resulting bugs -- off-by-one errors, race conditions, type confusion -- look like ordinary mistakes but may be systematically exploitable. Unlike malicious packages, this vector doesn't require compromising any single dependency; the flaw arrives through otherwise legitimate tooling.

These structures take a different approach: internal state is sealed inside lexical closures, so there's no obj._foo to accidentally access, reassign, or corrupt -- the state does not exist as attributes. Structural invariants enforced by construction reduce the surface area where subtle bugs -- whether accidental or induced -- can hide.

Limitations

This is defense in depth, not a security boundary. Python's runtime allows introspection and mutation of closure internals: __closure__[0].cell_contents is writable. Malicious code running in the same process can bypass any pure-Python encapsulation.

These structures protect against accidental misuse (including from sloppy dependencies or generated code). They do not protect against intentional attacks. True isolation requires process boundaries, containers, or a different runtime.

Development

python -m venv .venv
source .venv/bin/activate
pip install -e .
pytest

Or to add to your project:

pip install git+https://github.com/aschweig/sealedstructs.git

About

Persistent data structures for Python: encapsulation by construction, not convention

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages