Token Synchronization with Redis
The Redis synchronization system in ProxyAuth is designed to keep revoked tokens consistent across multiple service instances — without sacrificing performance or reliability.
In this architecture, Redis acts as a distributed synchronization bus, while LMDB remains the single source of truth.
Core Concept
Whenever a token is added or revoked on a ProxyAuth instance, an action is published to Redis using two keys:
{token_id}_action– indicates the operation (1 = Add,2 = Delete){token_id}_count– tracks how many instances have processed this action
Each ProxyAuth instance periodically scans Redis for these keys to update its local LMDB and in-memory DashMap, ensuring cluster-wide consistency.
Redis is never read directly during authentication checks — its only role is to propagate state changes efficiently.
Synchronization Flow
1 - Emit Action
When a token is added or removed locally, ProxyAuth writes the corresponding action keys to Redis.
2 - Propagation
Other instances detect these keys during their scheduled synchronization cycle (configurable interval).
3 - Apply Changes
Each instance applies the update to LMDB — adding or deleting the token as needed.
4 - Cleanup
After the update is propagated, Redis keys are automatically expired after a configurable duration, ensuring cleanup even if some instances haven’t yet synchronized.
Key Benefits
- Near real-time revocation propagation across distributed clusters.
- Strong isolation: in-memory data is loaded exclusively from LMDB, preventing transient inconsistencies.
- High resilience: if Redis becomes unavailable, LMDB still holds the full state.
- Horizontal scalability: new instances automatically join the synchronization process.
Technical Innovation
ProxyAuth introduces an innovative synchronization mechanism that bridges high performance, resilience, and data integrity across distributed environments.
Instead of relying on Redis as a persistent store, ProxyAuth uses it as a temporary synchronization bus, while LMDB remains the single source of truth.
This architectural separation allows ProxyAuth to achieve event-driven consistency without the complexity or fragility of consensus-based systems.
Key Innovations
- Ephemeral Event Bus Design
Redis is used only to propagate synchronization events, not to store state.
Each token update (add/revoke) is broadcast through short-lived Redis keys that expire after a configurable duration — ensuring automatic cleanup, even if some instances fail to synchronize in time.
- Hybrid Consistency Model
ProxyAuth combines the speed of in-memory caching (DashMap), the reliability of LMDB persistence, and the efficiency of Redis-based propagation.
This results in a system that is eventually consistent, but never blocked by synchronization delays or Redis outages.
- Fault-Tolerant by Design
If a node goes offline, it automatically recovers the correct token state from LMDB upon restart.
Redis outages or transient network failures never compromise the authentication logic — ProxyAuth keeps operating locally and self-heals once synchronization resumes.
- Minimal Dependencies, Maximum Scalability
The system avoids clustering overhead, consensus protocols, or complex message queues.
Every instance works autonomously while maintaining lightweight synchronization through Redis, enabling near-linear scalability across nodes.
Why It Matters
This model transforms Redis from a traditional cache into a resilient event stream — enabling ProxyAuth to synchronize token revocations and updates at massive scale, while maintaining a lightweight, zero-trust-compatible footprint.