What does HackerNews think of cjdns?
An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
Have a look at full mesh VPNs like:
https://github.com/cjdelisle/cjdns
https://github.com/yggdrasil-network/yggdrasil-go
https://github.com/gsliepen/tinc
https://github.com/costela/wesher
These build actual mesh networks where every node is equal and can serve as a router for other nodes to resolve difficult network topologies (where some nodes might not be connected to the internet, but do have connections to other nodes with an internet connection — I work with networks like that every day).
Sending data through multiple routers is also possible. They also deal with nodes disappearing and change routes accordingly.
tailscale (and similar solutions like netbird) still use a bunch of "proxy servers" for that. You can set them up on intermediate nodes, but that have to be dealt with manually (and you get two kinds of nodes). You also have to create routes for the node to be able to access the control server.
Pinecone[0][1], newer initiative made by former Yggdrasil[2] maker(s).
CJDNS[3].
AIUI CJDNS relies on intermediary high-uptime discoverable router nodes which is what is motivating Pinecone. POKT[4][5] to CJDNS seems like what Filecoin is to IPFS.
I'm yet to get around to doing the groundwork of grokking more established solutions like B.A.T.M.A.N.,how all these pieces relate to each other and what's already possible. In particular what's realistically achievable on top of webRTC.
If you want to go real radical, well, Urbit.
[0]: https://fosdem.org/2022/schedule/event/matrix_p2p_pinecone/
[1]: https://github.com/matrix-org/pinecone
[2]: https://yggdrasil-network.github.io/
[3]: https://github.com/cjdelisle/cjdns/
There is one:
from the maker of https://github.com/cjdelisle/cjdns
And there is https://sia.tech/ (Network too but mostly about storage)
> An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
https://pkt.cash/ exists "built to incentivize the growth of infrastructure," and "PKT Network is designed to decentralize internet access around the world by enabling anyone to become an ISP." [0]
A key component of the PKT Network is cjdns (https://github.com/cjdelisle/cjdns).
If you IP is a cryptographic identifier:
* It cannot be forged
* Anyone can generate a new one on-demand
* Every packet is authenticated, every packet can be encrypted
* TLS becomes redundant
However, the DNS part remains a hard one. How to securely link to websites you have never seen? Pet names seem like a way to do so. Asking users to type IP addresses isn't really an answer, I think, but I don't know if there's a lot of "basic" users who type URLs in nowadays, they all seem to rely on google providing the right website anyway, or the web browser itself.
It's not like DNS is also our single source of trust nowadays, but at least certificate providers are competent enough to make sure names are resolved correctly.
One option would be to make signed DNS records over a DHT: the root authority "." signs "com", "net", etc, that sign "ycombinator", etc. Publish to DHT, hash-indexed.
Of course, point-to-point connections have their weaknesses as well, it might be interesting to migrate to something like beaker browser (html on top of hypercore, formerly DAT, kind of like mutable torrents in a DHT). At the end of the day, the core issue is: migrating users is difficult if the benefits are not immediately obvious.
And yes, massively adopting anything else would litterally "kill the old web", in the protocol sense. In the community or content sense? Not so sure.
https://yggdrasil-network.github.io/
https://github.com/cjdelisle/cjdns
cjdns was one of the early adopters of NaCl
- [0] https://github.com/cjdelisle/cjdns/
- [1] https://scuttlebutt.nz/
Also you may be interested in the SAFE network [2], it's not live yet but been in the works for some time and is getting close, more detail at [3].
0. https://yggdrasil-network.github.io/