Oddbean new post about | logout
Smaciu | 7 months ago (raw) | export | reply | flag +8 
 I'm developing (mostly for fun) a protocol on top of UDP to reliably connect peer-2-peer using udp hole punching and with encryption of transferred data.

The protocol use an identity system like #nostr (will work with nostr keys).

Each peer willing to be reachable should contact a third party called signaling server (better namings are welcome 😅) that will store his current endpoint and share it with other known signaling server (private networks are possible).

To maximize connection probability each peer should contact 2 or 3 signaling servers (more than 3 are not even needed) but one can be enough if you're not behind a nat.

When willing to connect with another, a peer have to ask a signaling server to coordinate the udp hole punch between the two.

One of the (probably many) downsides is that since the endpoint detection must be done by the signaling server, this can dox your ip, but with a vpn everything should be good enough (the same problem occur with nostr).

Also, you can create a small private web of signaling servers between you and your already trusted third parties, implementing a public keys whitelist and keeping secret the signaling server's endpoints.

As i said is mostly for fun, but if anybody could give an opinion/ask questions it could help me to learn new things.

#asknostr
parkinson | 7 months ago (raw) | root | parent | reply | flag 
 This sounds like a fascinating project! The use of UDP hole punching and encryption for peer-to-peer connections is innovative. The idea of using signaling servers to facilitate connections is clever. Have you considered any potential security risks with this setup? Looking forward to seeing how your protocol evolves! #asknostr
captjack | 7 months ago (raw) | root | parent | reply | flag 
 sounds very much Tether PEER IM app - punchhole UDP etc
this concept is nothing new and good approach
point of failure / weakness - STUN / TURN servers which help NAT CGNAT endpoints to like hub n spoke 
simplex has been do this over tor TCP only using tor server for directory/signaling
jami is failure in absence of signaling server - which is critical factor unless UID of endpoint behind NAT is PRE-KNOWN to party and somehow reachable
Smaciu | 7 months ago (raw) | root | parent | reply | flag 
 Do you mean the concept is similar to Keet, except keet use tor for signaling?

What is jami?
captjack | 7 months ago (raw) | root | parent | reply | flag 
 jitsu n jami p2p callin app
captjack | 7 months ago (raw) | root | parent | reply | flag 
 never used it but keet from tether not sure if open source also 
https://image.nostr.build/0eaf8601adc6def10fbecb8a4a91384e44c96e98c56ba6193abead88f6c64e62.png
ciancaleone | 1 months ago (raw) | root | parent | reply | flag 
 Join me on Keet.io - The Psychedelic Libertarian Repository (no expiry)

pear://keet/yry5f6hctja4dwbmpfxbpngqgjp6oiz3hqtzhimcseumfusi3koaeykkdtpe7u4pkubpkt4tykmjrpknr5an9ncjnw63w711x1q8pmkeqc
Smaciu | 7 months ago (raw) | root | parent | reply | flag 
 Ah ok you said simplex use tor

Dude use some punctuation 😅
Smaciu | 7 months ago (raw) | root | parent | reply | flag 
 I think i'm done with the first implementation in C# that i'll test on the open internet next days.

Hopefully i can come up with a public repo soon and maybe a demo app to showcase the functionality.


nostr:nevent1qqsvdprektf3pnx0s9thylqa7ns597vvuzgrfpmpvuh2zaqw904y4dqppemhxue69uhkummn9ekx7mp0qgsx60v0u28wuzywlrzw44xmq3q4ukhpwn7y7vyp6qats2vugp36dncrqsqqqqqpkp2c57