Here are some considerations on remote subscriptions. Within a trusted scope (i.e., within a particular node) the event broker works for subscriptions by filtering based on subscriber-provided filter functions.
One approach might be to extend this across the network. However, it doesn’t extend across trust domains because a filter function is an Elixir function, and it could just do arbitrary things besides filter, so this is to be avoided.
The better approach is a filter DSL, which I’ve mentioned before. The simplest filter DSL can merely be an Elixir pattern as a string, which is turned into a filter function on the remote side; patterns are powerful and most filtering can just be done in function heads (i.e., most filters look like def filter(pattern) do true end; def filter(_) do false end). In theory this could be extended to a more powerful language if it proves necessary. Patterns have no side-effects, they just match or don’t (and bind variables, but this part isn’t relevant here, it can just be an invocation of the predicate match?/2).
It’s worth considering the possibility of timeouts on subscriptions as well; some subscriptions may be one-shot (you expect to receive exactly one event, e.g. “the status of this specific transaction”) and not requiring the subscriber to clean up is useful ergonomics.