Loving that lead paragraph.

  • byte1000@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    If an app on one device connects to an app on another via Veilid, it shouldn’t be possible for either client to know the other’s IP address or location from that connectivity, which is good for privacy, for instance. The app makers can’t get that info, either.

    Is that considered a new thing? I don’t think I’ve ever encountered a P2P service/protocol that also masks IP addresses.

    • juni@skein.city
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      They state they take inspiration from Tor and IPFS, so there are added transport layers below the top layer “P2P” that obfuscates ones IP address. It’s nothing new really, and I’m honestly not sure what the advantages are over something like I2P, which largely doesn’t suffer from Tor’s issues of node ownership as there are no guard or exit nodes to own (unless expressly configured), while also being faster overall.

        • giacomo@lemm.ee
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          You right. There are still IP addresses; you can’t really just yank out layer3 and call it a day.

          Here is a piece from their website about the “Secure envelopes”:

          “Each node hop only knows about the next one This is similar to onion routing, but assumes that the source is fully in control of the Safety Route and the destination is fully in control of the Private Route.”

          There’s also a packet diagram. It’s just encapsulation inception. There are also IP addresses listed as being encapsulated in the packets for additional node hops.

          I guess from the perspective of the source and destination, they don’t know each other’s IPs. So there is that v0v.

          • juni@skein.city
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            This is precisely it, and is a similar approach to the ones used by other anonymization networks as well. This allows your entry node to know your node/IP is using the network, but with a secure end-to-end tunnel, nobody along that tunnel knows the entire source -> destination path or data, so it is usually considered sufficiently anonymous and secure.