Jędrzej Stuczyński d8c84cc4d6 feat: key rotation (#5777)
* wip

* wip: wrap node's sphinx key with a manager

* wip: choosing correct key for packet processing

* further propagation of key rotation information

* attaching key rotation information to reply surbs

* added basic key rotation information to mixnet contract

* wip: introducing cached queries for key rotation info from nym api

* unified nym-api contract cache refreshing

* finish packet decoding

* multi api client + retrieving rotation id

* rotating sphinx key files

* logic for migrating config file

* wip: putting new sphinx keys to self described endpoints

* processing loop of KeyRotationController

* fixed sphinx key loading

* rotating bloomfilters

* wired up KeyRotationController

* flushing bloomfilters to disk and loading

* most of nym-node changes

* post rebase fixes

* fixes due to backwards compatible hostkeys

* split http state.rs file

* dont use deprecated fields

* fixed backwards compatible deserialisation of host information

* split up node describe cache

* added a dedicated CacheRefresher listener to perform full refresh outside the set interval

* controlling announced sphinx keys within nym-api

* retrieving rotation id when pulling topology

* split nym-nodes http handlers

* v2 nym-api endpoints to retrieve nodes with additional metadata information

* bug fixes...

* additional bugfixes and guards against stuck epoch

* testnet manager: set first nym-api as the rewarder

* fixed host information deserialisation

* fixed panic during first key rotation

* post rebase fixes

* clippy

* more guards against stuck epochs

* added helper method to reset node's sphinx key

* instantiate mixnet contract with custom key rotation validity

* additional bugfixes and debugging nym-api deadlock

* passing shutdown to nym apis client

* remove dead test

* post rebasing fixes

* missing MixnetQueryClient variants

* remove usage of deprecated methods in sdk example

* fix: incorrect method signature

* post rebasing fixes

* attempt to retrieve key rotation id before doing any config migration work

* ignore tests relying on networking behaviour

* allow networking failures in certain tests
2025-06-03 11:22:51 +01:00
2025-05-16 13:03:37 +02:00
2025-06-03 11:22:51 +01:00
2025-06-03 11:22:51 +01:00
2025-06-03 09:28:55 +00:00
2024-12-19 14:10:28 +00:00
2025-06-03 11:22:51 +01:00
2024-12-20 12:18:45 +01:00
2025-06-03 11:22:51 +01:00
2025-06-03 11:22:51 +01:00
2025-05-30 09:28:48 +02:00
2025-06-03 11:22:51 +01:00
2025-05-30 09:28:48 +02:00
2025-06-03 11:22:51 +01:00
2025-06-03 11:22:51 +01:00
2025-03-15 00:17:40 +01:00
2025-04-29 13:23:14 +02:00
2023-12-19 09:24:44 +01:00
2023-12-19 09:24:44 +01:00
2025-06-03 11:22:51 +01:00
2025-06-03 11:22:51 +01:00
2025-05-27 10:03:22 +02:00
2025-02-27 15:21:55 +01:00
2025-03-13 11:31:59 +00:00
2023-09-21 15:09:34 +01:00
2025-05-29 10:31:01 +01:00
2025-04-10 11:14:54 +03:00
2025-03-13 11:31:59 +00:00

The Nym Privacy Platform

The platform is composed of multiple Rust crates. Top-level executable binary crates include:

  • nym-node - a tool for running a node within the Nym network. Nym Nodes containing functionality such as mixnode, entry-gateway and exit-gateway are fundamental components of Nym Mixnet architecture. Nym Nodes are ran by decentralised node operators. Read more about nym-node in Operators Guide documentation. Network functionality of nym-node (labeled with --mode flag) can be:
    • mixnode - shuffles Sphinx packets together to provide privacy against network-level attackers.
    • gateway - acts sort of like a mailbox for mixnet messages, which removes the need for direct delivery to potentially offline or firewalled devices. Gateways can be further categorized as entry-gateway and exit-gateway. The latter has an extra embedded IP packet router and Network requester to route data to the internet.
  • nym-client - an executable which you can build into your own applications. Use it for interacting with Nym nodes.
  • nym-socks5-client - a Socks5 proxy you can run on your machine and use with existing applications.
  • nym-explorer - a (projected) block explorer and (existing) mixnet viewer.
  • nym-wallet - a desktop wallet implemented using the Tauri) framework.
  • nym-cli - a tool for interacting with the network from the CLI.
                      ┌─►mix──┐  mix     mix
                      │       │
            Entry     │       │                   Exit
client ───► Gateway ──┘  mix  │  mix  ┌─►mix ───► Gateway ───► internet
                              │       │
                              │       │
                         mix  └─►mix──┘  mix

Build Status

Building

Developing

References for developers:

Developer chat

You can chat to us in the #dev channel on Matrix or on the Nym Forum.

Tokenomics & Rewards

Nym network economic incentives, operator and validator rewards, and scalability of the network are determined according to the principles laid out in the section 6 of Nym Whitepaper. Initial reward pool is set to 250 million Nym, making the circulating supply 750 million Nym.

This is a monorepo and components that make up Nym as a system are licensed individually, so for accurate information, please check individual files.

As a general approach, licensing is as follows this pattern:

  • applications and binaries are GPLv3
  • libraries and components are Apache 2.0 or MIT
  • documentation is Apache 2.0 or CC0-1.0

Nym Node Operators and Validators Terms and Conditions can be found here.

Getting Started

yarn install
yarn build
S
Description
Nym provides strong network-level privacy against sophisticated end-to-end attackers, and anonymous transactions using blinded, re-randomizable, decentralized credentials.
Readme 377 MiB
Languages
Rust 65.9%
JavaScript 22.1%
TypeScript 9.1%
Shell 0.9%
Python 0.6%
Other 1.2%