* First sweep packages + some minor tweaking
* Second sweep
* Regenerate lockfile + package.json mods
* Regenerate lockfile again
* Fix CI
* Fix CI again
* All building properly
* unblock
* Tweak examples
* Comments + readme + fix rotten unit test
request_ports_check_testrun skipped the lock_testrun_assignment() guard and
has_enough_ticketbooks() pre-check that request_testrun performs, so two
concurrent ports-check requests could race on ticket materials and a depleted
cache left the run InProgress until stale-refresh. Mirror the probe path.
Switch from runtime sqlx::query_scalar to the checked query_scalar! macro
(consistent with the rest of the file), returning i64 instead of an always-Some
Option and dropping the unwrap_or_default() at the call site. Regenerates the
.sqlx cache, adding the new query and pruning accumulated orphans.
The 20260415 migration cast last_probe_result::jsonb guarded only by a
btrim non-empty check, so any row with non-JSON text aborted the whole
migration. Add the same last_probe_result ~ '^[\[{]' guard the follow-up
20260519133000 migration uses, directly to both UPDATEs here.
* add additional information upon stress testing data submission failure
* split stress testing result submission into batches of maximum size
* enable 'float_roundtrip' serde_json feature to ensure consistent float serialisation
* fixed race condition in mixnet listener creation notification
* reduced log severity for retrieving self-described node information
* chore: bump up version number
add no-log to anywhere
add support for not registered nodes
...
address comments
remove unregistered nodes
testing port checks
add support for not registered nodes
...
address comments
test port check in probe results
migration update
probe arg fix
bump NS versions
cleanup and remove unannounced node option
bugsfixes
Remove in-prove
remove in-probe test, it isn't needed.
add multiple target host options
cleanup
change default target, and use batch only for portquiz
Revert "change default target, and use batch only for portquiz"
This reverts commit 8b38969964e7808b9c4e50a920ee5bc51438c7bf.
ded line
bugfixes
batch fix
batch limits
force ipv4
* release notes
* add operators info
* node version stubs
* bump scraped stats and add a thehosting warning url
* add new explorer feat point
* fix header character to fix linkchecker error
* fix header character to fix linkchecker error
* fix header character to fix linkchecker error
* syntax fix
* bump up node version
* ignore pnpm - in the right branch tihs time
---------
Co-authored-by: mfahampshire <maxhampshire@pm.me>
* switch from yarn to pnpm
* Remove full-nym-wasm (#6796)
* Remove nym-browser-extension (#6798)
* Remove nym-browser-extension
* remove unused from makefile
* Remove Node tester (#6800)
* Remove dom-utils (#6801)
* gh-actions: remove pnpm version
* nuke dist and pkg
* add missing dependency
* set node version to 24 and pnpm version to 11
* upgrade lock file from pnpm version 9 to 11
* pnpm add approved builds
* yarn -> pnpm
* upgrade jest version
* yarn -> pnpm
* Remove unused cfg; clippy!
* pnpm: when dev mode is on, unfreeze the lock file
* pnpm approve more scripts
* pnpm syntax error
* add `pnpm i`
* disable eslint temporarily while switching to biome in later PR
---------
Co-authored-by: Mark Sinclair <mmsinclair@users.noreply.github.com>
Co-authored-by: mfahampshire <maxhampshire@pm.me>
* added unit tests for MemoryEcachTicketbookManager
* bugfix: propagate socks5 proxy errors instead of panicking
* introduce guard against providing too short verification keyduring signature validation
* add checked overflow checks for icmp packet construction
* fix kcp loggin
* forbid construction of illegal sphninx fragments
* fix division by zero in packet statistics calculations
* experiment: add openspec details for node families contract
* add openspec for the ecash contract
* fix(ecash): correct latest_deposit off-by-one
DepositStorage::latest_deposit() returned the counter value, but the
counter holds the *next* free id (after next_id() saves counter+1). The
GetLatestDeposit handler then tried try_load_by_id(counter), which
always returned None — meaning the query yielded { deposit: None }
both on a fresh contract and after every successful deposit.
Fix: return counter.checked_sub(1) so latest_deposit() yields the most
recently assigned id (or None on a fresh contract). The
getting_latest_deposit unit test is updated to assert Some(0) and
Some(1) after one and two next_id() calls respectively.
No downstream consumer was relying on the buggy semantics
(validator-client exposes the query as a passthrough trait method that
nothing currently calls).
* experiment: add openspec details for ecash contract
Reverse-engineered openspec change `ecash-contract-spec` documenting
the existing CosmWasm contract at `contracts/ecash/`. Mirrors the
node-families workflow: docs-only deliverable, no migration, no
dependency changes. Archived as
openspec/changes/archive/2026-05-21-ecash-contract-spec/ and promoted
to openspec/specs/ecash-contract/spec.md as the canonical reference.
The spec captures 25 normative requirements with 64 scenarios covering
instantiation, migration, deposit submission (default + reduced tier),
RequestRedemption + redemption-proposal reply, legacy RedeemTickets
(dead code retained), stubbed blacklist surface, the ticketbook-size
invariant tripwire, the full query surface, and the public storage /
event / error surface.
Key documented points the source-of-truth phrasing pins down:
- The contract stores claimed ed25519 pubkeys opaquely; ownership is
enforced off-chain by nym-api signers via `validate_deposit`.
- Per-signer-local de-duplication via `state.already_issued`; no
on-chain "issued" state.
- Raw 32-byte deposit storage under the `"deposit"` namespace; deposit
ids are sequential `u32` starting at 0.
- Statistics invariant: default_count + sum(custom_count) = total.
- `cw_controllers::Admin` is used as a generic address-equality helper
for the `multisig` slot (the wrapper's full admin semantics are not
exercised on that slot).
- `RedeemTickets` is dead code retained on the public surface; flagged
as a candidate for removal.
Stubbed-blacklist final disposition is the only Open Question left for
the redesign change owner.
* docs(ecash): add rustdoc derived from archived ecash-contract spec
Drop short doc-comments on the ecash contract surface — handlers,
storage slots, message variants, error variants, event constants,
shared types — derived from the canonical spec at
openspec/specs/ecash-contract/spec.md (archived 2026-05-21).
Coverage:
- contracts/ecash/src/*.rs: crate-root summary, both DepositStorage
and DepositStatsStorage with their invariants called out, every
#[sv::msg(...)] handler in contract/mod.rs, reply id constants,
Config + invariants snapshot, migration entry point.
- common/cosmwasm-smart-contracts/ecash-contract/src/*.rs: every
ExecuteMsg / QueryMsg variant, every reachable EcashContractError
variant (with unreachable-but-preserved variants flagged), every
event constant, every response type, Deposit + DepositId.
Explicitly out of scope (separate concerns):
- Removing event_attributes::BANDWIDTH_PROPOSAL_ID (dead constant,
documented as such for now).
- Removing ExecuteMsg::RedeemTickets (dead handler, documented as such;
removal is a breaking-schema change).
- contracts/ecash/Cargo.toml version bump (docs-only).
No behaviour change; all 38 contract tests pass and cargo doc emits
no warnings on the touched crates.
* Squashing the mix stress testing branch (#6575)
reduced chain watcher per block log severity
update network monitors contract semver to 1.0.0
fix build issues
fix mixnet client dropping initial packet on egress reconnection
adjusted logs for network monitor agent
changed default testing interval to 2h
refresh NM contract information
explicit return type for batch submission
for mixnet listener task to get scheduled before beginning connectivity test
make sure to always use canonical ip for network monitor noise keys
feat: NMv3: make agents decide egress port (#6746)
add config v12->v13 config migration for nym nodes
fix formatting in wallet types
simplified client config creation
remove other swagger redirect
removed swagger redirect on /swagger/ route
log version info on startup
add workflows, contract address, and dockerfile
bugfix: use correct endpoints when setting up orchestrator (#6733)
clippy
adjust DEFAULT_MIN_STRESS_TESTED_NODES ratio
expose route with new performance metrics
fixes and additional docs
use stress testing scores
stub for usage of stress testing scores
stub traits
added new fields to nym-api config controlling usage of stress test data
guard against duplicate packets
prevent usage of chain_authorisation_check_max_attempts with value of 0
make sure duplicate results cant be inserted into the db
submit test results from orchestrator on an interval
docs and fixes
nym-api side of handling result submission
stubs for submitting results
NM orchestrator verifying nym-api result submission permissions
NM orchestrator to update announced key on startup
allow NM orchestrator to announce its identity key to the contract
stubs within nym-api for accepting NMv3 results
added additional metrics
docs
bugfixes + making sure to only assign mixnode testruns
fixed node refresher to only retrieve mixnodes and add additional metrics
topology metrics
defined basic prometheus metrics
authorised endpoint for returning prometheus data
create initial stub for prometheus metrics
post rebasing fixes
adjusted routes
missing implementation for storage getters
a lot of new stubs and db accessors
stubs for results endpoints
update utoipa tags for agent rountes
shared auth between metrics and results
moved stale results eviction into the interval.tick branch
refactor and comments
create background process to evict stale data
include sphinx packet delay as part of the stats
fix mock construction
add median to the calculated latency distribution
remove unused imports
cleanup
performing testrun and submitting the results
assigning testruns to requesting agents
basic stub for http server for the NMv3 orchestrator
chore: rename existing 'NetworkMonitorAgent' to 'NodeStressTester'
make sure to use canonical ips within the noise config
fixed contract tests
cargo fmt
additional comments and unit tests
contract and nym-node support of NM agents being run on the same host
basic unit tests
refactoring
make agents retrieve mix port assignment from the orchestrator
provide sensible defaults to CLI arguments
stub the initial structure for the agent
chore: remove redundant import
missed tick behaviour
removed redundant mutex
removed redundant try_get_client
reuse existing constant for default nymnode port
add node refresher for periodic scraping of bonded nym-node details
- NodeRefresher periodically queries the mixnet contract for all bonded
nodes and probes each node's HTTP API for host information, sphinx keys,
noise keys, and key rotation IDs
- Extract NymNodeApiClientRetriever into nym-node-requests with port
probing, identity verification, and host information signature checking
- Add clone_query_client on NyxdClient so the refresher can hold its own
query client without locking the signing client
- Batch upsert for nym_node rows (single transaction instead of per-row)
- Reuse the new helpers in nym-api's node_describe_cache
ensure assignment of testrun begins an IMMEDIATE tx
construction of the orchestrator struct
initial set of cli args
make sure to not assign testable nodes too often
very initial database structure and cli
fixed construction of RoutableNetworkMonitors
remove redundant constructor for NoiseNode
forbid 0-nonsense config values
add type safety for test route construction
moved lioness and arrayref to workspace deps
fixed dockerfile build
always use canonical addresses in RoutableNetworkMonitors
fixed old contract formatting issues
removed redundant into() call
network monitor agent fixes
additional logs
config unit tests
more docs
standalone stress testing invocation
further refactoring and changes
refactor testing loop and return valid test result upon completion
initial sending/receiving test loop
generating reusable sphinx headers
additional structure for receiving ingress packets
initial scaffolding for NMv3 agent
added validation of x25519 noise key
removed unstable call to 'is_multiple_of'
remove calls to from_octets as they're unavailable in pre 1.91
additional docs/comments
propagating noise information about NM for mixnet routing
pass full socket address of the agent into the contract storage
feat: store noise keys alongside ip addresses within the contract
removed redundant comment
ensure NM packets can only go to NM
PR review comments
added additional docs
allow NM to replay packets + fix replay prometheus metrics
propagate information about nm agent to connection handler
updated nym-node config migration
feat: introduced nym-node websocket subscription for keeping updated list of NM agents
allow admin to also revoke monitor agents
remove agents upon orchestrator removal
fixed schema generation and regenerated the contract schema
removed rustc restriction on contracts-common
added client methods for interacting with the contract
added unit tests for contract methods
implemented logic of the network monitors contract
create initial structure for network monitors contract
start mix stress testing topic branch
* make nym-node default to the new blockstream rpc/ws node cluster
* reduced mixnet-client log severity
* set network monitors contract address for mainnet
On Windows, the database can become corrupted if the client is killed
while it is running. This is fixed by ensuring the database file is
properly closed.
VerificationKeyAuth::to_bytes() and SecretKeyAuth::to_bytes() used
usize::to_le_bytes() to serialize vector lengths, producing 4 bytes on
32-bit and 8 bytes on 64-bit. Since from_bytes() always reads 8 bytes
(u64), this caused ZK proof challenge hash mismatches when a 32-bit
client's proof was verified by a 64-bit gateway, resulting in
"the provided ticket failed to get verified" on all 32-bit platforms.
* start node families topic branch
* start node families topic branch
* initialise node families contract
* define contract storage
* registering new family in storage
* accepting family invitation
* add_pending_invitation
* revoke_pending_invitation
* remove_family_member
* reject_pending_invitation
* disband_family
* added unit tests for the storage methods
* added restriction on uniquness of family names
* update rustc version for node families contract common
* clippy
* basic queries by id
* query_families_paged
* change family membership storage and expose query for all members of a family
* queries for pending invitations
* queries for past invitations
* queries for past data per node
* queries for past family members
* query_past_members_for_node_paged
* queries for family by name and by owner
* fixup family name normalisation
* fixed incorrect lower bound for queries for past data
* implement contract and storage initialisation
* stubbing tx messages that are to be exposed by the contract
* handler for updating config
* removed partial fee return
* wip: create family
* move mixnet contract interaction traits to shared location
* store original family name alongside the normalised variant
* prevent family creation if owner has a node in another family
* try_disband_family
* try_invite_to_family + shared helpers
* try_revoke_family_invitation
* accept_family_invitation
* stub method for node unbonding
* try_reject_family_invitation
* unit tests for family name normalisation
* try_leave_family
* try_kick_from_family
* fix outdated comments and add paid fee event attribute
* feat: NMv3: leave family upon node unbonding
* NF contract handling of unbonding
* lints
* init node families contract when creating performance contract tester
* clippy
* avoid self-dep in the contract dev deps
* introduced client traits for interacting with the node families contract
* add node families contract to cache refresher
* added query for all node family members (globally) and started scaffolding nym-api caches
* docs and cache -> api conversion
* calculating average node age based on individual timestamps
* wire up node families cache
* http stubs
* filled in the implementation
* route tests + extracting shared code
* review fixes
* feat: expose family information for all dvpn gateway endpoints within NS API
* expose family information for explorer v3 route
* clippy
* review comments and optimise db family update
* feat: Node Families: expose stake information inside DVpnGateway
* chore: update lock files after rebase
* chore: sort workspace members
* explicitly require providing node families contract address for mixnet contract migration
* fix missing node families contract address env export
* dont swallow cache overwrite failures in fixture
* pin network-defaults rustc version due to contracts dep
* further version pinning
* chore: update mixnet contract schema
* version fix
* try to publish core crates first
* bump version ci
* fix to yaml
* Slight modifications to ordering, remove core-crates and rely on ordering as test + sed tweak
* crates release: bump version to 1.21.0 (#6744)
Co-authored-by: Nym bot <nym-bot@users.noreply.github.com>
Co-authored-by: mfahampshire <maxhampshire@pm.me>
* Remove unnecessary verification step becase of dryrun (doubled)
* Revert some changes to develop
* Add preflight to its own workflow
* Clippy
* Update crate publishing file
* Clippy
---------
Co-authored-by: benedettadavico <benedettadavico@users.noreply.github.com>
Co-authored-by: mfahampshire <maxhampshire@pm.me>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Nym bot <nym-bot@users.noreply.github.com>
- Fix CI yarn lint after ESLint 9 switched to flat config by default while the repo still uses legacy .eslintrc / eslintConfig. Add Yarn resolutions for eslint@8.57.1 and a single @typescript-eslint@5.62.0 line so parser and typescript-estree stay in sync
- Fix CI yarn lint after ESLint 9 switched to flat config by default while the repo still uses legacy .eslintrc / eslintConfig. Add Yarn resolutions for eslint@8.57.1 and a single @typescript-eslint@5.62.0 line so parser and typescript-estree stay in sync
* network-tunnel-manager: make SSH port configurable
* Rename SSH_PORT to HOST_SSH_PORT.
* setup: plumb HOST_SSH_PORT through env and CLI
* setup-env-vars: persist HOST_SSH_PORT in env.sh
---------
Co-authored-by: p17o <p17o>
* Handle separate IPv4 and IPv6 uplink interfaces in network-tunnel-manager
* check_forward_chain() now checks IPv6 and is less brittle overall; missing IPv6 uplink detection now degrades to a loud warning plus partial IPv4-only setup rather than hard-failing early
* fix typos; fix UDP port 4443 being configured but not tested
---------
Co-authored-by: p17o <p17o>
Dependabot bumped eslint to ^9 across the lint-scoped TS packages but did
not migrate the legacy .eslintrc.* configs, breaking CI lint on develop.
Behavior preserved: yarn lint passes locally with the same effective rule
coverage as the pre-bump setup. Pre-existing warnings in nym-wallet and
mui-theme are unchanged. Orphan .eslintrc files in sdk/typescript outside
the lerna lint scope are left untouched.
The 1800s minimum TTL defeated CDN failover mechanisms (e.g. Fastly
publishes 30–60s A-record TTLs specifically to signal when edge nodes
are removed). Dead IPs were cached for up to 30 minutes with no
way for the client to recover without a restart.
- Drop DEFAULT_POSITIVE_LOOKUP_CACHE_TTL from 1800s to 60s so that
CDN-signalled failovers take effect within a minute
- Shuffle resolved IPs on each lookup so retries cycle through all
available edge nodes rather than hitting the same dead address
- Add invalidate_preresolve_entry / invalidate_preresolve_for API
for callers that want targeted per-host cache eviction on hard
connection failures
- Tauri was injecting nonces/hashes into style-src, which disables
'unsafe-inline' and blocked Emotion/MUI runtime <style> tags.
- Grant core:window:allow-maximize so frontend maximize() passes ACL.
- Add node-status and explorer helpers plus chart mappers; Jest coverage
- NodeOperatorInsights on BondedNymNode; optional API moniker/location
- Shared MUI Emotion cache (speedy: false) and CacheProvider wiring
- SendInputModal: amount/recipient validation timing; memoized fee check
- AuthLayout refresh; NodeTable overflow-x; Bonding error title typo fix
This rolls together desktop wallet hardening, UX polish, and operational fixes we have been carrying in the branch. The goal is safer defaults, less noisy background behaviour.
Security
- Tighten the Tauri CSP for production and keep connect-src aligned with real needs.
- Add a safe URL opener path (allowlisted schemes / validation) so user-influenced links do not become an open redirect surface.
- Replace unwrap usage in mixnet account flows with proper errors and propagation.
- Add an internal threat-model note so future changes keep the same assumptions explicit.
Clipboard and desktop
- Add a window-level Tauri clipboard hook for normal inputs, with clear exclusions for
currency fields, auth-sensitive paste, and opt-in replace-paste fields.
- Wire an Edit menu (cut, copy, paste, select all) where it helps, and keep behaviour
consistent with the hook.
- Deduplicate clipboard field props and satisfy ESLint on optional paste handlers.
Updater and vesting operations
- Treat legacy static updater JSON (missing per-platform signatures) as a soft failure with a clear warning, instead of erroring the version check IPC
- Cut vesting polling spam when the chain has no vesting account for the address, and map vesting "no account" to a dedicated BackendError for stable handling on the client.
- Move high-frequency vesting query logs to debug and keep removed-query stubs at warn.
Icons and first-run chrome
- Regenerate macOS/Windows icon assets from a padded 1024 master so dock and switcher visual weight matches other apps; add a small script to regenerate from app-icon-source.png.
- Default the app to dark mode, paint the HTML shell and webview background in the same dark base colour
Housekeeping
- Mock app context defaults to dark for consistency with the new baseline.
Validation run locally where relevant: Rust check, TypeScript check, ESLint, and icon
regeneration script smoke run.
- Remove storybook and old webdriver tests too
* Add mixtcp crate
Components:
- NymIprDevice: smoltcp::phy::Device impl using channel-based I/O
- NymIprBridge: async task bridging the device to IpMixStream
- create_device(): helper to set up the complete stack
* - Cleanup
- Add graceful shutdown
- Declutter logging - move a lot of bridge info! -> trace!
- Move rustls, nym-bin-common, bytes to dev-dependencies
- Extract TlsOverTcp to mod.rs
- Make timing more granular
- Update readme
* Add UDP example
* Add UDP example to readme
* rename mixtcp -> smolmix
* Add Tunnel API with TcpStream and UdpSocket over tokio-smoltcp
* Re-export Tunnel API and add init_logging convenience function
* Remove raw smoltcp path, flatten tunnel module
* Clean up bridge, device, and tunnel code
* Consolidate architecture docs, tidy examples and README
- Add src/ARCHITECTURE.md as single source of truth for architecture
- Include in docs.rs via doc = include_str!
- Strip duplicated diagrams from tunnel.rs, device.rs, README
- Extract tls_connector() helper in HTTPS example to match websocket example
- Use consistent 'smolmix' casing in README
* Update smolmix imports for ipr_wrapper API
- stream_wrapper::{IpMixStream, NetworkEnvironment} → ipr_wrapper::
- connect_tunnel() → check_connected()
- disconnect_stream() → disconnect()
- allocated_ips() returns &IpPair directly (no Option)
* Add Tunnel::new_with_ipr, re-export IpPair/Recipient, tidy examples
- Add Tunnel::new_with_ipr() for targeting a specific exit node
- Re-export IpPair and Recipient so users don't need direct deps
- Add DNS leak warning to WebSocket example
- Await hyper connection task in HTTPS example
* Restructure smolmix into multi-crate workspace
- Move core tunnel code to smolmix/core/- Rewrite examples for each crate with clearnet/mixnet comparisons
* Add workspace README with architecture overview
* Update nym-sdk README module descriptions
- Replace stale stream_wrapper description with ipr_wrapper + mixnet::stream
- Remove TODO comment
* Remove companion crates, scope to smolmix-core
* Comment out additional components on -core branch README.md
* Cargo.lock fix for compilation issue
* Downgrade accidentally bumped dependencies in Cargo lock + change
smolmix dependencies to import from workspace
* Fix workspace deps + move nym-bin-common to dev-deps
* PR review changes + fix Sink delegation
* Fix borked merge + update README.md
* Fix up stale docs + rewrite examples to use proper imports and timing
logs
* Update readmes + architecture file
* Impl Drop for BridgeShutdownHandle + update comment
* Improve SDK rustdoc and add ARCHITECTURE.md files
- Rewrite lib.rs module docs with quick-start example and module overview
- Add stream example and include_str! ARCHITECTURE.md to mixnet module
- Add ARCHITECTURE.md for mixnet, client_pool, and stream modules
- Add rustdoc to MixnetClientBuilder, MixnetClientSender, MixnetMessageSender
- Add cancel safety and drop behavior annotations to async methods
- Add TcpProxy deprecation notice pointing to stream module
* Fix rustdoc errors and add stepwise comments to remaining examples
Rustdoc fixes:
- Add missing .unwrap() on connect_new example
- Replace broken turbofish intra-doc link in MixnetClientBuilder
- Fix NymProxyServer::new args in tcp_proxy example
- Wrap BandwidthImporter example in scoped block to fix borrow-then-move
- Change misleading "5-hop routing" to "multi-hop routing"
- Fix copy-paste "forget me" in send_remember_me error message
- Fix wrong cargo run command in stream_simple_read_write
- Fix DecayWrapper description
* Cut down doc comment length
* Trimmed down SDK ARCHITECTURE files
* Slim Rust SDK docs and rename opener to dialer
- Merge tour page into SDK landing page, delete tour.mdx
- Trim all three tutorials: cut boilerplate, duplicated code, and misplaced content
- Make FFI page evergreen with Go and C++ snippets, link to repo examples
- Rename "opener" to "dialer" in stream docs, source ARCHITECTURE.md, and rustdoc
- Add reply-to-open arrow in stream mermaid diagram
- Replace remaining Unicode dashes in mermaid flowchart
* - elevate streams in rustdoc: examples on lib.rs, MixnetClient, open_stream, listener
- add stream quick reference to mixnet ARCHITECTURE.md
- add stream types to key types list in ARCHITECTURE.md
- add docs.rs links for AsyncRead/AsyncWrite and stream submodule
- tcp_proxy: replace bold deprecation with warning box
* - replace individual example doc pages with GitHub-linked tables
- add step-by-step inline comments to all SDK example source files
- add doc comments to examples missing them (simple, surb_reply, builder, etc.)
- expand mixnet tutorial with persistent identity and split_sender sections
- add tcpproxy tutorial
- rename "API Reference" to "TypeDoc Reference" in TS SDK sidebar
- rename "Misc" to "Extras" in developer sidebar, move VPN CLI up
- remove echo server from tools
- update message-queue callout to reference actual modules
- fix mixnet/examples redirect collision
* Add missing mut to example code
* Update ARCHITECTURE.md with LP Framing + stream examples with sequencing
* Update doc comment in utils.rs
* Standardise commenting style across Rust SDK examples
* Fix inline doc examples and trim re-export boilerplate
* Update sdk/rust/nym-sdk/examples/bandwidth.rs
Co-authored-by: Simon Wicky <simon@nymtech.net>
* Fix review comments
---------
Co-authored-by: Simon Wicky <simon@nymtech.net>
* Diatixisify!
* First pass at Typedoc generation for TS SDK
* Remove overview pages
* Fix typos and remove codebase references from docs
Fix typos across network and developer docs: Quorum, available,
cryptosystem, transaction, proportional, Standalone. Remove TODO
placeholder from dVPN protocol page. Strip GitHub source links
from network docs to decouple documentation from repo structure.
* Expand thin landing pages across network and developer docs
- Add intro content to network overview, infrastructure, and reference landing pages
- Expand developer index with "where to start" guide
- Add usage instructions and explanations to all five TS playground pages
- Expand WebSocket client page with setup and message format examples
* Restructure Rust SDK developer docs
- Delete redundant mixnet example, message-helpers, and message-types subpages
- Delete client-pool architecture and example subpages (content folded into landing)
- Delete tcpproxy troubleshooting (folded into landing page)
- Add deprecation notices to TcpProxy pages, pointing to Stream module
- Add stream module docs: landing page, architecture, tutorial, and 4 example pages
- Add mixnet and client-pool tutorials
- Add SDK tour page
- Update navigation and landing pages with docs.rs links
* Restructure TS SDK developer docs
- Merge overview, installation, and getting started into TS SDK landing page
- Fold FAQ content into bundling/troubleshooting section
- Delete redundant overview, installation, start, and FAQ pages
- Update internal links in browsers.mdx and native.mdx
- Update navigation and example page imports
* Flatten and expand APIs section
- Collapse nested API subpages into single pages with inline Redoc embeds
- Rewrite introduction as landing page with decision table
- Add endpoint categories, quick curl examples to each API page
- Mark Explorer API as deprecated
- Move NS API deployment guide to operators/performance-and-testing
- Fix dangling /apis/nym-api/mainnet link in network-components
- Remove sandbox endpoints from all API pages
* Add redirects for moved and deleted pages
- Add 25 redirects covering TS SDK, Rust SDK, APIs, and network sections
- Fix dangling /developers/typescript/start link in operators changelog
* Replace individual example doc pages with GitHub-linked tables, expand tutorials
- replace individual example doc pages with GitHub-linked tables
- expand mixnet tutorial with persistent identity and split_sender sections
- add tcpproxy tutorial
- rename "API Reference" to "TypeDoc Reference" in TS SDK sidebar
- rename "Misc" to "Extras" in developer sidebar, move VPN CLI up
- remove echo server from tools
- update message-queue callout to reference actual modules
- fix mixnet/examples redirect collision
* Add SEO frontmatter, validate encryption standards, clean up URLs
- add title/description/schemaType/section/lastUpdated frontmatter to 48
pages across developers, network, and APIs sections
- remove network/.archive/ directory (compare against develop instead)
- update nymtech.net → nym.com for website/blog links (keep infra URLs)
- add native proxy "in progress" callout for Rust/C/Go
* API-scraper update (#6598)
* read nodes and locations
* update python-prebuild.sh
* Address PR #6494 review feedback
- Use "mode" consistently instead of "role" on nym-nodes page
- Replace "staking" with "bonding" for NYM token collateral
- Wire up auto-scraped node counts via TimeNow + nodes-count.json
- Fix broken licensing images: download CC icons locally, replace inline HTML
- Fix 9 stale redirects pointing through deleted /network/architecture path
* Fix linkcheck errors
- Fix stale cross-links: /network/concepts/ → /network/mixnet-mode/
- Replace README.md references with globals.md in TypeDoc output
- Add entryFileName: globals to typedoc.json configs to prevent recurrence
* Fix remaining stale /network/architecture links
- zk-nym-overview: architecture/nyx#nym-api → /network/infrastructure/nyx#nym-api
- setup: network/architecture → /network/overview
* Remove accidentally re-included architecture.md file from rebase
* Standardize tutorials, document examples, add llms.txt, apply tone fixes
- Expand Rust SDK tutorials with step-by-step structure; document all SDK examples across mixnet, client-pool, and tcpproxy pages
- Add llms.txt generation script, wire into build and CI workflows
- Apply tone/style fixes: deduplicate callouts, vary sentence structure, standardize voice consistency across changed pages
* Consolidate redundant network overview docs
* Trim dev docs: git-first imports, stream notice, collapse TcpProxy
* Update tutorial
* Refresh auto-generated API and command outputs
* Update network section docs
* Update developer and API docs: reusable components, stream protocol, conventions, tutorial fixes
* Fix Rust SDK tutorial bugs: setup_env, port conflicts, logging,
open_stream race condition
* Update stream.mdx
* Remove docs.rs link from Stream overview for the moment
* add llms.txt and llms-full.txt note to readme
---------
Co-authored-by: import this <97586125+serinko@users.noreply.github.com>
* WIP
* NS agent calls probe as lib
* Clippy: ns agent
* Fix submit_v2 on API
* Adjust dockerfile, deployment details for the new flow
* Bump package versions
* PR feedback
* Fix CI
* Final version
* Replace MixnetStream with LP framing
- Replace custom header with LpFrameHeader
- Added sequence number for message ordering
* IPR: support LP Stream-framed client connections
- Detect and route LP Stream frames in mixnet_listener
- Wrap inline responses in LP Stream frames
- Thread stream_id to ConnectedClientHandler for TUN responses
* sdk: add ipr_wrapper module with IpMixStream
- IpMixStream wraps MixnetStream for IPR tunnel over mixnet
- LP Stream framing handled automatically by MixnetStream
- Gateway discovery, connect handshake, IP packet send/receive
* sdk: remove superseded stream_wrapper module
* Trim obvious comments, add architecture.md stub
* sdk: add missing deps and fix warnings
* Cut down architecture diagram until finished with rest of the code, leaving stubs
* sdk: refactor IpMixStream, extract shared helpers
- Extract gateway discovery and connect response parsing
- Add recv() to MixnetStream, remove 64KB read buffer
- Simplify IpMixStream constructor
* Fix SphinxStream renames missed during rebase
* Add IpPacketResponse::from_bytes() for stream-based deserialization
* Clean up ip_packet_client: delete stale connect.rs, take raw bytes not ReconstructedMessage
* Clippy
* Delete unused ip_packet_client modules
- Remove helpers.rs (ICMP utilities moved to example)
- Remove error.rs (errors consolidated into sdk/error.rs)
- Remove README.md
- Update module root to only export discovery + listener
* Simplify listener, IpMixStream, and network_env
- Collapse IprListener struct into standalone handle_ipr_response()
- Move check_ipr_message_version() into listener.rs
- Remove IpMixStream test module (moved to example)
- Remove parse_network() and commented-out Sandbox arms
- Return Result from find_workspace_root() instead of panicking
- Add IprTunnelDisconnected and WorkspaceRootNotFound error variants
* Refactor IPR stream handling and document seq conventions
- Inline stream_id tracking (remove current_stream_id field)
- Re-export encode_stream_frame from clients module
- Document seq=0 reservation for inline control responses
- Document data-path counter starting at 1 with skip-on-wrap
* Add ipr_tunnel example for integration testing
- ICMP ping through IPR with --gateway flag for targeting specific exits
- Move pnet_packet from dependencies to dev-dependencies
* Add message reordering to stream router
- Buffer out-of-order messages per-stream using BTreeMap
- Drain contiguous sequences individually to preserve message boundaries
- Drop duplicate/old sequence numbers with a warning
- Remove dead_code allow on StreamFrame::sequence_num
* Clean up comments and fill architecture.md
- Remove separator line comments
- Update stale comments about ordering not being implemented
- Remove collapsible_if allows, use let-else instead
- Fill in architecture.md data flow and connection lifecycle
* Simplify ipr_tunnel example to minimal smoke test
- Single ping instead of multi-ping loop
- Remove identifier and PING_COUNT
- Collapse ICMP helpers into single build_icmp_ping function
* Add dual-stack IPv6 ping and rename gateway → ipr
- Rename --gateway flag to --ipr and new_with_gateway() to new_with_ipr()
- Add ICMPv6 ping to ipr_tunnel example for dual-stack smoke test
- Tighten echo reply validation (protocol field check, diagnostic output)
- Document IP allocation (subnets, static vs dynamic, client keying) in architecture.md
- Promote LP Stream Open handshake log to INFO
* Tweak subnet comment in docs
* Don't stop IPR listener on decode failure
- Change break to continue so garbage packets can't kill the listener
- Remaining valid packets in the bundle are still processed
* Fix license headers and use workspace dep for pnet_packet
- Switch GPL-3.0 to Apache-2.0 on all SDK library files
- Add missing license headers to 7 files
- Use workspace version for pnet_packet dependency
* Document IP pool isolation from WG/LP dVPN pool
- IPR uses 10.0.0.0/16 on nymtun, WG uses 10.1.0.0/16 on nymwg
- Reference constants.rs as source of truth
* Remove network_env.rs and simplify IpMixStream API
- Default to mainnet via setup_env(None) instead of requiring env param
- Remove NetworkEnvironment enum and workspace root detection
- Remove WorkspaceRootNotFound error variant
- Update ipr_tunnel example to match new signatures
* Use weighted random selection for IPR gateway discovery
- Replace max_by_key with choose_weighted biased by performance score
- Prevents all clients converging on a single highest-performing IPR
* Cap stream reorder buffer to prevent unbounded memory growth
- Add MAX_REORDER_BUFFER (256) to limit per-stream pending messages:
- buffer overflows = skip ahead to lowest buffered seq and drain
- protects against malicious senders that deliberately skip sequence numbers
* Extract shared IPR response helpers into nym-ip-packet-requests
- Add response_helpers module with version check, connect response
parsing, and control response dispatch
- SDK ip_packet_client now delegates to shared module
- Monorepo nym-ip-packet-client uses shared version check and
connect response parsing
- Fix doc comment attributing fork to nym-vpn-client
* Extract ICMP test helpers into nym-ip-packet-requests
- Add icmp_utils module behind test-utils feature flag
- Move build_icmp_ping, build_icmpv6_ping, is_echo_reply_v4/v6 from
example
- Update ipr_tunnel example to use shared helpers
* Add protocol v9 LP-framed transport marker
- Add v9 module (re-exports v8, VERSION=9)
- Accept v9 requests and responses in IPR
- Switch SDK IpMixStream to send v9
* Log protocol version in dynamic connect requests
* Remove KCP from IPR and fix unwrap_or_default in SDK
- Remove all KCP session management from ip-packet-router (replaced by
LP Stream framing)
- Drop nym-kcp dependency and KcpError variant from IPR
- Replace unwrap_or_default with ok_or(Error::NoNymAPIUrl) in
IpMixStream::new()
* Add v9 protocol wrapper constructors and enforce version/transport
consistency
- Add v9::new_connect_request(), new_data_request(),
new_ip_packet_response() to centralise version stamping
- Replace manual protocol.version overrides in SDK and IPR with v9
wrapper calls
- Bump nym-ip-packet-client current re-export from v8 to v9
- Enforce LP Stream frames must carry v9+ payloads, non-stream must be
v8 or lower
* Filter IPR exit nodes by minimum v9-compatible release version
- Define MIN_RELEASE_VERSION (1.30.0) in ip-packet-requests/v9 alongside protocol constants
- Add semver-based filtering in SDK gateway discovery to skip nodes below v9 threshold
- Add semver dependency to ip-packet-requests and nym-sdk
* Use numeric version comparison for transport/version enforcement
- Compare version as u8 instead of enum equality so future v10+ is handled correctly
- Remove unused `use super::*` import left over from KCP test removal
* added reduced pricing handling logic
* admin methods for setting the whitelist of reduced price accounts
* updated client traits
* query to get all whitelisted accounts
* query for getting detailed deposit statistics
* fixes
* set initial whitelisted accounts in the migration
* stop transferring tokens to the holding account after redemption
* stop gateways from creating redemption multisig proposals
* make sure credential-proxy uses reduced deposits when available
* cargo fmt
* update deposit handler to allow EITHER default price or reduced price
this will allow non-breaking upgrades of NS and credential proxy
* removed use of unstable rust features
* rebuilt contract schema
* correct license timestamp
* Add LpFrameKind::Stream variant with StreamFrameAttributes
- Define LP wire format for stream multiplexing
- Handle new variant in entry gateway match arm
* Replace MixnetStream with LP framing
- Replace custom header with LpFrameHeader
- Added sequence number for message ordering
* Revert accidental vergen bump
* Revert accidental bumps
* Rename Stream to SphinxStream and split match arms in client_handler
* Add LpFrameAttributes type alias for [u8; 14]
* removed explicit storage_tx within MsgModule, TxModule and BlockModule impls
* created a NyxdWatcher that does not persist processed block info
* removed unused imports
* Remove AsyncRead/Write traits from native client - moving them to
stream/
* Substream model first push
* Update / add examples
* Update lockfile
* Clippy
* clippy examples
* remove codecs
* Remove unused bincode setup
* Revert a lot of changes when SDK client itself implemented
AsyncRead/Write
* Remove unnecessary mut
* Use local PollSender in MixnetStream instead of client_input.input_sender
Now that client-core's input_sender is back to mpsc::Sender (reverted
PollSender migration), MixnetStream creates its own PollSender wrapper
for the AsyncWrite impl's poll_ready/start_send calls.
* Remove now-unnecessary parameter
* Clippy
* Cleanup more stragglers from previous setup (Async traits on
MixnetClient)
* Rename files (remove module inception)
* - Shrink StreamId from 16 bytes to u64, add version byte to wire format
- Introduce MixStreamHeader/MixStreamFrame structs for decode
- Replace StreamMap type alias with struct using tokio::sync::Mutex
- Add StreamMap helper methods, eliminate lock().expect() panics
- Rename stream.rs -> mixnet_stream.rs to avoid module inception
- Document irrevocable stream mode, add LP integration TODO
* - Remove dummy channel
- Add err variant for reciever alredy taken
- Remove panics
* add timeout to stream
* clippy
* squashing localnet-v2 commits (again)
cargo fmt
fixes to localnet purge
provide path in the error message
output args
log failed exec
print based on tty
check-prerequisites cmd
checked iptables update
basic kernel features check
enable ipv6 rules
add forwarding rules
squashing localnet-v2 commits
additional changes
propagate custom-dns flag to all run containers
remove is_mock from EcashManager
another localnet squash
unused import
chore: remove redundant testnet manager
missing impl
additional linux fixes
command to rebuild container image
wait for at least 2 blocks
additional node startup fixes
added --custom-dns flag to nym node setup
add gateway probe + wait for DKG magic file
fixed localnet down on linux
container ls
re-enable state resync
additional feature locking
macos adjustments
working nyxd startup on linux
wip linux box
wip
separating network inspect betweewn macos and linux
initial linux feature locking
moved all container commands into a single location
finally working initial node performance
squashing orchestrator commits
cleanup
fixed condition for naive rearrangement
added cache of cosmwasm contracts for speed up on subsequent runs
'down' command
refreshing described cache after nodes are bonded
nym nodes setup + wip on nym api refresh
nodes setup WIP
first pass cleanup
placeholder for nym-node setup
bypassing the dkg
further progress on nym-api setup
wip: api setup
up/down/purge placeholders
persisting contract setup data
fix contract upload by forcing amd64 container platform
wip: contracts setup4
wip: contracts setup3
wip: contracts setup2
wip: contracts setup
include network setup
init and spawn nyxd
build nyxd image in dedicated orchestrator
build nyxd image
squashed cherry-picked lp changes
Bits and bobs to make everything work
Title
MacOS setup instructions
Docker/Container localnet
* clippy
* fixes on non-unix targets
---------
Co-authored-by: durch <durch@users.noreply.github.com>
* Additional ticket type for LP tests
* Remove hardcoded comments
* bump cargo version
* Nuke fallback edge case in the probe
* Cleanup unused code
* Bump API & agent versions
- agent bump required due to probe changes
strum iterator over an enum leaks the version needed to iterate over it,
which can cause problems to dependent crates that use a different strum
version.
While at it, bump the strum crates as well
* Tweak README ordering
* Linting
* Add sitemap generation + NEXT env var to CI
* Update domain for sitemap generation
* Inc. sitemap -0
* test remove lockfile
* fix borked name in package
* add redoc
* add framer
* Add pnpm-lock file
* Add sitemap to remote + ci workflow
* remove extra sitemap
* remove static files from remote for vercel
* add sitemap gen to next build step for vercel
* feat: introduce /v3/unstable/nym-nodes/semi-skimmed to aggregate LP information
nym-nodes will require this information to establish shared PSQ
* reorganised imports
* merging georgio/lp-psqv2-integration
* use authenicator on the responder's side
* nym-lp crate compiling
* moved the e2e test to nym-lp
* move key generation to peer
* moved principal generation
* update KKTResponder
* encapsulation key parsing
* Adding concrete types within KKT exchange
* initiator side of the full handshake
* responder side of the handshake and full e2e test
* fixed unit-tests within nym-kkt
* LpSession cleanup
* helpers for Transport
* revamp of the transport traits and initial work on client-side transport
* compiling nym-crypto
* 'working' client-entry dvpn reg
* Fix key conversion
* Slightly reduce use of rand08
* reverted back to libcrux repo refs
* intial telescoping reg
* removing dead code
* wip
* moved data encryption into the state machine
* restoring nym-lp tests
* update lp api model
* Add receiver index derivation
* Add receiver index derivation
* use derived receiver index
* feat: add kem key generation to nodes
* generate fresh x25519, mlkem768 and mceliece keys on config migration
* add lp peer config
* nym-node startup cleanup
* removed dependency on pre-rand09 from nym-lp
* re-expose LP information on the http API
* fixed tests compilation
* add peer config happy path tests
* formatting
* add more tests and fix bug
* better docs
* clippy and formatting issues
* return error on mceliece within NestedSession
* wasm fixes
* removed legacy nym-vpn-lib-wasm
* fixing wasm for real this time
* additional fixes
* add payload to kkt
* make clippy happy
* moved LP to nym-node crate
* cargo fmt
* integrate lpconfig payload
* fix response size trait impl
* Migrate receiver index
* Change receiver index to u32 and regorganize crates
* clippy
* hopefully final wasm fixes
* simple conversion method from semver to ciphersuite
* updated nym-node config template
* chore: remove duplicated code
---------
Co-authored-by: Georgio Nicolas <me@georgio.xyz>
* * Experiment with changing address mapping from canonical -> full URL as
string.
* Up MaxConns config.
* Bump webpack-cli version
* Modify internal-dev tester for concurrent testing
* Add logging + POST request to internal-dev/
* push lockfiles
* Remove RequestURL from RequestOptions struct for interface
* Bump versions + update lockfiles
- Moved OTel CLI options into a separate OtelArgs
- Otel is built behind the feature flag otel
- Store timing is in microseconds
- Restore comments to existing files
This includes:
- mixnet contract cache
- described nodes cache
- nodes annotations cache (performance)
those changes include taking some code developed for the purposes of #6277
* Improve HTTP use of connection pooling (#6375)
* add swap to system resolver instead of fallback (#6376)
* add header tracking outer host name used in stealth requests (#6389)
* Rotate urls on parse failure (#6383)
* Add shared settings for stealth policy across HTTP clients (#6388)
* Better controls for global interaction w/ static DNS (#6374)
* perform KKT/PSQ handshake outside of LPStateMachine
* initiator
* responder
* concurrent test
* remove KTT/PSQ from the LpStateMachine
* adjusted gateway's Handler to accomodate new changes
* filling in placehlders
* fixed imports in nym-kkt crate
* naming
* clippy and moved more placeholder tests
* split up the initiator side of the PSQ
* split up the responder side of the PSQ
* additional helpers
* addressing review comments
* additional tests and explicit Error message
* Revert "build(deps): bump time from 0.3.41 to 0.3.47 in /nym-wallet (#6433)"
This reverts commit fd47ebfad0.
* chore: revert #6433 due to rust version incompatibility
* squashing Lp/ip pool fixes#6412
removed unused imports
gateway probe fixes
PSK injection + test fixes
cleanup minus PSK injection
combine with lp reg
moved authenticator peer registration to centralised location
bugfix: ensure IpPool never allocates gateway ip
ip pool allocation tests
* review fixes
* test fixes
* Add conversion from gw_probe crate type
* Move code around
- split 1000+ LoC files into smaller ones
* Add socks5 field
- code improvements in gw_probe crate
* Fix docker build
- install go
- required as build dependency of gw probe
* Add logs to agent
* NS API: configure DB via env
* rebase fix
* socks5 score calc
* Cargo fmt
* use existing div_ceil
* Code improvements
* Bump NS API version
* Rename variables
* Bump API & agent version
* Try to fix CI
* Build only on linux
* Socks5 in GW probe
Bump NS agent version
Fix bugs
- force route construction
- use same entry = exit
Fix NS API version check workflow
PR feedback
More robust test attempts
CLI arg validation
Fix clippy
PR feedback
* Test provided endpoints in config at startup
Require one valid endpoint
* Bump agent to 1.1.0
* use x25519 noise key for ktt instead of deriving one from ed25519
* removed client's IpAddr from RegistrationClient constructor
* Adjusted the gateway probe to inject correct lp data
* remove redundant argument from nym-lp-client
* consistent naming for HashFunction variants
* use workspace dep import for nym-kkt-ciphersuite
* struct renaming
* removed x25519 key used within LP mixnet registration
* use Vec<u8> rather than BytesMut for LpAction::DeliverData
* introduced an explicit kind prefix for raw data sent and received within LP
* review nits
* announce KEM key hashes and use generated value within LpStateMachine
* added digest of remote KEM key into LpSession
* changed constructor to LpSession to take explicit key materials for local and remote
this makes it easier to change keys required by each party without having to change all the interfaces everywhere again
* extended the changes to LpStateMachine constructor
* modify the interface to LpRegistrationHandler and LpListener
* gateway probe fixes
* temp nym-lp-client fixes
* review nits
* remove network test
* introduced v2/nym-nodes/described endpoint for returning nodes description alongside LP data
* missed V1 -> V2 description replacements
* removed deprecated call within mix-fetch
* use old v1 call in network stats
* - standardise versions for all nym-sdk workspace dependencies
- prepend sqlx-pool-guard with 'nym-'
* Test remove nym-api from deps
* Add oneliner to client_pool doc comments
* Add note to commented out docs.rs link in sdk
* remove nym-api from script
* add publishing file
* bring non-binary / contract / tools into workspace version
* added more info to publishing.md
* make deps workspace version
* remove uploaded sphinx-types crate from script
* remove erroueously included ignore-defaults
* add zeroise to feature
* chore: Release
* add topology to batch
* more cargo versioning
* more cargo versioning - wasm utils
* more cargo versioning - wasm utils
* Add publish=false to manifest for cargo workspaces / crates.io
publishing exclusion
* remove script now switched to manifest based exclusion
* rename import based on rename of contracts-common dep
* Making workspace versions for publication + removing unnecessary crates
from publication
* Remove OOD info from publishing sdk guide
* rename contract imports + remove package
* temp commit: continuing with removal of path from cargo manifest and
replacing with workspace version import for publication
* continuing with cargo.toml updates
* dryrun only erroring on known version problem crates
* remove old published-crates file
* Minor comment change
* remove default features warning
* Additional info on workspace dep comment re publish list
* Add missing description to cargo.toml
* Fix missing feature flags
* Add missing descriptions
* Fix remaining path import
* Add workspace repo / homepage / documentation links to cargo.toml files
* remove workspace version from excluded crate
* Remove todo descriptions
* Minor comment change
* add homepage etc
* move from bls git import to nym_bls_fork crate
* Modify rest of imports from path to workspace import, excluding binaries
* add directory/homepage info
* fix cargo fmt
* add notes to gitignore
* better solution to contracts/ experiment
* wasm -> nym_wasm crate renaming
* fix fatfinger
* add metadata to ecash cargo.toml
* stub publishing guide
* fix misrevolved netlink- version
* Fixes and block publication of rebase re: LP
* first pass @ workflows
* removed dependency on nymsphinx::* key types and removed needless copies of ed25519 keys
* use more strongly types in ClientHelloData
* explicitly use provided client's x25519 from ClientHelloData
this requires adjusting LpSession constructor to take an additional key argument
* allow large LpInput enum
* clippy within tests
* removed redundant type aliases for x25519 keys
* Upgrade to def_guard_wireguard v0.8.0
* Update nix, netlink-packet-wireguard
* Adapt linux code for defguard_wireguard
* rustfmt
* Revert nix to 0.27.1
* clippy: fix
* fix from rebase
* Restore userspace imp on condition
* Add send+sync on boxed wgapi
* Use error to indicate when userspace/kernel imps are unavailable; userspace is not available on all platforms
* Remove duplicate import
---------
Co-authored-by: mfahampshire <maxhampshire@pm.me>
* standarise lp serialisation:
- stop using bincode within `LpMessage` in favour of predictable bytes concatenation
- use consistent encode/decode interface for every `LpMessage` inner variant
- hide usage of bincode within `LpRegistrationResponse` / `LpRegistrationResponse` behind `serialise` / `try_deserialise` interface
* reduced 'target_lp_address' len encoding space from u32 to u16
* Add KKT cryptographic primitives
Post-quantum Key Encapsulation Mechanism (KEM) Key Transfer protocol.
Enables efficient distribution of post-quantum KEM public keys.
Squashed from georgio/noise-psq branch.
* Implement LP registration protocol with KKT/PSQ integration
Initial implementation of the Lewes Protocol (LP) for gateway registration:
- Add nym-lp crate with Noise protocol handshake
- Add LP listener to gateway for handling registrations
- Add LP client for registration flow
- Integrate KKT for post-quantum KEM key exchange
- Integrate PSQ for post-quantum PSK derivation
- Add Ed25519 authentication throughout
- Add docker/localnet support for testing
Co-authored-by: Jędrzej Stuczyński <jedrzej.stuczynski@gmail.com>
* Add LP telescoping with nested sessions and subsession support
Extends LP protocol with telescoping architecture for nested sessions:
- Add nested session support with KKpsk0 rekeying
- Add subsession support with collision detection
- Implement unified packet format with outer header
- Refactor gateway handlers for single-packet forwarding
- Add TTL-based state cleanup for stale sessions
- Add outer AEAD encryption layer
- Refactor registration client for packet-per-connection model
* Add gateway-probe localnet mode with WireGuard tunnel support
Adds localnet testing mode to gateway-probe for LP development:
- Add TestMode enum for different probe configurations
- Add --gateway-ip flag for direct gateway testing
- Implement two-hop WireGuard tunnel for localnet
- Add mock ecash support for testing without real credentials
- Add netstack Go bindings for userspace networking
- Restructure probe with mode and common modules
- Update README with localnet mode documentation
* Increase KCP fragment limit from u8 to u16
- Change frg field from u8 to u16 in packet header (25 bytes total)
- Update encode/decode to use get_u16_le/put_u16_le
- Update Segment struct frg field to u16
- Remove truncating cast in session.rs
- Max message size now ~91MB (65,535 fragments × MTU)
- Internal protocol only, no interop concerns
Nym uses KCP for reliability and multiplexing, not standard real-time
use cases. The u8 limit (255 fragments, ~355KB) was insufficient.
Addresses: nym-yih9
* Zeroize Ed25519 key material in to_x25519 conversion
Wrap hash and x25519_bytes in zeroize::Zeroizing to ensure private
key material is cleared from memory after use.
Closes: nym-k55g
* Return Result from KCP session input() for error detection
Change KcpSession::input() to return Result<(), KcpError> so callers
can detect invalid packets instead of silently ignoring them.
- Add ConvMismatch error variant for conversation ID mismatches
- Update driver to propagate errors from session.input()
- Update all test and example callers
Closes: nym-n0kk
* Fix Zeroizing deref in ed25519 to_x25519 conversion
The from_bytes() function expects &[u8], need to deref the Zeroizing
wrapper to get the inner array.
* Add semaphore-based connection limiting for LP packet forwarding
Limits concurrent outbound connections when forwarding LP packets to
prevent file descriptor exhaustion under high load.
Key changes:
- Add max_concurrent_forwards config (default 1000)
- Add forward_semaphore to LpHandlerState
- Acquire semaphore permit before connecting in handle_forward_packet
- Return "Gateway at forward capacity" error when at limit
This provides load signaling so clients can choose another gateway
when the current one is overloaded.
Design note: Connection pooling was considered but provides minimal
benefit since telescope setup is one-time and targets are distributed
across many different gateways. See AIDEV-NOTE in LpHandlerState for
full analysis.
Closes: nym-xi3m
* Return error on session unavailable in handle_subsession_packet
Replace .session().ok() with proper error handling to fail fast when
session is Closed or Processing after state machine processing.
Previously, the code silently continued with outer_key = None, which
could cause protocol errors downstream.
Closes: nym-8de0
* Use explicit bincode Options helper in nested_session
Add bincode_options() helper that returns DefaultOptions with explicit
big_endian and varint_encoding configuration. This future-proofs against
bincode 1.x/2.x default changes and makes serialization format explicit.
Updated all 4 bincode usages in nested_session.rs to use the helper.
* Deduplicate outer_key lookup pattern in nested_session.rs
Extract common state_machine.session().ok().and_then(...) pattern into
two helper methods:
- get_send_key() for encryption (outer_aead_key_for_sending)
- get_recv_key() for decryption (outer_aead_key)
Updated 6 call sites to use the helpers, reducing verbosity.
* Add LpConfig struct and AIDEV-NOTE documentation for KKT+PSQ
- Create config.rs with LpConfig struct (kem_algorithm, psk_ttl, enable_kkt)
- Export LpConfig from lib.rs
- Add AIDEV-NOTE to psk.rs explaining:
- Why PSQ is embedded in Noise (single round-trip, PSK binding)
- KEM migration path (X25519 → MlKem768 → XWing)
- Add AIDEV-NOTE to state_machine.rs explaining protocol flow:
- KKTExchange → Handshaking → Transport state transitions
- PSK derivation formula (ECDH || PSQ || salt)
* Add forward_timeout to LP client config
Add forward_timeout (30s default) to LpConfig and wrap send_forward_packet's
connect_send_receive call with tokio::time::timeout, matching the pattern
used by register() with registration_timeout.
This prevents indefinite hangs when forwarding packets through entry gateway.
* Add negotiated_version field to LpSession
Add AtomicU8 field to store the protocol version from handshake packet
headers. Includes getter and setter methods for future version negotiation
and compatibility checks.
- negotiated_version() returns current version (defaults to 1)
- set_negotiated_version() allows setting during handshake
- Subsessions inherit version 1 (can be enhanced to inherit parent's)
* Change MessageType from u16 to u32
Breaking wire protocol change: MessageType field increased from 2 bytes
to 4 bytes in LP packets. This future-proofs the message type space and
aligns with other u32 fields.
Changes:
- message.rs: #[repr(u32)], from_u32(), to_u32()
- error.rs: InvalidMessageType(u32)
- codec.rs: All serialization/deserialization updated to 4-byte msg_type
- Cleartext parsing: inner_bytes[4..8], content at [8..]
- AEAD parsing: decrypted[4..8], content at [8..]
- Serialization: 4 bytes for message type
* Various smaller fixes
* Refactor LP to stream-oriented TCP processing
Gateway (handler.rs):
- Add bound_receiver_idx field for session-affine connections
- Convert handle() from single-packet to loop with EOF detection
- Add validate_or_set_binding() for receiver_idx validation
- Set binding in handle_client_hello after collision check
- Centralize emit_lifecycle_metrics in main loop only
- Add is_connection_closed() helper for graceful EOF
Client (client.rs):
- Add stream field for persistent TCP connection
- Add ensure_connected(), send_packet(), receive_packet(), close() methods
- Modify perform_handshake_inner() to use persistent stream
- Modify register_with_credential() to use persistent stream
- Modify send_forward_packet() to use persistent stream
- Keep connect_send_receive() for reference (marked dead_code)
This reduces handshake overhead from ~5 TCP connections to 1.
Drive-by: Fix log::info! -> info! in wireguard peer_controller.rs
* Add persistent exit stream for entry→exit forwarding
Entry gateway now maintains a persistent TCP connection to the exit
gateway per client session, reusing it for all forward requests from
that client. This reduces TCP handshake overhead significantly.
Key changes:
- Add exit_stream: Option<(TcpStream, SocketAddr)> to LpConnectionHandler
- Modify handle_forward_packet() to open on first forward, reuse after
- Clear exit_stream on connection errors (auto-reconnect on next forward)
- Semaphore only acquired for connection opens, not reuse (sequential access)
* Fix code review issues for stream-oriented LP
- Add 30s timeout to exit stream I/O operations (nym-df31)
Prevents handler from hanging on unresponsive exit gateway
- Return error on forward target address mismatch (nym-zegu)
Previously warned and proceeded, which could mask bugs
- Close client stream on handshake error paths (nym-scvm)
Prevents state machine inconsistency on timeout or failure
* Add LP registration idempotency and retry logic
Make LP registration resilient to network failures that could waste
credentials. When registration succeeds on the gateway but the response
is lost (e.g., network drop), clients can retry with the same WG key
and get the cached result instead of spending another credential.
Gateway-side:
- Add check_existing_registration() helper that looks up WG peer and
returns cached GatewayData if already registered
- Add idempotency check in process_registration() dVPN branch
- Only return cached response if bandwidth > 0 (ensures registration
was actually completed, not just peer created)
- Track idempotent registrations with lp_registration_dvpn_idempotent metric
Client-side:
- Add register_with_retry() to LpRegistrationClient that acquires
credential once and retries handshake+registration on failure
- Add handshake_and_register_with_retry() to NestedLpSession for
exit gateway registration via forwarding
- Add exponential backoff with jitter between retry attempts
- Verify outer session validity before nested session retry
Both retry methods clear state machine before retry to ensure fresh
handshake, and reuse the same credential across all attempts.
* Add no-mix-acks feature flag to nym-sphinx-framing
When enabled, mix nodes skip ack extraction and forwarding entirely.
The full payload (including ack portion) is returned as the message.
Closes: nym-3wrr
* Create nym-lp-speedtest crate scaffold
- Created tools/nym-lp-speedtest/ with Cargo.toml
- Added main.rs with CLI argument parsing
- Created stub modules: client.rs, speedtest.rs, topology.rs
- Added to workspace members
- Verified compilation with cargo check
* Implement topology fetching for nym-lp-speedtest
- Add topology.rs with NymTopology integration
- Fetch mix nodes and gateways from nym-api
- Build GatewayInfo with LP addresses (port 41264)
- Provide random_route_to_gateway() for Sphinx routing
- Add required Cargo.toml dependencies
* Implement LP+Sphinx+KCP client with SURB support
- Add send_data() and send_data_with_surbs() methods for mixnet data
- Integrate KCP reliable delivery with Sphinx packet construction
- Add x25519 encryption keypair for SURB reply mechanism
- Wire up main.rs to test LP handshake and data path
- Add NymRouteProvider support in topology for SURB construction
- Refactor send_data() to delegate to send_data_with_surbs(0) (DRY)
The client can now:
- Perform LP handshake with gateways
- Send data through the mixnet wrapped in KCP + Sphinx packets
- Attach SURBs for bidirectional communication
- Return encryption keys for decrypting replies
* Rename nym-lp-speedtest to nym-lp-client and fix KCP bug
- Rename crate from nym-lp-speedtest to nym-lp-client
- Fix KCP bug: add driver.update() call before fetch_outgoing()
Without update(), KCP never moves segments from snd_queue to snd_buf
- Update CLI name, about string, and user agent to match new name
* Add LP mixnet mode registration with nym address return
- Extend RegistrationMode::Mixnet to include client_ed25519_pubkey
and client_x25519_pubkey for nym address construction
- Add LpGatewayData struct containing gateway_identity and
gateway_sphinx_key for SURB reply routing
- Add lp_gateway_data field to LpRegistrationResponse for mixnet mode
- Implement success_mixnet() constructor for mixnet registrations
- Update gateway registration to insert clients into ActiveClientsStore
for SURB reply delivery, matching the websocket flow
* Implement LP data handler on UDP:51264
- Add LpDataHandler for UDP data plane (port 51264)
- Decrypt LP layer and forward Sphinx packets to mixnet
- Add outbound_mix_sender to LpHandlerState
- Integrate data handler spawn into LpListener::run()
- Add metrics for data packets received/forwarded/errors
Implements nym-yzzm
* Fix replay protection vulnerability in LP data handler
Use state machine process_input() instead of manual decryption to ensure
proper replay protection:
- Counter check against receiving window
- Counter marking after successful decryption
Also handle subsession actions gracefully (SendPacket ignored on UDP,
clients should use TCP control plane for rekeying).
Security fix for nym-yzzm implementation.
* feat(ipr): add KcpSessionManager for LP client KCP handling
- Add fetch_incoming() and recv() methods to KcpDriver for retrieving
reassembled messages
- Create KcpSessionManager in ip-packet-router that manages KCP sessions
keyed by conv_id (first 4 bytes of KCP packet header)
- Store ReplySurbs per session for sending anonymous replies
- Implement session timeout (5 min) and max sessions limit (10000)
- Add comprehensive tests for session lifecycle and KCP roundtrip
* feat(ipr): integrate KcpSessionManager into MixnetListener
- Add KcpSessionManager field to MixnetListener struct
- Add is_kcp_message() helper to detect KCP-wrapped payloads
- Add on_kcp_message() to process LP client KCP messages
- Refactor on_reconstructed_message() to route KCP vs regular IPR
- Add KCP tick timer (100ms) for session updates and cleanup
- Initialize KcpSessionManager in IpPacketRouter::run_service_provider()
KCP messages are detected by checking byte 4 for valid KCP commands
(81-84), which doesn't conflict with IPR protocol version bytes (6-8)
at position 0.
Closes: nym-96zl
* fix(ipr): prevent KCP detection false positives on IPR messages
Add secondary check in is_kcp_message() to exclude messages that match
IPR protocol header pattern (version 6-8 at byte 0, ServiceProviderType
0-2 at byte 1). This prevents false positives where IPR messages with
byte 4 in range 81-84 would be incorrectly routed to KCP processing.
Added 4 unit tests to validate the detection logic.
Closes: nym-6f3x
* fix(ipr): wrap KCP client responses in KCP before SURB reply
- Modify on_kcp_message to handle responses directly instead of returning them
- Add handle_kcp_response method that wraps response in KCP and sends via mixnet
- Ensures KCP clients receive KCP-wrapped responses for proper reassembly
Closes: nym-7oh2
* fix(ipr): send KCP protocol packets in tick instead of just logging
- Add get_sender_tag() and fetch_outgoing_for_conv() to KcpSessionManager
- Change handle_kcp_tick() to actually send ACKs/retransmissions via mixnet
- Reduce KCP tick interval from 100ms to 10ms for better responsiveness
This fixes the KCP reliability protocol which was broken because
protocol packets (ACKs, retransmissions) were generated but never sent.
* feat(lp-client): wrap payload in IpPacketRequest before KCP
- Add nym-ip-packet-requests and bytes dependencies
- Wrap payload in IpPacketRequest::new_data_request() before sending to KCP
- Add LP_DATA_PORT constant (51264) and lp_data_address field to GatewayInfo
This ensures IPR can properly parse incoming messages as DataRequest.
LP framing (wrapping Sphinx in LP before sending) is a separate task.
* feat(lp-client): add LP session management and UDP data plane support
- Add wrap_data() and session_id() to LpRegistrationClient for LP packet
creation after handshake
- Add init_lp_session() and close_lp_session() to SpeedtestClient for
managing LP sessions
- Extract prepare_sphinx_fragments() helper to reduce code duplication
between send_data_with_surbs() and send_data_via_lp()
- Add send_data_via_lp() for sending Sphinx packets through LP's UDP
data plane (port 51264)
The LP session is kept alive after TCP handshake closes, allowing
subsequent wrap_data() calls for UDP transmission without re-handshaking.
* random formatting
* replaced all instances of bincode::serialize and bincode::deserialize with explicit lp_bincode_serialiser() within the LP
* additional formatting
* removed source of possible panic from nym-kkt
invalid KEM mapping will now return an Err rather than panicking
* integration test for LP entry registration
This includes creation of mocks of various gateway-related components, such as the PeerController
* changed ClientHelloData serialisation
the old variant using bincode did not produce constant-length output in some cases
* Fixed generation of receiver index
removes the possible clash with the boostrap id
* Integration test for nested LP registration
- move `LpTransport` trait definition to shared `nym-lp-transport` crate
- make transport layer within `LpConnectionHandler` generic with respect to the forwarding target. it must, however, use the same type as the incoming client connection
- extracted explicit `LpConnectionHandler::establish_exit_stream` to more easily modify it in the future to fully protect the channel and disallow using untrusted egress points
- fix additional log-string interpolation nits
* resolved clippy issues pointed out by clippy 1.91
* added LP discovery into self-described endpoint:
- removed changes to the node bonding within the contract
- introduced '/api/v1/lewes-protocol' route within nym-node http api
- added 'lewes_protocol' field to 'NymNodeData' inside of NymNodeDescription
- refactored LpConfig to allow separate bind and announce addresses and used more strict typing
* chore: allow unwrap/expect within kkt benchmarking code
* chore: downgraded sha2 dep for cosmwasm compatibility
* clippy
* marking simd calls as unsafe
* fixed calls to '_mm_testz_si128'
* additional clippy fixes
---------
Co-authored-by: Georgio Nicolas <me@georgio.xyz>
Co-authored-by: Jędrzej Stuczyński <jedrzej.stuczynski@gmail.com>
* one commit to rule them all
* remove too aggressive copy pasting
* update details when outdated
* typo and serde alias
* no hostname option and fixes
* fix wasm client?
* non fallback fixed
* improve gateway details update
* better ws addresses
* PR review fixes
* improve type safety on update_gateway_published_data
* fix client gateway storage migration
* rename nyxd-scraper to sqlite
wip: made storage mostly generic minus modules
changed error types to make modules dyn compatible
implemented traits for sqlite instance
using sqlite instance for rewarder and chain watcher
psql scaffolding
initial postgres support - missing some proto -> json parsing
use postgres in chain scraper
added message registry to block processor
message content parsing in psql
involved addresses
adding null value for logs
Revert "use postgres in chain scraper"
This reverts commit 83c84bfd2d.
using SignerInfo proto definitions for db serialisation
added ibc messages to MessageRegistry
* add the data observatory
* add the data observatory
* move message parsing and change webhook
* handle wasm messages in a module
* formatting and clippy
* copy shared migrations and add comments to ignore file to explain
* update offline queries
* change to clap args and use url::Url to parse args
* tidy up README, startup info, typos
* tidy up validator rewarder
* lock file
* change webhook module from msg to tx handler
* ignore profiler output
* add missing things and make clippy happy
* updated cosmrs version used by the nym wallet
* add glob to workspace dependencies
* rename migration files
* remove copying from shared migrations
* duplicate shared migrations to keep things simple
* add check for manual migration sync that will fail on `cargo build` in CI
* build.rs checks data observatory migrations have content of all shared scraper migrations and errors on changes or new files
* update runner
* add reset target to make file
* process events and logs
* migrations - remove unnecessary columns
* update offline queries
* chore: run cargo fmt
* fix up: inpsect_err instead of map_err
---------
Co-authored-by: Jędrzej Stuczyński <jedrzej.stuczynski@gmail.com>
Co-authored-by: Mark Sinclair <mmsinclair@users.noreply.github.com>
Co-authored-by: benedettadavico <benedetta.davico@gmail.com>
* chore: make 'DirectSecp256k1HdWallet' only derive its keys once on construction
Previously all the keys and account information was being derived for every transaction signed
* no longer keep account seed on the wallet struct
* vpn client report v2
* report v2 support in nym-stats API
* version bump
* CI fix while we're at it
* more CI fix
* needed the dind after all
* PR comments
* placeholder handling of wg registration with upgrade mode token
* include upgrade mode credentials as part of credential storage
* introduce helper for decoding JWT payload
* expose methods for removing emergency credentials from the storage
* don't allow duplicate emergency credentials with the same content
* added authenticator ClientMessage for upgrade mode check
* retrieve credentials with longest expiration first
* post rebasing fixes
* fixed gateway config
* feat: allow specifying minimum node performance for client init
* nym-node UM improvements
* fixed upgrade mode bandwidth on initial authentication
* fix: logs and thresholds
* expose attestation information from nym-node http api
* additional logs
* post rebasing fixes
* make @simonwicky happy by removing empty lines in emergency_credential table definition
* chore: remove '_' prefix for internal counters within in-mem ecash storage
* improved import of 'UpgradeModeState' within the nym-node
* use explicit time dependency within credential-storage
* re-order imports within the gateway-client
* moved 'AvailableBandwidth' definition to the monorepo
* squashing feat: merge intermediate upgrade mode changes #6174 to more easily resolve merge conflicts during rebasing
added additional v2 query for metadata endpoint for requesting upgrade mode recheck
added additional message to v6 authenticator to request explicit upgrade mode recheck
clippy
test fixes due to updated keys
updated assertion for upgrading v1 top up request to v2
compare attester public key against the expected value within the credential proxy
use pre-generated attestation public keys within nym-nodes
remove version deprecation
bugfix: default bandwidth response for authenticator
expose upgrade mode information in authenticator responses
adding tests for new v2 server
passing upgrade mode information in metadata endpoint
v2 wireguard private metadata
bugfix: make sure to immediately poll for attestation after spawning task
fix gateway probe and remove code duplication for finalizing registration
squashing before rebasing
post rebasing fixes
AuthenticatorVersion helpers
additional nits
allow unwraps in mocks
fixed linux build
clippy
integrating upgrade mode into authenticator
fixed build after adding wrappers to response types
conditionally updating peer handle bandwidth
cleanup
negotiate initial protocol during registration
change auth to use highest protocol
handler for JWT message
dont meter client bandwidth in upgrade mode
handling recheck requests
sending information about upgrade_mode on client messages
gateway watching for upgrade mode attestation
wip: gateways to disable bandwidth metering on upgrade mode
* fixed ServerResponse deserialisation
* fixed incorrect swagger path for upgrade mode check endpoint
* moved upgrade mode endpoint out of bandwidth routes
* chore: remove unused error variant
* removed re-export of UpgradeModeAttestation from credentials-interface
* chore: define single source of truth for minimum bandwidth threshold value
* moved type definitions out of traits.rs
* updated v6 versioning to point to niolo release instead
* fixed incorrect error mapping
* http url fallback conditions
* include changes and tests for fronted
* Allow for explicit DNS error Handling in HTTP client (#6201)
when sending http reqs add manual DNS so we can handle errors directly
* Address PR nits
---------
Co-authored-by: durch <durch@users.noreply.github.com>
* squashed feature/credential-proxy-jwt [#5957]
post rebasing fixes
clippy
changed obtain-async endpoint to conditionally return jwt instead of pending zk-nym
watching for the attestation file and issuing jwt
* changed attestation starting time serialisation into rfc3339
* including authorised JWT issuers in attestation
* reduce attestation retrieval error log
* new quick deployment script
* docs tweak
* update script to use .deb postinst
* final clean - ready to go
* correct nym-node config dir search with a fallback
Updated ping commands to explicitly use IPv4 and adjusted file permission checks with sudo. Changed the forward address prompt to specify IPv4 and modified the binary download process to fetch and install the latest .deb release URL automatically.
Changes:
- Add network_details field to BaseClientBuilder (optional, backwards compatible)
- Add with_network_details() method for opt-in domain fronting
- Update construct_nym_api_client() to use from_network() when network_details provided
- Enable network-defaults feature in nym-client-core Cargo.toml
- SDK passes network_details to BaseClientBuilder
Changes:
Multiple URL fallback with configurable retries (defaults to 3)
Infallible URL conversion per Andrews feedback (Url::from() instead of parse().ok())
Non-breaking builder pattern for BuilderConfig per Andrej's "too many arguments" feedback
Reverted redundant node filtering per Andrew's clarification that API already filters by supported_roles.entry
Changes:
- Replace String error with BuilderConfigError enum in BuilderConfigBuilder
- Update tests to use pattern matching instead of string assertions
This branch now contains only gateway registration improvements:
- Multiple URL fallback support in gateways_for_init()
- Get all entry-capable nodes for registration
- Performance and code quality improvements
- Reverted all changes to topology_control/nym_api_provider.rs
- Changed info/warn logs to debug for custom client messages
- Removed unused _rng parameter from gateways_for_init()
- Simplified URL builder to always use new_with_urls()
Resolved conflicts:
- Added event_tx field to MixnetClientBuilder alongside custom_nym_api_client
- Both features are independent and coexist:
* custom_nym_api_client: for domain fronting support
* event_tx: for event handling
- Updated all constructors and methods to properly handle both fields
- Add with_nym_api_client() to BaseClientBuilder, MixnetClientBuilder, and RegistrationClientBuilderConfig
- Modify nym_api_provider to fetch all nodes then filter by supported_roles.entry (fixes metadata inconsistency)
- Update helpers.rs to build HTTP client with all nym_apis URLs and retries for fallback support
- Fix SDK to use entry_capable_nodes() instead of entry_gateways() for broader gateway selection
This enables domain fronting and URL rotation throughout the entire SDK stack, improving censorship resistance and connection reliability. All changes are backward compatible - custom client is optional.
* bugfix: retrieve and update ticketbook in the same query
* bump up NS version
* Update Cargo.toml
* remove SKIP LOCKED part of the query
---------
Co-authored-by: benedetta davico <46782255+benedettadavico@users.noreply.github.com>
* add quic_bridge_deployment.sh
* create a snippet with quick install steps
* add quic deployment to changelog
* add quic deployment to node config page
* add version compatibility callout
* last edits and scraped stats update
* correct name of QUIC snippet
* fix naming
* fix naming
* re-run python-prebuild.sh aka time-now updated
* attempt to fix vercel build the hard way
* rerun npm
* build with pnpm
* restore lock file and rebuild w pnpm
* chore: update pnpm lockfile
* attempt to fix build
* attempt to fix runtime builds
* update ci-docs run OS
dont build netstack in CI
additional rust 2024 fixes
fixes
removed temp.rs
first round of cleanup
removed duplicated NS types
moved gateway probe to the monorepo
* ns-api: when `score` is `Offline`, clamp `load` to `Offline`
* ns-api: bump version
* ns-api: add mixnet score field to performance_v2 struct
---------
Co-authored-by: Mark Sinclair <mmsinclair@users.noreply.github.com>
* Debug logging
* Yield based logging
* Reintroduce non-dummy task manager, try add counting for
BatchMessageSender, a couple of compiler target introductions on use
statements.
* Fixed time runtime err
* Uncomment forgetme/rememberme
* remove diffs from debug
* missed commented out forgetme
* yet more forgetme comments
* * Added missing clientreqestsender clone to wasm client to stop
premature drop & busyloop
* Removed hacky mem::forget fix
* Remove debug panic_hook
* Conditional import + use of wasm_utils::console_log
* add wasm_util dep
* Commenting out or removing debug logging
* Remove missed comment
* cleanup gitignore
* clippy
* update go version in ci
* removed unused deps
* add clippy ignore
* remove mixfetch from ci build
* add minifetch fix
* comment out unused ts builds
* stop contract clients killing ci for the moment
* wasm target locking for imports
* Either remove console_log! macro or introduce cfg(debug_assertions)
* downgrade netlink
* debug assertions for console_log import
* modify config logging (debug -> normal)
* remove clone for client_request_sender + grab directly in struct
creation
* reintroduce debug print for config in debug mode
* remove ood / unused custom topology from worker example file
* clippy
* clippy - ignore todo() tests
* modified humantime test in line with new parsing rules
* added new dkg execute methods for ownership transfer and announce address update
* cherry-pick TestableNymContract for the dkg contract from #5091
* tests
* schema fixes
* removed old queued migrations
* ns api: add node scraper for bridge information and add to dVPN gateway output
* extra error reporting
* run sqlx-prepare
* fix clippy
---------
Co-authored-by: Mark Sinclair <mmsinclair@users.noreply.github.com>
Co-authored-by: benedettadavico <benedetta.davico@gmail.com>
* ns-api: remove sqlite support
ns-api: add env var to skip migrations for local dev
ns-api: tidy up imports
ns-api: fix deserialisation fo node descriptions
update dockerfile
update README
fix up README and example env
ns-api: bump major version to 4
ns-api: add more geoip data and new performance field in dvpn responses
* ability to import partial ticketbooks
* wip: adding common ecash state to NS API
* buffering ticketbooks
* wip
* distribute tickets when getting testrun assignment
* passing ticketbook data to gateway probe
* wrapped around storage tx
* ticketbook query fixes
* clippy
* modified testrun assignment to always return tickets
* Update version
* Update push-node-status-agent.yaml
* Update Cargo.toml
* add entrypoint for ns agents
* sqlx prepare and cargo fmt
* clippy fixes
* Update ci-check-ns-api-version.yml
---------
Co-authored-by: Mark Sinclair <mmsinclair@users.noreply.github.com>
Co-authored-by: benedetta davico <46782255+benedettadavico@users.noreply.github.com>
Co-authored-by: benedettadavico <benedetta.davico@gmail.com>
Notifications are run by adding the snippet above to a GitHub Action, and:
1. Installing node packages needed at run time
2. Set the env vars as required:
-`NYM_NOTIFICATION_KIND` matches the directory in `.github/workflows/support-files/${NYM_NOTIFICATION_KIND}` to provide the templates and extra scripting in `index.js`
- Matrix credentials, room and other env vars for the status of the build and repo
3. Replacing the default entry point shell script on the `keybaseio/client:stable-node` docker image to run `.github/workflows/support-files/notifications/entry_point.sh`
These scripts send CI notifications to Matrix by creating messages from templates and env vars passed from GitHub
Actions.
### Running locally
You will need:
- Node 16 LTS
- npm
Copy `.github/workflows/support-files/.env.example` to `.github/workflows/support-files/.env` and valid Matrix credentials.
Copy `.github/workflows/support-files/.env.example` to `.github/workflows/support-files/.env` and valid Matrix
credentials.
Then run `npm install` to get dependencies.
Start development mode for the notification type you want either by passing the value as an env var called`NYM_NOTIFICATION_KIND` or set the `.env` file values correctly.
Start development mode for the notification type you want either by passing the value as an env var called
`NYM_NOTIFICATION_KIND` or set the `.env` file values correctly.
# we don't care about particular versions - just pull whatever is used by sphinx
lioness="*"
arrayref="*"
# libcrux
libcrux-kem="0.0.7"
libcrux-ecdh="0.0.6"
libcrux-curve25519="0.0.6"
libcrux-chacha20poly1305="0.0.7"
libcrux-psq="0.0.8"
libcrux-ml-kem="0.0.8"
libcrux-sha3="0.0.8"
libcrux-traits="0.0.6"
# Workspace dep definitions required by crates.io publication - we need a workspace version since `cargo workspaces` doesn't work with path imports from crate manifests
# Run this AFTER your distro has shipped the patched kernel.
# This playbook:
# 1. Updates the kernel via apt
# 2. Reboots and waits for reconnect
# 3. Verifies the running kernel is newer than the pre-patch version
# 4. Removes the interim module blacklists
# 5. Re-enables the affected modules live (no second reboot needed)
#
# Debian family only (Debian, Ubuntu). Tested on Debian 11, Debian 12, Ubuntu 20.04, 22.04, 24.04.
#
# For exit-gateway nodes with --wireguard-enabled true:
# After this playbook completes, run the networking restore step on each node via:
# ansible-playbook deploy.yml -t ntm
# See the CVE patch documentation for details.
- name:Remove CVE mitigations and apply patched kernel
hosts:all
become:true
tasks:
- name:Verify OS is Debian family
assert:
that:
- ansible_os_family == "Debian"
fail_msg:"This playbook supports Debian-family distros only (Debian, Ubuntu). For other distros, apply the kernel update and mitigation removal manually."
- name:Update apt cache
apt:
update_cache:true
cache_valid_time:0
- name:Upgrade kernel packages
apt:
upgrade:full
only_upgrade:false
register:apt_upgrade_result
- name:Record pre-reboot kernel version
command:uname -r
register:kernel_before
changed_when:false
- name:Reboot to load patched kernel
reboot:
msg:"Rebooting to apply patched kernel (CVE-2026-31431 / CVE-2026-43284 / CVE-2026-43500)"
reboot_timeout:300
pre_reboot_delay:5
post_reboot_delay:15
- name:Record post-reboot kernel version
command:uname -r
register:kernel_after
changed_when:false
- name:Show kernel versions before and after reboot
debug:
msg:
- "Kernel before reboot: {{ kernel_before.stdout }}"
- "Kernel after reboot: {{ kernel_after.stdout }}"
- name:Warn if kernel did not change after reboot
debug:
msg:>
WARNING: kernel version did not change after reboot ({{ kernel_after.stdout }}).
The patched kernel may not have been selected by GRUB, or no kernel update was available.
Do NOT remove the interim mitigations until you have confirmed the running kernel is patched.
"safe harbor" provisions</a>. In other words, you will have just as much luck
sending a takedown notice to the Internet backbone providers.
</strong></p>
<p>
Nym Network is operated by a decentralised community of node operators
and stakers. Nym Network is trustless, meaning that no parts of the system
nor its operators have access to information that might compromise the privacy
of users. Nym software enacts a strict principle of data minimisation and has
no back doors. The Nym mixnet works by encrypting packets in several layers
and relaying those through a multi-layered network called a mixnet, eventually
letting the traffic exit the Nym mixnet through an exit gateway like this one.
This design makes it impossible for a service to know which user is connecting to it,
since it can only see the IP-address of the Nym exit gateway:
</p>
<p style="text-align:center;margin:40px 0">
<svg xmlns="http://www.w3.org/2000/svg" width="500" viewBox="0 0 490.28 293.73" style="width:100%;max-width:600px" role="img" aria-label="Diagram of how a user connects through the Nym network">
<desc>Illustration showing how a user might connect to a service through the Nym Network. The user first sends their data through three daisy-chained encrypted Nym nodes that exist on three different continents. Then the last Nym node in the chain connects to the target service over the normal internet.</desc>
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.