feat: optional TLS for P2P connections (#1420)#3907
Open
iho wants to merge 2 commits into
Open
Conversation
Encrypt peer traffic with rustls for privacy against passive observers. TLS is opt-in via p2p_config.tls_enabled (default false) so the existing plaintext network remains compatible. When enabled, peers use self-signed certificates (auto-generated under the node data dir if paths are not set) and clients intentionally skip certificate authentication — encryption for privacy only, matching the issue intent. Wire a plain/TLS Stream abstraction through handshake, codec, and conn I/O, and add an integration test for TLS peer handshake + ping/pong.
Advertise Capabilities::TLS when tls_enabled so peers can discover encrypted endpoints. Add tls_required to filter outbound attempts and peer-list requests to TLS-capable peers (seeds/preferred/allow still used for bootstrap).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements optional TLS for peer-to-peer connections (#1420).
p2p_config.tls_enabled(defaultfalse) so the existing plaintext network stays compatible{data_dir}/p2p_tls/when paths are not configuredtls_certificate_file/tls_certificate_keygrin-server.tomltemplatePeer discovery:
Capabilities::TLS+tls_requiredCapabilities::TLS(0b1_0000_0000), advertised whentls_enabled = truep2p_config.tls_required(defaultfalse): when set withtls_enabled, only attempt outbound connections to peers known to advertise TLS, and requestPEER_LIST | TLSin peer-list queriestls_requiredis onDesign notes
Streamabstraction wraps plainTcpStreamor a mutex-shared rustls session (needed because reader/writer threads cannottry_clonea TLS session the way they do TCP)How to enable
Testing
cargo test -p grin_p2p(includespeer_handshake_tls, capability /tls_requiredhelpers)cargo check -p grin_config -p grin_serverstls_enabled = trueconnecting on testnet/localConsensus / compatibility
tls_required = true, automatic outbound selection prefers the TLS peer mesh once capabilities are knownCloses #1420