SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

Hi team, I have a question about the read-replica consistency implementation. What is the logic for using the read-replica? does it depend on the ZedToken in some way? or would a read operation or a permission check operation always use the replica? My concern with consistency is if a new relationship is written, will a fully-consistent (or at-least-as-fresh) read operation still use the read-replica? if so, if it takes some time for the read-replica to get updated, the permission check might fail

👋 Using Read Replica gives you the same type of guarantees as not using them, we made sure SpiceDB consistency guarantees are intact.

When a request hits the read replica with `at_least_as_fresh`, it will make sure the revision provided through the zedtoken is replicated. If it hasn't, it will fall back to the primary. All `full_consistency` requests will be forwarded to the primary. In the case of `minimize_latency`, as the name implies, it will use whatever is available in the replica within the quantization window, so same guarantees as with the primary.

That is great, thank you for the details and clarification!