Execution Models Overview

RowOps separates the control plane (configuration, authentication, tier enforcement) from the execution plane (data processing). This page establishes the unified mental model for understanding where operations occur.

Control Plane vs Execution Plane

Control Plane (Server-Side)

The control plane manages configuration and access. It runs on RowOps's servers and handles:

Responsibility	Location
Authentication	Server-side session management
License verification	Server-side endpoint
Tier enforcement	Server-side token verification + execution-plane tier gate
Schema storage	Server-side database
Key management	Server-side database
Audit logging	Server-side database
Usage tracking	Server-side database

The control plane does not process row-level data. It validates access and returns configuration.

Execution Plane (Client-Side)

The execution plane processes data. It runs in the client environment (browser or Node.js) and handles:

Responsibility	Location
File parsing	Client-side (browser or Node.js)
Schema validation	Client-side engine
Masking	Client-side engine
Transforms	Client-side engine
Profiling	Client-side engine
Export generation	Client-side blob creation
Sync delivery	Client-to-target HTTP requests

The execution plane processes rows locally. Row content does not traverse the control plane.

Where Data Is Processed

┌─────────────────────────────────────────────────────────────┐
│                    Client Environment                        │
│  ┌─────────────────────────────────────────────────────┐    │
│  │                 Execution Plane                      │    │
│  │  File → Parse → Validate → Mask → Transform → Export │    │
│  └─────────────────────────────────────────────────────┘    │
│                            │                                 │
│                   Metadata only                              │
│                            ▼                                 │
└─────────────────────────────────────────────────────────────┘
                             │
                    ┌────────┴────────┐
                    ▼                 ▼
            ┌─────────────┐    ┌─────────────┐
            │ Control     │    │ Sync        │
            │ Plane       │    │ Targets     │
            │ (RowOps) │    │ (User)      │
            └─────────────┘    └─────────────┘

Row data flows:

File → Client processing → Export blob or Sync target
Row content does not flow to the control plane

Metadata flows:

Client → Control plane: import events, row counts, validation summaries
Control plane → Client: schemas, tier limits, license status

Where Configuration Lives

Configuration	Storage Location	Accessed By
Schemas	Server-side	Both modes
API keys	Server-side	Both modes
Project settings	Server-side	Both modes
Tier limits	Server-side	Both modes
Mask/Transform rules	Within schema (server)	Both modes
License cache	Local filesystem (headless)	Headless only
Domain verification	Browser cache	Browser only

Configuration is fetched from the control plane at initialization. The execution plane applies configuration locally.

Shared Behavior Across Modes

Both headless and dashboard-assisted modes share:

Same Processing Engine

The same engine executes validation, masking, transform, and profiling operations regardless of execution mode.

Same Schema Format

RowOpsSchema type definitions apply to both modes. Fields, validation rules, mask config, and transform config are identical.

Same Tier Limits

Tier-based feature gates (row limits, feature access) apply uniformly. Enforcement occurs during license verification and at the WASM tier gate (pipeline start + worker boundary).

Same Error Types

MaskingFailedError, TransformFailedError, and validation error structures are consistent across modes.

Mode-Specific Behavior

Behavior	Dashboard-Assisted	Headless
Authentication	Session + publishable key	Secret key
Domain lock	Enforced	Not applicable
UI	React components	None
License mode	Strict only	Strict or demo

What This Separation Enables

Client-Side Processing

Row data can be processed without transmitting it to RowOps servers. The execution plane is self-contained after initialization.

Centralized Configuration

Schemas and settings are managed in one place (dashboard) and applied consistently across all clients.

Network-Free Usage

Headless mode does not support cached license operation. Use demo mode for testing without network access, with a 100-row limit and watermarking.

What This Separation Does Not Guarantee

Complete isolation: Usage tracking and license verification require network calls by default
Identical behavior: Some enforcement details may differ between modes (e.g., row-filtering transforms are disallowed in headless)
Cryptographic boundaries: The separation is architectural, not cryptographically enforced

Next Steps

Headless Mode - Server-side and CLI usage
Dashboard-Assisted Mode - Browser-based UI usage

Control Plane vs Execution Plane​

Control Plane (Server-Side)​

Execution Plane (Client-Side)​

Where Data Is Processed​

Where Configuration Lives​

Shared Behavior Across Modes​

Same Processing Engine​

Same Schema Format​

Same Tier Limits​

Same Error Types​

Mode-Specific Behavior​

What This Separation Enables​

Client-Side Processing​

Centralized Configuration​

Network-Free Usage​

What This Separation Does Not Guarantee​

Next Steps​