@Johnathan Corgan Sure... but you're missing so much of that makes this project not work for the internet. It works for say... 5 machines between friends. It is not going to work as a replacement to the internet. In it's current state a hacker with 10 seconds a laptop motivated enough will bring the whole thing crashing down in 5 seconds. What FIPS gets wrong that the internet gets right: The internet's layering exists for a reason. Each layer does one thing: IP routes packets. It doesn't authenticate. It doesn't encrypt. It doesn't care about identity. TLS/Noise encrypts. It doesn't route. It doesn't care about topology. DNS discovers. It doesn't encrypt. It doesn't route. FIPS collapses routing, identity, and encryption into the same layer (FMP). That's elegant in a spec document and dangerous in practice because a vulnerability in any one of those concerns compromises all three. The internet's separation of concerns means a DNS vulnerability doesn't give you routing control, and a routing vulnerability doesn't give you key material! - FIPS is trying to replace layers 1-3 of the OSI model. Secure P2P only needs to augment layers 4-7. That's a crucial distinction. - The "one keypair for everything" idea is the philosophical trap. Separation of identity (who you are), routing (where you are), and encryption (what you say) isn't just good engineering, it's a privacy REQUIREMENT. Happy discuss more if you like on how to fix or improve on these issues but it has glaring security holes! - sec audit.

Gist

security audit of FIPS

security audit of FIPS. GitHub Gist: instantly share code, notes, and snippets.

What worries me though is that this seems like it was written for a hivemind. Everyones incentives HAVE to be aligned or it kinda doesn't work?