A Deterministic State-Transition Architecture for Client-Side Web Execution
Authors/Creators
Description
Modern web browsers execute third-party code through asynchronous, event-driven mechanisms that provide no formal guarantees of execution reproducibility, state provenance, or verifiable state progression. As a result, client-side behavior is typically inferred from logs, heuristics, or post-hoc interpretation rather than derived from explicit, validated execution state transitions.
This work introduces a deterministic state-transition architecture for client-side web execution. The proposed model formalizes execution state as an explicit, observable representation, derives deterministic deltas between successive states, and applies rule-bound validation prior to execution advancement. Only transitions that satisfy predefined deterministic rules are permitted to progress within the defined execution boundary.
The architecture operates alongside existing browser environments without modifying browser engines or application logic. It observes execution, captures deterministic state snapshots, evaluates transitions through rule-bound validation, and records outcomes in an append-only audit record. The resulting execution traces are reproducible and independently verifiable, eliminating reliance on probabilistic inference or semantic interpretation for client-side execution analysis.
The primary contribution of this work is the formalization of a deterministic execution model and corresponding validation architecture for browser environments. The approach is implementation-agnostic and demonstrated through a reference implementation.
All claims are intentionally limited to client-side execution validation within a defined execution boundary and do not extend to server-side computation, network-layer behavior, or content semantics.
Files
A Deterministic State-Transition Architecture for Client-Side Web Execution.pdf
Files
(339.8 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:48995d48b0a34ad73e8860f67ca49532
|
339.8 kB | Preview Download |
Additional details
Related works
- References
- Preprint: 10.5281/zenodo.18394710. (DOI)
- Preprint: 10.5281/zenodo.17826047 (DOI)
- Preprint: 10.5281/zenodo.17786898 (DOI)
- Preprint: 10.5281/zenodo.17766646 (DOI)
Dates
- Issued
-
2026-02-07Date of public release.
References
- ECMA International, "ECMAScript® Language Specification," ECMA-262, 2023. https://tc39.es/ecma262/
- WHATWG, "HTML Living Standard," 2024. https://html.spec.whatwg.org/
- Google Chromium Project, "The Chromium Architecture," 2024. https://www.chromium.org/developers/design-documents/
- M. Jackson and C. Hines, "Event Loops, Task Queues, and Microtasks in Modern Browsers," IEEE Software, vol. 37, no. 4, pp. 54–61, 2020.
- A. Barth, "The Web Origin Concept," RFC 6454, IETF, 2011.
- S. Stamm, B. Sterne, and G. Markham, "Reining in the Web with Content Security Policy," Proc. WWW, 2010.
- C. Reis et al., "Isolating Web Programs in Modern Browser Architectures," Proc. EuroSys, 2009.
- J. Nieh et al., "Browser-Based Program Execution and Isolation," IEEE Security & Privacy, vol. 18, no. 3, pp. 34–42, 2020.
- A. P. Felt et al., "Measuring Browser Security Policies," Proc. USENIX Security, 2016.