fluencelabs/js-libp2p
1
0
Fork 0
mirror of https://github.com/fluencelabs/js-libp2p synced 2025-03-20 01:20:50 +00:00
Code Issues Projects Releases Wiki Activity
js-libp2p/examples/encrypted-communications
History
David Dias 6905f1ba41
feat: (BREAKING CHANGE) overhaul libp2p config and constructor 
* docs: update chat example and add info to its readme
* docs: update echo example
* docs: update libp2p in browser example
* docs: update pubsub example
* docs: update peer and content routing examples
* docs: update discovery mechanisms example
* docs: update encrypted comms example
* docs: update protocol and stream muxing example
* feat: add config validation
* test: update CI configs, use only node 8
2018-06-28 10:06:25 +02:00
..
1.js
feat: (BREAKING CHANGE) overhaul libp2p config and constructor
2018-06-28 10:06:25 +02:00
README.md
feat: (BREAKING CHANGE) overhaul libp2p config and constructor
2018-06-28 10:06:25 +02:00

README.md

Encrypted Communications

libp2p can leverage the encrypted communications from the transports it uses (i.e WebRTC). To ensure that every connection is encrypted, independently of how it was set up, libp2p also supports a set of modules that encrypt every communication established.

We call this usage a connection upgrade where given a connection between peer A to peer B, a protocol handshake can be performed that gives that connection new properties.

A byproduct of having these encrypted communications modules is that we can authenticate the peers we are dialing to. You might have noticed that every time we dial to a peer in libp2p space, we always use its PeerId at the end (e.g /ip4/127.0.0.1/tcp/89765/ipfs/QmWCbVw1XZ8hiYBwwshPce2yaTDYTqTaP7GCHGpry3ykWb), this PeerId is generated by hashing the Public Key of the peer. With this, we can create a crypto challenge when dialing to another peer and prove that peer is the owner of a PrivateKey that matches the Public Key we know.

1. Set up encrypted communications with SECIO

We will build this example on top of example for Protocol and Stream Multiplexing. You will need the module libp2p-secio to complete it, go ahead and npm install libp2p-secio.

SECIO is the crypto channel developed for IPFS, it is a TLS 1.3 like crypto channel that established an encrypted communication channel between two peers.

To add it to your libp2p bundle, all you have to do is:

const SECIO = require('libp2p-secio')

class MyBundle extends libp2p {
  constructor (peerInfo) {
    const defaults = {
      modules: {
        transport: [ TCP ],
        streamMuxer: [ SPDY ],
        // Attach secio as the crypto channel to use
        connEncryption: [ SECIO ]
      }
    }

    super(defaultsDeep(_options, defaults))
  }
}

And that's it, from now on, all your libp2p communications are encrypted. Try running the example 1.js to see it working.

If you want to want to learn more about how SECIO works, you can read the great write up done by Dominic Tarr.

Importante note: SECIO hasn't been audited and so, we do not recommend to trust its security. We intent to move to TLS 1.3 once the specification is finalized and an implementation exists that we can use.