-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WebRTC for Waku #1181
Comments
To keep a small incremental scope for domain, I suggest we focus on browser-to-browser connections to enable further relay connections. Why?
As there is currently no decentralized solution, I think it is fine to further investigate the usage of STUN and TURN servers so we can progress while keeping an eye on the decentralized option described above. I think there are 2 next steps to be done in parallel-ish because they feed from each other:
RFC Let's write an RFC to clearly state the privacy (lack of) guarantees of using WebRTC transport for Waku with a centralized STUN and TURN server. In said RFC, we can clarify what metadata is leaked and possible linkabilty between two parties using the same STUN server to connect to each other. Noting that there are a number of scenarios that are of interest:
This should be done with consideration for both STUN and TURN servers. From this, we can then draw some guidelines. E.g.: prefer to use Google STUN server as no linkability is possible except for timing attacks but as the Google server is used by many application then the chance of it happening are lower. PoC In terms of PoC, the next step would be to get several browser in the same Relay mesh by connecting to each other via WebRTC (using centralized servers). I can see two current blockers for this:
|
@s1fr0 Can you check my comments on noise and share your thoughts on the matter? |
Cc @kaiserd re peer exchange/advertisement of short-lived WebRTC nodes |
Note that most of this issues have been solved in the libp2p webrtc (wip) implementation The only thing that is specific to waku is that if hole-punching fails, you apparently want to use a relay server to enable "full relayed connections" between the peers (whereas libp2p will just fail) |
Great to hear
I wonder if it would be possible to agree on a nwaku node to use as a relay server. |
You could use libp2p's circuit relay, but the real question is who is going to allocate bandwidth for private peers to use For a simple 1-1 video call with 0.5 mbit/s per stream (360p 30 fps) stream, the relay has to
Who is ready to waste 2mbit/s of bandwidth for two random people to call each other? That's almost 1GB/hour for a single 1-1, that would never scale. From a random internet source, 86% of webrtc connections succeeds without a relay, that leaves 14% of connections that needs to be relayed. I really don't see an easy way to get a "fat pipe" between peers that cannot connect directly to each other, unfortunately. FYI, when protocol labs started the circuit relay protocol in IPFS, they hoped that other people would also run relay nodes in the network. But they ended up being the only one willing to bear the cost, so they instead tuned the relay protocol to be cheap enough that everyone in the network runs it (and the "light version" means "only using it to try to hole-punch, not to actually relay data")
|
@weboko to split the use WebRTC for Waku Relay milestone in smaller chunks of works. |
API improvement of XK1 pattern tracked with waku-org/js-noise#3 (master issue for noise handshake API improvements). |
The goal: enable WebRTC as transport for To achieve it we need to have following parts in place:
Roughly we want
note: because browser tab is short lived there are many edge cases to consider such as intention of Alice can be outdated, cap number of rtc connections, spam during etc. Once connection is established we want to add it to the mesh of Experiment#1At this point Next attemptsIn following experiments will try to showcase broadcasting approach to establishing connection in a way approximate to what we want to see. Following work for
|
Before doing discovery via broadcasting, maybe a QR code (phone to laptop) |
Blocked on #1315 |
Unblocked now, working on integrating transport again and iterating towards providing example based on QR code / broadcasting |
Update: I believe with libp2p See https://github.com/libp2p/specs/blob/master/relay/circuit-v2.md#rationale |
Totally agree! So this is actually used for a first rough example it is going to be the implementation. For the next iterations similar approach will be used as in this noise-rtc example. |
Also if Waku is focused on scalability with this issue, then eventually you'll likely consider Gossipsub over webrtc if you haven't already (I'm not that familiar with the Waku architecture). I mention this because it doesn't work so well browser-to-browser right now in JS. I've already opened an issue on the javascript side for this here ChainSafe/js-libp2p-gossipsub#448 but another option will soon also be to use At that point I envision a mesh of browser webrtc gossipsub nodes, which would be fantastic! |
The js-libp2p team has done some work on decentralised hole punching (tracked with libp2p/js-libp2p#1461) which might be helpful here |
Iceboxing as this track is on hold while we work on other milestones. |
This is a feature request
Problem
We have some scenarios that can be improved by Waku having WebRTC capabilities.
Discussions around WebRTC usually are concentrated around two points:
These problems have different solutions and they give different benefits.
Browser to server:
Browser to browser:
Note: there is another server-to-browser approach which I didn't cover here and have limited knowledge of.
Browser to server
As far as I know there were some efforts to have it implemented in
nwaku
andgo-waku
:But there is no implementation for it yet.
In order to move forward with it we need to determine priority of this and action accordingly.
There are no obvious blockers that I can identify now.
Browser to browser
We have an example that shows how WebRTC connection can be established between two clients by using Waku Noise.
Work on it revealed some road blockers:
SDP
coordinates which forces client to rely on some other server to get it. In the example I used dummy GoogleSTUN
server (here);TURN
server is unavoidable. Clients won't be able to connect directly in case both of them are behind NAT andhole-punching
failed, see;These points are identified as blocker because usage of some
STUN/TURN
servers kills the purpose of Waku usage and creates censorship risks if it is done not in an intentional way.What we can do to overcome it:
STUN
capabilities inwaku
nodes;STUN
server/servers for a particular network or an application such as Status;My opinion is that it makes sense to stick to similar approach as
libp2p
and let consumers set and possibly operate their servers. Later on whenlibp2p
releases theirbrowser-to-browser
API we can just move to using it.This approach can let such consumers as Status use WebRTC from Waku fairly easily and soon.
As a long term goal it might make sense to extend waku network with
STUN
capabilities. This will require considerate amount of work and planning. I believe we can do it after understanding how usable it is to developers.References
Previous research - #20
libp2p browser-to-browser - libp2p/specs#497
libp2p browser-to-server - https://github.com/libp2p/specs/blob/master/webrtc/README.md
Other links
Waku WebRTC PoC - https://github.com/waku-org/js-waku-examples/tree/master/examples/noise-rtc
libp2p browser-to-browser PR - libp2p/js-libp2p-webrtc#90
WebRTC security overview - https://webrtc-security.github.io/
nwaku
issue on WebRTC - waku-org/nwaku#872go-waku
issue on WebRTC - waku-org/go-waku#203libp2p
direct connection approach - https://github.com/libp2p/specs/blob/master/relay/DCUtR.mdUPD: thanks to @Menduist were able to clarify some points.
The text was updated successfully, but these errors were encountered: