2023-09-01 Friday
DEFCON Video about Veilid
Needed to download and H.265 → H.264 convert with HandBrake
prior art
Tor
Privacy-oriented network
IPFS
Inter Planetary File System
Distributed Data Storage
similar but designed for speed and providing services over a privately routed network
goals
Security First
Rust
Runs Everywhere
Standard Protocols
UDP
TCP
Websockets
All In network
No external services
avoid DNS
No STUN / TURN
Privacy Focused
Nodes != Identity
Resilient
latency
high churn
network switching
community and user focus
everybody deserves privacy
Nodes
every application running veilid-core is a node
no special nodes
headless nodes with veilid-server
JSON API for simple apps
veilid-python
veilid-cli
protocols
framed RPC operations up to 64k
Network Topology
on node activation keys are fetched from Veilid bootstrap server
that’s where DNS comes in, but after that it’s a Veilid-specific routing table
bootstrapped info is persistent, so shouldn’t need to be fetched again
Bootstrapping
ask bootstaps to find self
public address detection
relay configuration
peer minimumr efresh
network class detection
ping validation
cryptography
VLD0
Veilid cryptography suite
We did not roll our own crypto. We know better than that.
| Property | Spec Used |
|---|---|
| Authentication | ED25519 |
| Key Exchange | x25519 |
| Encryption | XChaCha20-Poly1305 |
| Message Digest | BLAKE3 |
| Key Derivation | Argon2 |
Secure Storage
ProtectedStore
device-level
TableStore
encrypted key-value database
RecordStore
distributed hash table storage
BlockStore
content-addressable data distribution
RPC Protocol
default port 5150
Schema Language
Cap’n Proto
Developed by Protobuf author; intended to address some of its shortcomings
RPC
Question / Answer and Statement RPC modes are supported
private routing structures fully supported in-schema (no magic blobs)
Schema evolution built-in
RPC schema is cryptography-independent
RPC ops are a nested set of Cap’n Proto operations to described actions
Distributed Hash Tables (DHT)
basically just search
better search w/ 1MB per key
signed keys with public and private values
allows multiple writers to key sub-chunks
Private Routing
safety route
private route
compiled route
addresses and public keys of next hop are embedded in packet envelope
future
per-hop payload keying
simplify directionality
increase hop count
eliminate hop counting
hop caching
There’s a Power User Quick Start
FFI+JS plugin support for Dart and Flutter
how can you help?
coders and hackers
app developers
usability experts
open source + governance
15:09 New feature on My Public Brain: slugs instead of UUIDs for permalinks
Nothing fancy yet. Just use slug(pageBlock["page-name"]) for every top-level block in the exported graph.