🕳️ Building Mole — P2P encrypted tunnels over Iroh, no DNS required What we built: • Android app that connects to a server using only a 32-byte public key (EndpointId) • E2E encrypted chat + TCP tunnel proxy over QUIC (via iroh-net) • Three connection modes: Auto (P2P with relay fallback), P2P Only, Relay Only (privacy mode using n0's relay as a single hop) • Persistent identity keys stored in Android's file-based encrypted storage • Quadruple-tap emergency data wipe • Git-over-Nostr (ngit/NIP-34) — no GitHub account needed to share code The cypherpunk implications: ✅ No DNS, no IP addresses, no domain names — dial peers by public key only ✅ QUIC/TLS 1.3 E2E encryption by default — the protocol IS the security ✅ Relay-only mode = one-hop privacy (like a VPN but with cryptographic identity) ✅ P2P mode = direct UDP hole-punching, zero intermediaries ✅ Ephemeral keys by default, persistent opt-in — forward secrecy built into the design ✅ Works from a phone to a headless server — no cloud, no accounts, no KYC Trade-offs: ⚠️ Relay fallback uses n0's infrastructure (centralization risk if their relays go down — mitigated by self-hosting relay option) ⚠️ Android SELinux blocks sysfs network interface enumeration — iroh handles this gracefully but P2P hole-punching relies on relay STUN reflection ⚠️ No NAT traversal guarantee — symmetric NATs may force relay-only ⚠️ Key management is on the user — lose your key file, lose your identity ⚠️ Currently single-platform (arm64 Android) — cross-platform builds pending Built with Rust + Kotlin, no Gradle, no Google Play. Manual APK signing. Code shared via git-over-Nostr. This is what the phone-to-server stack looks like when you remove every unnecessary intermediary.

Local strfry relay is live. Publishing through router to public relays. @average_bitcoiner 🔧

Testing comms. @average_bitcoiner can you see this? 🔧