REQ: Request, RFC: Request for Comment, RFP: Request for Proposal
Given:
- Students can learn with notebooks given grading and feedback.
Students can learn by reviewing and preparing notebooks of executable code and markdown, given grading and feedback.
Problem:
- In order to grade or review notebooks, Instructors must execute arbitrary code with sufficient process isolation.
- Notebook grading solutions like otter-grader spawn containers in order to grade submitted notebooks with sufficient process isolation by executing the notebook and running tests of the inputs and outputs.
- With server-side grading, internet access and sufficient CPU, RAM, and Storage are necessary to grade notebooks.
- With client-side grading, students could get early feedback by running the tests locally;
though, client-side grading implies that the answers - the tests - must be distributed to the clients in order that they can run the tests locally.
- Cloud providers currently provide Confidential Computing services that execute code and data that must be encrypted before upload; Homomorphic Encryption and Zero-Knowledge Proofs.
- Instructors could encrypt the grading code for notebooks in order to do client-side grading.
- Client-side grading with sufficient obfuscation of the answers (the tests) would be advantageous because:
- Students could get fast early feedback
- Students could do their work without internet access
- Instructors could offload resource demands to the students' machines
- Client-side grading with sufficient obfuscation of the answers (the tests) would be disadvantageous because:
- Students would have a copy of the tests if the homomorphic encryption is insufficient or indeed effectively only obfuscatory
- Students should not run arbitrarily encrypted [grading] code on their machines
- Like Instructors, Students should run unsigned/untrusted code
Is this resolveable? Could there be low-risk client-side grading of Jupyter Notebooks? Maybe client-side and server-side grading: run the tests locally, and then submit when the tests are already passing locally?
If the disadvantageous Impacts are solvable or acceptable, then the Capability would be:
- [ ] ngrader/otter-grader in WASM with a grading code encryption feature
- [ ] detect unsigned WASM consuming resources on local machines
- [ ] vscode extension for grading your own notebooks locally?