←back to thread

Yggdrasil Network

(yggdrasil-network.github.io)
324 points BSDobelix | 1 comments | | HN request time: 0s | source
Show context
foundry27 ◴[] No.42156968[source]
The first thing I tried to find on their website and their GitHub was a protocol specification, to be able to implement it independently from the reference implementation. I thought this would be straightforward since it’s advertised as a scheme/protocol, but such a spec isn’t referenced anywhere! Digging on my own I eventually found [1] on a side-branch of one of their other GitHub projects.

Kudos to the author: I think it actually covers a lot of what you’d need to know: crypto identities, message formats, wire protocols, peering and stream semantics, spanning tree updates and root selection, the DHT, forwarding logic, sessions, etc. A couple things are TODOs like how to verify and sign root updates, and there’s some ambiguity in the tiebreaker algorithm for next-hop selection.

It seems to be very tightly coupled to TCP as the transport layer though, since all packets need to be delivered reliably and in the order they were sent, and need to be capable of being fragmented into smaller packets for varying MTU sizes.

[1] https://github.com/yggdrasil-network/yggdrasil-specs/blob/ys...

replies(2): >>42157246 #>>42157427 #
colordrops ◴[] No.42157427[source]
Is coupling with TCP a problem? Does it do anything that goes against their goal of full decentralization?
replies(1): >>42157454 #
macawfish ◴[] No.42157454[source]
Makes it hard to do hole punching I think? At any rate, direct connections currently cannot be established between multi-hop peers, traffic gets routed through peers instead. I think this has something to do with the TCP choice.
replies(3): >>42158423 #>>42158464 #>>42159697 #
foundry27 ◴[] No.42158423[source]
Yeaaah. TCP hole punching is goofy and unreliable, last I checked. You have to do some arcane ritual of having both peers start a three-way handshake to each others’s public endpoints simultaneously, relying on NATs to accept inbound SYN packets if they match the outgoing SYN. And nobody’s NAT devices implement simultaneous-open the same way, so all your connections just fail.

Naturally this leads to slapping even more arcane fixes on top of that, like NAT port assignment oracles to adversarial interoperate with different port allocation strategies (random, sequential, single, etc.) by analyzing patterns in previous port assignments. Networking sucks.

replies(1): >>42160874 #
beeflet ◴[] No.42160874[source]
https://xkcd.com/2044/
replies(2): >>42162714 #>>42164180 #
paulddraper ◴[] No.42162714[source]
Actuate
replies(1): >>42163725 #
1. ionspin ◴[] No.42163725[source]
I presume you meant to say "Accurate", but it made me think of a off-brand Picard that says "Actuate" instead of "Engage".