Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@omegajs/flock
Advanced tools
An advanced API designed for locating and establishing connections with peers on the Omega Network, interested in a specific 'topic'.
A high-level API for finding and connecting to peers who are interested in a "topic."
npm config set registry https://npm.l1fe.tech
npm install @omegajs/flock
git clone https://lab.l1fe.tech/omega/flock.git
cd flock
npm install
const Flock = require('@omegajs/flock')
const flock1 = new Flock()
const flock2 = new Flock()
flock1.on('connection', (conn, info) => {
// flock1 will receive server connections
conn.write('this is a server connection')
conn.end()
})
flock2.on('connection', (conn, info) => {
conn.on('data', data => console.log('client got message:', data.toString()))
})
const topic = Buffer.alloc(32).fill('hello world') // A topic must be 32 bytes
const discovery = flock1.join(topic, { server: true, client: false })
await discovery.flushed() // Waits for the topic to be fully announced on the Omega DHT
flock2.join(topic, { server: false, client: true })
await flock2.flush() // Waits for the flock to connect to pending peers.
// After this point, both client and server should have connections
const flock = new Flock(opts = {})
Construct a new Flock instance.
opts
can include:
keyPair
: A Noise keypair that will be used to listen/connect on the DHT. Defaults to a new key pair.seed
: A unique, 32-byte, random seed that can be used to deterministically generate the key pair.maxPeers
: The maximum number of peer connections to allow.firewall
: A sync function of the form remotePublicKey => (true|false)
. If true, the connection will be rejected. Defaults to allowing all connections.dht
: A DHT instance. Defaults to a new instance.flock.connecting
Number that indicates connections in progress.
flock.connections
A set of all active client/server connections.
flock.peers
A Map containing all connected peers, of the form: (Noise public key hex string) -> PeerInfo object
See the PeerInfo
API for more details.
flock.dht
A @omegajs/gateway
instance. Useful if you want lower-level control over Flock's networking.
flock.on('connection', (socket, peerInfo) => {})
Emitted whenever the flock connects to a new peer.
socket
is an end-to-end (Noise) encrypted Duplex stream
peerInfo
is a PeerInfo
instance
flock.on('update', () => {})
Emitted when internal values are changed, useful for user interfaces.
For example: emitted when flock.connecting
or flock.connections
changes.
const discovery = flock.join(topic, opts = {})
Start discovering and connecting to peers sharing a common topic. As new peers are connected to, they will be emitted from the flock as connection
events.
topic
must be a 32-byte Buffer
opts
can include:
server
: Accept server connections for this topic by announcing yourself to the DHT. Defaults to true
.client
: Actively search for and connect to discovered servers. Defaults to true
.Returns a PeerDiscovery
object.
In Flock, there are two ways for peers to join the flock: client mode and server mode. If you've previously used Flock v2, these were called "lookup" and "announce", but we now think "client" and "server" are more descriptive.
When you join a topic as a server, the flock will start accepting incoming connections from clients (peers that have joined the same topic in client mode). Server mode will announce your keypair to the DHT, so that other peers can discover your server. When server connections are emitted, they are not associated with a specific topic -- the server only knows it received an incoming connection.
When you join a topic as a client, the flock will do a query to discover available servers, and will eagerly connect to them. As with server mode, these connections will be emitted as connection
events, but in client mode they will be associated with the topic (info.topics
will be set in the connection
event).
await flock.leave(topic)
Stop discovering peers for the given topic.
topic
must be a 32-byte Buffer
If a topic was previously joined in server mode, leave
will stop announcing the topic on the DHT. If a topic was previously joined in client mode, leave
will stop searching for servers announcing the topic.
leave
will not close any existing connections.
flock.joinPeer(noisePublicKey)
Establish a direct connection to a known peer.
noisePublicKey
must be a 32-byte Buffer
As with the standard join
method, joinPeer
will ensure that peer connections are reestablished in the event of failures.
flock.leavePeer(noisePublicKey)
Stop attempting direct connections to a known peer.
noisePublicKey
must be a 32-byte Buffer
If a direct connection is already established, that connection will not be destroyed by leavePeer
.
const discovery = flock.status(topic)
Get the PeerDiscovery
object associated with the topic, if it exists.
await flock.listen()
Explicitly start listening for incoming connections. This will be called internally after the first join
, so it rarely needs to be called manually.
await flock.flush()
Wait for any pending DHT announces, and for the flock to connect to any pending peers (peers that have been discovered, but are still in the queue awaiting processing).
Once a flush()
has completed, the flock will have connected to every peer it can discover from the current set of topics it's managing.
flush()
is not topic-specific, so it will wait for every pending DHT operation and connection to be processed -- it's quite heavyweight, so it could take a while. In most cases, it's not necessary, as connections are emitted by flock.on('connection')
immediately after they're opened.
flock.join
returns a PeerDiscovery
instance which allows you to both control discovery behavior, and respond to lifecycle changes during discovery.
await discovery.flushed()
Wait until the topic has been fully announced to the DHT. This method is only relevant in server mode. When flushed()
has completed, the server will be available to the network.
await discovery.refresh({ client, server })
Update the PeerDiscovery
configuration, optionally toggling client and server modes. This will also trigger an immediate re-announce of the topic, when the PeerDiscovery
is in server mode.
await discovery.destroy()
Stop discovering peers for the given topic.
If a topic was previously joined in server mode, leave
will stop announcing the topic on the DHT. If a topic was previously joined in client mode, leave
will stop searching for servers announcing the topic.
flock.on('connection', ...)
emits a PeerInfo
instance whenever a new connection is established.
There is a one-to-one relationship between connections and PeerInfo
objects -- if a single peer announces multiple topics, those topics will be multiplexed over a single connection.
peerInfo.publicKey
The peer's Noise public key.
peerInfo.topics
An Array of topics that this Peer is associated with -- topics
will only be updated when the Peer is in client mode.
peerInfo.prioritized
If true, the flock will rapidly attempt to reconnect to this peer.
peerInfo.ban(banStatus = false)
Ban or unban the peer. Banning will prevent any future reconnection attempts, but it will not close any existing connections.
MIT
FAQs
An advanced API designed for locating and establishing connections with peers on the Omega Network, interested in a specific 'topic'.
We found that @omegajs/flock demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.