Serverless P2P

[holtwick]

• https://libp2p.io from https://ipfs.io/

[cyborgshead]

It will be awesome to see briefing working on top of IPFS.
With an internal IPFS node in application, it's possible to migrate briefing to truly p2p app.

[holtwick]

The main goal was to ensure end to end security is in place. Which got better with #55. This is a nice to have feature, but not adding additional security IMO.

[waynenilsen]

I would like to point out that another honorable goal of using something like libp2p is to have censorship resistance. A fully p2p video chat platform that could be run in a single html file using html/js/css is a very powerful thing to have.

[holtwick]

I'd love to see volunteers doing such an implementation. I just don't have the time right now to do it myself.

[holtwick]

@waynenilsen @litvintech I would like to follow up on libp2p. Right now I know too little about it and where to have a good starting point. Can you provide a basic overview of how this goal could be achieved best?

If the signaling layer could become decentralized I would be very happy. If even the STUN requirements could be eliminated that would be even better. Then the app itself would even work without any hosting e.g. as a browser extension or served locally etc.

Any help is very much appreciated. Thanks!

[holtwick]

Another nice to have would be to run without additional software installed. Of course, it should work from mobile devices as well. If any possible with browser side JS only.

[holtwick]

Seems to still need a server:
https://github.com/cretz/webrtc-ipfs-signaling

Not Browser-to-browser:
https://github.com/libp2p/js-libp2p-webrtc-direct

[holtwick]

More options and ideas:

https://zeronet.io/
https://webtorrent.io/
https://www.torproject.org/
https://gun.eco/
https://dat.foundation/
https://matrix.org/bridges/

[holtwick]

After some research over the weekend I get to the following conclusions:

• Absolute serverless p2p is not possible, due to the fact that one cannot get connections working behind NAT/firewalls without the help of a directly accessible STUN server (which could get blocked, like the one of Google certainly is for the great Chinese firewall - GCF)
• Connecting two peers needs at least the exchange of an "offer" and an "answer" (Session description protocol - SDP). Various ways for transmitting these packets without a central signaling server can be thought of. Most of those solutions will be "inconvenient". Once the connection is lost or the network setting changes, the process has to start over.
• Existing p2p solutions I listed before all face the same problems. They get around it by offering multiple "seed" locations, where to get info about more peers. Peers can also bypass servers, once connections are established. But this will never fully work for web based solutions, if there is not at least one known server with a real IP involved.
• The web app needs to be hosted as well

To wrap it up: For a web based software (but very likely for any other) it is not possible to offer p2p without the involvement of some kind of server. Spontaneous p2p connection groups will only work as long as the app is active and the network setting does not change.

Ideas for bypassing:

• Allow the use of arbitrary STUN servers and save them locally
• Allow "manual" SDP exchange
• Offer the web app for:
  • self-hosting (ZIP file download for example)
  • as an installable app with included local web app fallback
  • as browser extension
• Offer easy to install and run helper apps, that offer signaling and STUN support to allow quickly popping up new entry points
• Allow reconnecting peers over remaining active connections (mesh)

Why not use an existing solution? I would not yet exclude that option, but none really convinced me fully yet. The infrastructure also quickly becomes complex and requires running software, that does not easily run on mobile out of the box.

Any comment and help is very welcome! I'm not an expert and these are just my auto didactic learnings and conclusions. I'd be happy to learn more.

[Sean-Der]

Hey @holtwick I saw your twitter thread, and wanted to get involved. This is technically possible. You just need to represent your use case in the IETF. Companies that build with WebRTC just have full-time representatives pushing their businesses needs, you need to represent yours :)

For P2P to happen two WebRTC Agents need the following values. There is no reason this two things can't be stable values.

• ICE Candidates
• Fingerprint

This is the work in the area so far.

• https://github.com/pion/offline-browser-communication (Use mDNS candidates to connect inside a LAN)
• https://github.com/sean-der/webrtc-uri (URI that configures the local agent so you don't need O/A)
• Support for ICE Forking w3c/webrtc-ice#34 (Browser can generate one Offer that can be used with many answers)

I would love to help. I am passionate/excited about these ideas. I just haven't been able to find likeminded people.

[holtwick]

Hi @Sean-Der Thanks a lot for your feedback and getting involved, I just saw it today, sorry. Well, I did hope to solve the problem technically and not politically ;)

Before reading your comment I started to build a playground for evaluating different ways to pass around connection data. It has no working demo yet, due to lack of time: https://github.com/holtwick/spontan/

I came to the conclusion, that STUN is not avoidable at all. What do you think?

I'd be happy to work with you on the topic. Looks like we like-minded people need to get organized ;)

[Sean-Der]

Hey @holtwick

https://discourse.wicg.io/t/idea-local-devices-api-lan-services/5056 is looking super promising, but it is just LAN.

I am really interested in https://github.com/GrumpyOldTroll/wicg-multicast-receiver-api/blob/master/explainer.md maybe users can distribute offers/answers via that. Then establish a 1:1 connection from it?

[worldpeaceenginelabs]

Hey guys!

"Looks like we like-minded people need to get organized"

aggree, very interesting reading so far :)

I am working on a non-profit, open-source project, a PWA which is a mix from, visualized Wikipedia articles on a digital globe (which is not the topic in this post), and a distributed social network (thats the topic) to achieve the sustainable development goals and the global enforcement of the human rights...
WEBSITE: https://cloudatlas.club/
DEMO: https://cloud-atlas.app

• ACTUAL SITUATION

The sourcecode of https://cloud-atlas.app (client) lies on Github, which gets build by Cloudflare Pages and distributed to 200+ CDN's worldwide for free (JAMstack)
To keep things simple, we just about to code the UI and will connect it with a free cockroachdb server, for testing the UI and the logic.

• THE MASTERPLAN

Ditch the CockroachDB, making the backend distributed instead. (WebRTC, IPFS.js, Gun.js?)
1 mission is max 1kb plain text, inserted via the API into the UI.
One node can hold minimum 5000 missions (5 MB minimum Offline Cache)

If the UI is done, a user will be able to place a mapmarker with a mission/post on the map.
If you are the creator of the mission/post in your city, it will be pinned (IPFS) by your client automatically, so its available to everybody who looks up your city on the map.

At this moment, your post has only one node. You.
If someone from your city (or anywhere else) joins your mission, his client pins the post too. Now there are already two nodes, serving your post. and so on...

Now, when someone "just" likes your post, their client also pins the post, acting as a node for your mission.
So liking is now pinning ;)

Kind of spreading the word, because every join or like of your mission, makes the mission available to more people, because more people are acting as available nodes at different daytimes, making/keeping your post more available.

If a mission is done, the client unpins all posts, so the next garbage collection deletes it.

And because its a PWA, we could ask the user who installed it, to allow background sync while on wifi or even on mobile (at work, at home, at hotel, in restaurant, in malls, in shopping streets), increasing the availability of the net and the posts, making them a node, while not using the app/website.

So we talking about a decentralized/distributed jamstack hybrid, that scales and cleans up itself.
You could pretty much clone Facebook, without their expense, and without being a data-kraken :D

Nice? ;)

• DOES IT WORK?

From all i read in the docs of all the single mentioned .js libraries above, and from the experience with my already running JAMstack repo, it looks like its possible.

I just cant verify it, because i am missing the coding experience, maybe you can verify that the masterplan is possible, even so with some changes or tweaks to make it possible?

• PROBLEM

The reason why i write here: Its not a science fiction like, full/strict? distributed system, if you need a server with a fixed IP. (for instance STUN)

-POSSIBLE SOLUTION

Allow reconnecting peers over remaining active connections (mesh)

Inspired by this, i thought about the following:

Usually you would start evaluting the solution from the first two and only users of the PWA, right? How to connect them?

But i thought, lets saddle the horse from behind.

If there where already, lets say 1000 users connected, each could hold a list of 100 nodes, choosen by "best latency" related to their client, updating in an interval.

One interval refreshs the 100 nodes, or deletes old ones and adds new ones (again by best latencies)

So if the net is running, it keeps running, because its very unlikely all 100 nodes are going offline all at once.
Even if 99 nodes die, one node only serves you another list with 100 nodes. So its a chance 1:99 to loose all nodes.

Possible tweaks are for instance:
-increasing the number of nodes on the list decrease the chance of all nodes die at the same time
-having 10 low latency nodes in the list (equals nodes further away from your location, making it more robust)
-the chance of loosing all nodes at once lowers with the rise of users anyway
-and i am sure one gets more ideas the more one thinks about it.

• THE ONBOARDING
  Finally, just one problem away from running the system above, which scales itself, cleans itself, and reconnects itself.

So back to the first two users. How do the two first nodes find each other?

Why not just using everything we have technologically available for onboarding? So multiple solutions?
Creating multiple entry spots?

1. to be able to drop a map marker, the PWA needs to be installed. if you are the first user, dropping the first mission, you'll be asked if you want to send an invitation to your friends via whatsapp, facebook etc., or if you like to share your mission via your social media channels. After that, you've been asked, if you like to allow background sync via mobile and wifi for 24h, to increase the chance of someone falling for your invitation or social media post, is actually able to join the network (because till now, you are the only node)
   The link is now 99% sure to be active for the next 24h, contains the hash needed to connect to your node, every new node receiving a list with every other node, as long as the whole sum of nodes is below 100, above 100, the list becomes limited to the 100 nodes with the best latencies as described, and every, now onboarded user, will be asked of course, if they want to invite to or share the post on their channels. And also asking them for the 24h hours back sync on mobile or wifi or both.

If the new users drop a mission, they share, they'll be joined, receiving the list, and so on......

I think its a bumpy road at the begin, but possible.
Depends on how interesting the missions of the users are, and how good THEY sell it to their friends and their social networks.

But after the rough start, its actually nice and easy to onboard and stay in the net, you just need to find an actual mission, receive the list, and you all in.

btw: the node list is not limited to the location range of the post. the other node supporting you is able to be on the other side of the planet, just having a not so good latency of course.

Multiple local nets of missions of different social circles will arrise everywhere on the planet, but if two networks meet each other coincidentally (two users from two networks sharing the same friends or social network post), the clients of the two nets merging into one, just by their client sharing the node list by the lowest latency. They blend into each other, based on availability. Voila!!!

• BACKUPS

1. Thinking about a virtual IP. Kind of a hidden username like "255.255.255.255". If two nets merge and two clients have the same virtual IP, they just got both new ones. Next time, another net merges and there is another double IP, both get a new virtual IP, and so on.

2. Local backup on device: If you loose your connection, and want to onboard again, the app has multiple possibilities: we could again add 10 nodes on top of the list, but this time, the ones with the most uptime in a range of 24h. As a backup. Chances are 1:10 all nodes with the highest uptimes are going down at once. :D

3. Backup in the cloud: Running a free/cheap website on Cloudflare, containing only the hashs of the entry nodes with the highest uptime, making them kind of onboarding nodes. The client catches the whole list thats updated in an interval by the net, and tries out node hashes in a random sequence, to avoid to overstrain single nodes with high uptime. Maybe even a bit more complex, like every local network sends their highest available nodes list to the website, kind of. I know thats not full/strict distributed, but the two number 1's and number 2 are, number 3 is just a backup.

4. Kind of a Low Energy Bluetooth Beacon if the app is installed? I think there could be too much of a security riks, but maybe not? Just evaluating, but these guys are trying it https://berty.tech/blog/bluetooth-low-energy/ Maybe the same with Wifi/Wifi Direct. I think as soon LoRaWan will be accessible to smartphones, we get the off-grid touch of a distributed network anyway...

5. NFC and Barcode

6. Just ask a friend if they in. And local nets in a city or area will merge soon anyway, because you can reach everbody around the world with just 6 contacts in average, an effect working much faster on the local level of a city of course.

• END THOUGHT

I think interesting will be the effect of not seeing so many post at first, but then, step by step, your list gets updated with more and more nodes, merging with more and more nets, social circles, the people and their missions, till something like a hugh mesh is there.

Think in terms of igniting a single straw on multiple locations of a barley field with a fire-match, slowly start to burn the whole field, kind of...

Its almost 4 o'clock in the morning in Cologne, i am writing for almost two hours, and i am sooo excited about your thoughts.
I hope I didn't write crap, because i am so sleepy now :D

But i was so excited and inspired by this issues entries, which is exactly my topic since weeks, and i had to write that down.
haha. Good Night!

Kind regards

Bo

[holtwick]

Hi @worldpeaceenginelabs Thanks for sharing your thoughts on decentralized networking! It sounds all valid.

Although, in theory it seems to be easy, the devil probably is in the details. In particular keeping a decentralized network alive needs some critical mass. But I'm not an expert in this field, just saw that even IPFS uses and needs fixed entry nodes to get started. For the project you describe I guess https://dat.foundation/ comes closest to what you need.

The considerations that led me to open this ticket where in fact about establishing a connection between two peers without the need of any central instance. Imagine trying to start a communication in a hostile and fully controlled network, where any central node could be switched off by the network controllers. So the fundamental idea is to bypass the controlled channels and directly establish a point to point connection. In WebRTC context that might be possible by sending the SDP info via a side channel. The remaining challenge is to get out of the own local network and avoiding STUN that is the tool of choice for now. See https://github.com/holtwick/spontan/ for details.

It seems, that a convenient solution a regular user would appreciate is not possible to create right now. It always involves some hurdles to get it going on user side. Probably one should only implement such a solution, if it is really required or live with some trade-offs like providing some fixed nodes but keep it decentralized from there on.

Again, thanks for sharing and best luck for your project. I'm happy you found some inspirations for your project here.

[worldpeaceenginelabs]

What do you think about a Wifi, or Bluetooth, or even both combined, beacon?

Using these wireless technologies for ad hoc communication, kind of like this one from above for instance https://berty.tech/blog/bluetooth-low-energy/ (maybe there is a project more advanced then berty already? hard to Google "bluetooth", i get mostly advertising) :D

Like an off-grid point to point network with a range between 1m and 10km? (UDP?)

Only exchanging fresh node lists (1kb in a 6h interval) over Wifi and Bluetooth?
(Maybe even exchanging missions (1kb max/each) only if there is no online connection?)

Then connecting to this nodes via an online connection (3G, 4G, 5G, public Wifi Hotspot, Wifi@home or @school or @work)
Getting their lists of fresh nodes...
Exchanging missions...

Already downloaded data will be available offline, in case of a lost connection. (PWA offline cache)

What do think?

I see security issues and maybe energy and data plan draining...
But besides that, that could actually work, right?

Is there something like an encryption possible for Wifi or Wifi Direct, Bluetooth?
Like only someone with our client, which contains the private key, is able to read the node list, and the beacon itself?

[holtwick]

Some new related links:

• https://briarproject.org/how-it-works/
• https://getsession.org/faq
• https://decentpatterns.xyz/library/

@worldpeaceenginelabs sure it all sounds good. E2E encryption in general is not a problem IMO, maybe identity validation is a bigger one. However, I'm currently not actively developing in this area. This is a more general discussion about possible solutions to give the word "privacy" and "secure" more weight in P2P chats and not only see them as marketing terms. Therefore, thanks for your contributions and inspirations.