Code Monkey home page Code Monkey logo

qp2p's Introduction

qp2p

Crate Documentation
Documentation
MaidSafe website SAFE Dev Forum SAFE Network Forum

Overview

This library provides a mechanism for peers on P2P networks to communicate securely. It also allows the network peers to re-join the network without requiring them to re-connect to any known peers. These peers such as hard coded peers or DNS defined peers as these are obviously a security concern and a centralised set of peers that can easily be attacked or even torn down. There are several informative posts describing both QUIC and TLS 1.3:

These are highly recommended to be able to better understand this library, in particular the Cloudflare blog posts (10 minute read).

Encryption of connections

QUIC provides connection security via the use of TLS 1.3. This library will allow 3 different connection types with regard to encryption and validation.

  1. Require peers to have certificates from an agreed certificate authority.
  2. Allow use of a private certificate authority.
  3. Allow no identity validation of peers, but do encrypt connections. (currently implemented)

This should satisfy the requirements of many P2P networks, whether they trust any clearnet certificate authority (which may be a centralised attack source) or whether they pass the identity management up to a different layer to validate identities and simply use qp2p as a secured network in terms of encrypted connections.

Bootstrap Cache

qp2p will save any endpoints and certificates of nodes that are connectible without any setup such as is required by NAT hole punching. The most recently connected 200 nodes are stored and these are then used to re-join the network after any restart.

Connectivity types

qp2p uses 2 connection types when in P2P mode. This allows the connections to be defined as:

  1. A bi-directional connection.

  2. A uni-directional connection.

Where 1 allows connections from consumers of the network, such as clients or perhaps P2P nodes that are simply obtaining information, such as bootstrapping, 2 is used where the network is allowing another P2P worker. These peers must be both able to connect and be able to be connected to. Using a uni-directional stream per connection forces the node to confirm both incoming and outgoing connectivity is available.

A peer my also use a bi-directional connection where it is using STUN or TURN to make that connection. It has to however introduce itself as a Client and not a Node as Nodes are always checked for reverse connectivity to them.

IP Spoof defence

This library enables stateless-retry to defend against IP spoofing. This is achieved by sending a token back to the connecting node which must be returned. QUIC also defines a protocol negotiation process that defend against many attacks by confirming the acceptable protocols. This is defined here.

TODO

  • Hole punching for NAT traversal
  • Support for async/await syntax
  • Benchmarks and more examples

License

This SAFE Network library is dual-licensed under the Modified BSD (LICENSE-BSD https://opensource.org/licenses/BSD-3-Clause) or the MIT license (LICENSE-MIT http://opensource.org/licenses/MIT) at your option.

Contributing

Want to contribute? Great ๐ŸŽ‰

There are many ways to give back to the project, whether it be writing new code, fixing bugs, or just reporting errors. All forms of contributions are encouraged!

For instructions on how to contribute, see our Guide to contributing.

qp2p's People

Contributors

actions-user avatar berkus avatar bochaco avatar caemor avatar d1vyank avatar davidrusu avatar dirvine avatar douglascaetano avatar joshuef avatar lionel1704 avatar madadam avatar maqi avatar mrcnski avatar nbaksalyar avatar octol avatar povilasb avatar ravinderjangra avatar s-coyle avatar sunhuachuang avatar ustulation avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.