Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@hyperswarm/dht
Advanced tools
The DHT powering Hyperswarm
npm install @hyperswarm/dht
Built on top of dht-rpc.
The Hyperswarm DHT uses a series of holepunching techniques to make sure connectivity works on most networks, and is mainly used to facilitate finding and connecting to peers using end to end encrypted Noise streams.
To try it out, first instantiate a DHT instance
import DHT from '@hyperswarm/dht'
const node = new DHT()
Then on one computer listen for connections
// create a server to listen for secure connections
const server = node.createServer()
server.on('connection', function (socket) {
// socket is E2E encrypted between you and the other peer
// pipe it somewhere like any duplex stream
console.log('Remote public key', socket.remotePublicKey)
console.log('Local public key', socket.publicKey) // same as keyPair.publicKey
process.stdin.pipe(socket).pipe(process.stdout)
})
// make a ed25519 keypair to listen on
const keyPair = DHT.keyPair()
// this makes the server accept connections on this keypair
await server.listen(keyPair)
Then on another connect to the computer using the public key of the key-pair it is listening on
// publicKey here is keyPair.publicKey from above
const socket = anotherNode.connect(publicKey)
socket.on('open', function () {
// socket fully open with the other peer
})
// pipe it somewhere like any duplex stream
process.stdin.pipe(socket).pipe(process.stdout)
const node = new DHT([options])
Create a new HyperSwarm DHT node.
Options include:
{
// Optionally overwrite the default bootstrap servers, just need to be an array of any known dht node(s)
// Defaults to ['node1.hyperdht.org:49737', 'node2.hyperdht.org:49737', 'node3.hyperdht.org:49737']
bootstrap: ['host:port'],
keyPair // set the default key pair to use for server.listen and connect
}
See dht-rpc for more options as HyperDHT inherits from that.
Note: The default bootstrap servers are publicly served on behalf of the commons. To run a fully isolated DHT, start one or more dht nodes with an empty bootstrap array (new DHT({bootstrap:[]})
) and then use the addresses of those nodes as the bootstrap
option in all other dht nodes. You'll need at least one persistent node for the network to be completely operational.
keyPair = DHT.keyPair([seed])
Use this method to generate the required keypair for DHT operations.
Returns an object with {publicKey, secretKey}
. publicKey
holds a public key buffer, secretKey
holds a private key buffer.
If you pass any options they are forwarded to dht-rpc.
await node.destroy([options])
Fully destroy this DHT node.
This will also unannounce any running servers.
If you want to force close the node without waiting for the servers to unannounce pass { force: true }
.
node = DHT.bootstrapper(port, host, [options])
If you want to run your own Hyperswarm network use this method to easily create a bootstrap node.
const server = node.createServer([options], [onconnection])
Create a new server for accepting incoming encrypted P2P connections.
Options include:
{
firewall (remotePublicKey, remoteHandshakePayload) {
// validate if you want a connection from remotePublicKey
// if you do return false, else return true
// remoteHandshakePayload contains their ip and some more info
return true
}
}
You can run servers on normal home computers, as the DHT will UDP holepunch connections for you.
await server.listen(keyPair)
Make the server listen on a keyPair. To connect to this server use keyPair.publicKey as the connect address.
server.refresh()
Refresh the server, causing it to reannounce its address. This is automatically called on network changes.
server.on('connection', socket)
Emitted when a new encrypted connection has passed the firewall check.
socket
is a NoiseSecretStream instance.
You can check who you are connected to using socket.remotePublicKey
and socket.handshakeHash
contains a unique hash representing this crypto session (same on both sides).
server.on('listening')
Emitted when the server is fully listening on a keyPair.
server.address()
Returns an object containing the address of the server:
{
host, // external IP of the server,
port, // external port of the server if predictable,
publicKey // public key of the server
}
You can also get this info from node.remoteAddress()
minus the public key.
await server.close()
Stop listening.
server.on('close')
Emitted when the server is fully closed.
const socket = node.connect(remotePublicKey, [options])
Connect to a remote server. Similar to createServer
this performs UDP holepunching for P2P connectivity.
Options include:
{
nodes: [...], // optional array of close dht nodes to speed up connecting
keyPair // optional key pair to use when connection (defaults to node.defaultKeyPair)
}
socket.on('open')
Emitted when the encrypted connection has been fully established with the server.
socket.remotePublicKey
The public key of the remote peer.
socket.publicKey
The connections public key.
const stream = node.lookup(topic, [options])
Look for peers in the DHT on the given topic. Topic should be a 32 byte buffer (normally a hash of something).
The returned stream looks like this
{
// Who sent the response?
from: { id, host, port },
// What address they responded to (i.e. your address)
to: { host, port },
// List of peers announcing under this topic
peers: [ { publicKey, nodes: [{ host, port }, ...] } ]
}
To connect to the peers you should afterwards call connect
with those public keys.
If you pass any options they are forwarded to dht-rpc.
const stream = node.announce(topic, keyPair, [relayAddresses], [options])
Announce that you are listening on a key-pair to the DHT under a specific topic.
When announcing you'll send a signed proof to peers that you own the key-pair and wish to announce under the specific topic. Optionally you can provide up to 3 nodes, indicating which DHT nodes can relay messages to you - this speeds up connects later on for other users.
An announce does a parallel lookup so the stream returned looks like the lookup stream.
Creating a server using dht.createServer
automatically announces itself periodically on the key-pair it is listening on. When announcing the server under a specific topic, you can access the nodes it is close to using server.nodes
.
If you pass any options they are forwarded to dht-rpc.
await node.unannounce(topic, keyPair, [options])
Unannounce a key-pair.
If you pass any options they are forwarded to dht-rpc.
{ hash, closestNodes } = await node.immutablePut(value, [options])
Store an immutable value in the DHT. When successful, the hash of the value is returned.
If you pass any options they are forwarded to dht-rpc.
{ value, from } = await node.immutableGet(hash, [options])
Fetch an immutable value from the DHT. When successful, it returns the value corresponding to the hash.
If you pass any options they are forwarded to dht-rpc.
await { publicKey, closestNodes, seq, signature } = node.mutablePut(keyPair, value, [options])
Store a mutable value in the DHT.
If you pass any options they are forwarded to dht-rpc.
await { value, from, seq, signature } = node.mutableGet(publicKey, [options])
Fetch a mutable value from the DHT.
Options:
seq
- OPTIONAL, default 0
, a number which will only return values with corresponding seq
values that are greater than or equal to the supplied seq
option.latest
- OPTIONAL - default false
, a boolean indicating whether the query should try to find the highest seq before returning, or just the first verified value larger than options.seq
it sees.Any additional options you pass are forwarded to dht-rpc.
See dht-rpc for the additional APIs the DHT exposes.
You can start a DHT node in the command line, with the bundled cli tool:
npm install -g @hyperswarm/dht
hyperswarm-dht # runs a DHT node
hyperswarm-dht --bootstrap # runs a DHT node with bootstrap settings
hyperswarm-dht --nodes 5 # runs 5 nodes
MIT
FAQs
The DHT powering Hyperswarm
The npm package @hyperswarm/dht receives a total of 0 weekly downloads. As such, @hyperswarm/dht popularity was classified as not popular.
We found that @hyperswarm/dht demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.