Smaciu's avatar
Smaciu smaciu@smaciullator.github.io/nostr-verification/ 1 year ago
I'm developing (mostly for fun) a protocol on top of UDP to reliably connect peer-2-peer using udp hole punching and with encryption of transferred data. The protocol use an identity system like #nostr (will work with nostr keys). Each peer willing to be reachable should contact a third party called signaling server (better namings are welcome ๐Ÿ˜…) that will store his current endpoint and share it with other known signaling server (private networks are possible). To maximize connection probability each peer should contact 2 or 3 signaling servers (more than 3 are not even needed) but one can be enough if you're not behind a nat. When willing to connect with another, a peer have to ask a signaling server to coordinate the udp hole punch between the two. One of the (probably many) downsides is that since the endpoint detection must be done by the signaling server, this can dox your ip, but with a vpn everything should be good enough (the same problem occur with nostr). Also, you can create a small private web of signaling servers between you and your already trusted third parties, implementing a public keys whitelist and keeping secret the signaling server's endpoints. As i said is mostly for fun, but if anybody could give an opinion/ask questions it could help me to learn new things. #asknostr

Replies (8)

Parkinson's avatar
Parkinson parkinson@nostrich.house 1 year ago
This sounds like a fascinating project! The use of UDP hole punching and encryption for peer-to-peer connections is innovative. The idea of using signaling servers to facilitate connections is clever. Have you considered any potential security risks with this setup? Looking forward to seeing how your protocol evolves! #asknostr
1 replies โ†“
captjack ๐Ÿดโ€โ˜ ๏ธโœจ๐Ÿ’œ's avatar
captjack ๐Ÿดโ€โ˜ ๏ธโœจ๐Ÿ’œ captjack@plebchain.club 1 year ago
sounds very much Tether PEER IM app - punchhole UDP etc this concept is nothing new and good approach point of failure / weakness - STUN / TURN servers which help NAT CGNAT endpoints to like hub n spoke simplex has been do this over tor TCP only using tor server for directory/signaling jami is failure in absence of signaling server - which is critical factor unless UID of endpoint behind NAT is PRE-KNOWN to party and somehow reachable
Smaciu's avatar
Smaciu smaciu@smaciullator.github.io/nostr-verification/ 1 year ago
I think i'm done with the first implementation in C# that i'll test on the open internet next days. Hopefully i can come up with a public repo soon and maybe a demo app to showcase the functionality.
Smaciu's avatar Smaciu
I'm developing (mostly for fun) a protocol on top of UDP to reliably connect peer-2-peer using udp hole punching and with encryption of transferred data. The protocol use an identity system like #nostr (will work with nostr keys). Each peer willing to be reachable should contact a third party called signaling server (better namings are welcome ๐Ÿ˜…) that will store his current endpoint and share it with other known signaling server (private networks are possible). To maximize connection probability each peer should contact 2 or 3 signaling servers (more than 3 are not even needed) but one can be enough if you're not behind a nat. When willing to connect with another, a peer have to ask a signaling server to coordinate the udp hole punch between the two. One of the (probably many) downsides is that since the endpoint detection must be done by the signaling server, this can dox your ip, but with a vpn everything should be good enough (the same problem occur with nostr). Also, you can create a small private web of signaling servers between you and your already trusted third parties, implementing a public keys whitelist and keeping secret the signaling server's endpoints. As i said is mostly for fun, but if anybody could give an opinion/ask questions it could help me to learn new things. #asknostr
View quoted note →
โ†‘