It is not easy to get IPv6 on every device, that is only a dream at the moment but Holesail is real and it works. It solves the issue of connectivity + firewalls.
 

 If you are talking about the routing and DHT behind Holesail then no, it is very efficient as the underlying tech is based on Kademliya algorithm: 

Kademlia contacts only  𝑂 ( log ⁡ 𝑛 ) nodes during the search out of a total of  𝑛  nodes in the system. 

 Even then that will posses similar issues to static IPv4 addresses we have at the moment. 

People irresponsibly using it to expose private and important stuff online without knowledge that malicious third parties can see it.

P.s: I did some good research on this a while ago and have not posted about that yet, I will cover this ISSUE in depth in a separate post. 

 This is the correct explanation. To learn you can watch:

https://www.youtube.com/watch?v=1QdKhNpsj8M 

 Busy building in silence 😛  

 Do not hesitate to reach out to support if you have any issue or confusion with holesail. 

 Cache: 172 MB

Data: 560 KB 

 👀

nostr:note1kkzcdtq9lhcqvz4axwtxtjjmzdskle2qvc6pz49kgr5myddtr0zq7wwuza  

 Only when the relay decides it, it can inject whatever it wants 

 The URLs , whoever control the relay domain / url , they control the web service. 

 I am aware, that is why I am against both port forwarding and dynamic dns  

 Not currently at the moment but Holepunch plans to make a whole Operating system for peer to peer, so in the long run yes. 

 Agreed 

 Check out Cloudflare Zaraz; it injects the website with whatever content you like because they have the domain with them. (The NS)

Similarly, Ad and tracking agencies dynamically insert ads into the website without ever touching their main code.

It is https, but the certificate is not yours, and neither the origin server, they can insert whatever they like. 

 There is a proxy in between, from your example: socks5h://relay.8333.space:8882

That transfers all the control to this proxy alone, they get to choose what and how they want to display 👀

If it is someone with malicious intent, they will do whatever they want. 

 curl -s -x socks5h://relay.8333.space:8882 https://nprofile1qqs8a8nk09fhrxylcd42haz8ev4cprhnk5egntvs0whafvaaxpk8plgpzemhxue69uhhyetvv9ujuwpnxvejuumsv93k2g6k9kr/v1/info --insecure

This command makes a request to relay.8333.space:8882 with a profile key; it is up to the server to decide if they actually want to serve the real content; they can just swap it out for something they run themselves (pretty much how pi-hole works by swapping DNS of ad agencies to trash), and the certs are self-signed.

You would never know if what you see is actually coming from your own host or has been altered. 

 Even if it is a demo, it uses a relay which is a proxy. Proxies can change content, or the host itself 

 Actually no, it is inspired from hypertele but is a separate package with a lot more features.

To expose SSH just do: sudo holesail --live 22 

 Looking forward to it mate, no hard feelings I am just worried about the security issues with this system. 

 😂 

 https://primal.net/e/note1hm3gszzm4kd2qp5wz3003drg3qmawa9flv6m27qa4ctp8mrrwqkq0jllw3

This should explain it 

 Instead of using central servers to expose your self-hosted stuff, you can use Holesail to do the same, and it all connects peer to peer; there is no third party in between.


+ There is no public URL like a domain, so hackers can not find you. Only the person you choose to share the connection with can find you and connect to you. 

 Isn't this a normal server with extra steps? This would bring more traffic and means more bandwidth for the Nostr relays.

 

 Unpopular opinion: Absolutely terrible idea

Nostr-web-services is just ngrok / cloudflared with extra steps and more concerns about safety.

1. The things you expose are public; hackers can find you and see whatever you are hosting.

2. You DO NOT OWN your web service if the name servers are not under your control.

Whoever owns the name server is the prime authority, and they can inject whatever they want into your website.

Imagine out of 10 relays, even one of them injects your website with a code to steal passwords and you happen to use that relay (YOU ARE COMPROMISED!!)

It is as dangerous as port forwarding / dynamic DNS with extra concerns about integrity. 

When I say "as dangerous as port forwarding", I think I am explaining it casually, but in reality, this is far more dangerous and concerning.

Just two days ago when I was looking into issues with port forwarding / dynamic DNS / Nostr-web-services, I discovered: 

1. THREE THOUSAND (3k!!!!) Tesla with open information about their home coordinates, their kid's school, drop location, their workplace, their exact address, if their Tesla is active or not.

2. 6K + Camera with a full recording of the whole month, installed in people's personal—-BEDROOM--, baby monitor. 

There is no excuse for self-hosting irresponsibly; it should be done to increase your privacy and security, not to increase the risk.

Holesail provides a way to achieve this peak self-privacy and security. You expose only what you 🫵 choose, and only the person you want can access it, with no chances of a man-in-the-middle attack from a random relay and their DNS hosting.

I like how enthusiastic people are about Nostr and Nostr-based services, but we should NOT overlook the security and risks some of these ideas might bring!

https://m.primal.net/JWdi.png 

 @TheGuySwann 

nostr:note12vy8lmphxyfd7np7t503k8fzs3em2h6szfwad0fkgr6prjkjuhxsddyprj  

 Docs here: https://holesail.io/docs/introduction

Run: holesail --help for better understanding.

Video: https://www.youtube.com/watch?v=TgKri9R59oA&t=206s 

 Way to go @NotBiebs ⛵ 

 Thanks for the ⚡ mate 

 https://media0.giphy.com/media/v1.Y2lkPTc5MGI3NjExNWdhOGZjM2FyZXZwdW5yeHdpODFrN2VzNzk1ZXBtNXd5aXJxeG92MiZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/fUQ4rhUZJYiQsas6WD/giphy.webp 

 ⛵ 🚀  

 Looks like you are confused here, pear is a like a library for building peer to peer apps and http is a protocol.

Talking about holesail here, it supports http as well as ftp. 

 Holesail Go atm only let's you connect to a server atm and not serve from your Phone.

It is planned in a future version of Holesail.

But you can always do this:

holesail --live <port-of-server> --host <local-if-of-your-phone> 

on a different computer that is connect to the same network as your phone. 

 I just messaged  @franzap 👀   

 It will be available on our website soon, our frontend dev working on it 🫡 

 Check out https://holesail.io/ 

 Yes, that's what we call a jump server 

 Internally, a few more pushes on the android and iOS side and I will start working on better docs that cover every single thing like this 

 Seems quite interesting, I am not well versed with Nostr protocols, can you explain how does it work behind the tech please? 

 Holesail is ideal for both super light and super heavy stuff. 

 Yes, everything TCP at the moment, UDP support is planned soon. 

 No, there is no trade off 😁, that's the best thing about this P2P tech and your data does not travel through third party relays either.

Btw, thanks for the Zap  

 Not really, holesail does not need relays or servers. The P2P network running behind Holesail is a closed network that people can not enter unless they know an existing peer.

By default there are three public nodes, Node is a known peer, and anyone can become a node.  

 Node is a known peer that know a lot of other peers who's IP address we know and who will accept all connections. It is not a Relay and anyone can become a Node.

Check out Kademliya algorithm.  

 19 

 Happy birthday 🥳 

 You don't need a VPN or tailscale, check out holesail.io:
npm i holesail -g
Then just do holesail --live PORT --host HOST on the host machine and you will get a connection string and we code to remotely access this system anywhere on android, iOS, mac and terminal. 

 *and use that to remotely access

I hate autocorrect sometimes 

 Ohh damn, this is so beautiful 

 It is for both and yes what you are talking about is possible. 

 I like Mixtral 8b7x something with 32k context limit. 

  @oren_z0 That is an interesting use case, I have not used Vercel or serverless so not sure if this is possible but I will surely look into it 🤔 and ping you. 

 ChatGPT and Gemini are the worst things that have happened to privacy. You need to self-host LLMs if you care about your privacy and if your system can handle it.

Holesail makes locally running LLM accessible from anywhere on any device!

nostr:note169s0wet48nudvkkcdwscct9pf7fzggwxhkp5yavje2s6g3s756uqtkqgz8  

 Holesail.io can be used as a replacement of DNS, it allows you to use a dynamic IP while keeping the connection string static, while using no DNS system at all.

Disadvantages I can think of: iOS version of holesail pauses as soon as it goes into background so Nostr will work only when the app is open (I am looking for a workaround), there is no web version of Holesail.

But Desktop version of Nostr clients on Windows, Mac, Linux and even Android can utilise Holesail to run and connect to a Nostr node based on a "connection string". 

 If someone wants to run a Nostr node over holesail, just ping me and I will help them personally. 

 > But maybe you could run a bridge locally that would map connector.holesail.local strings to holesail IPs?

The bridge would then need to be run on a public server and thats what I call a jump server.

Adding holesail support to clients is a good idea, otherwise you can connect with local ip and port that holesail provides. 

 Nodejs and Bare runtime 

 Yes it support anything that runs over TCP, we will provide UDP support in a future release. 

 No, it works for anything TCP and will soon support UDP as well.

If you are concerned about the http part, that is only for when you are running websites + it is being served from your local computer to you, so https does not matter here. 

 When you do holesail CONNECTOR, it generates a hash that is also your location in the distributed hash table, atm there are two public nodes run by hopepunch team which lets you in on the mesh network of peers.


Anyone can run a public nodes, and it's only used for initially finding first few peers after that other peers tell you where your "peer" is located.

To stop people from taking over, you need to use key, which are automatically generated.

holesail --live 5000

will give you a key 

 I have not used umbrel but I can look into it 🤔 

 Yup, NAT holepunching is working good on mobile devices (iOS and Android both), in fact I have used holesail to access my Windows VNC on mobile  

 This could be possible (though would require some work), you need to embed bare runtime in your java/kotlin application and run holesail-client and holesail-server on it.

It is a tedious and undocumented  process atm, but holepunch team is working on new mobile development kit, hopefully that will resolve this and make development easier 

 Yeah guy Swann introduced me to Nostr, it's a cool platform.

What is a solid state interpreter personal server? 

 macOS, Linux, Windows (binaries for terminal, GUI app)

Android and iOS -Seperate GUI app 

 😂 , I am trying to help him but can't find time atm.

But that's running from source, running from binary won't have issues like this  

 iOS is available on the App store, Android is in closed beta and available to users who are participating on our beta program.

Expect Android version to go live by the end of this week along with binaries for all platforms.
 

 No, only if you use privileged port like 80 or 443  while listening  

 xD