Skip to Content

Wiki source code of Definitions

Version 6.1 by Zenna Elfen on 2025/11/27 12:13
Show last authors
1 == Definitions for Authentication and Access ==
2
3 (% border="1" dir="ltr" id="auth_def" style="margin-right:auto" summary="Definitions for Authentication and Access" %)
4 |=Function|=What it means in P2P context
5 |Permissions|//Define what actions a peer is allowed to perform (read, write, broadcast, modify state, etc.)//
6 |Delegation|//Allow a peer to grant some portion of its authority to another peer (e.g., "you can write to this dataset for 1 day")//
7 |Capabilities|//Tokens/objects that embody permissions and can be passed around securely//
8 |Revocation|//Ability to withdraw access (essential yet tricky, since there's no central admin)//
9 |Identity-agnostic control|//Often operations are authorized not by who you are but what capabilities you possess//
10
11
12
13 == ==
14
15 == ==
16
17 == ==
18
19 == ==
20
21 == ==
22
23 == Definitions for Security and Encryption ==
24
25 (% border="1" dir="ltr" id="sec_def" style="margin-right:auto" summary="Definitions for Security and Encryption" %)
26 |=Security Function|=Purpose|=Examples
27 |Transport Encryption|//P2P channel confidentiality//|//TLS, Noise//
28 |[[Private Interest Overlap>>https://willowprotocol.org/specs/pio/index.html#private_interest_overlap]]|//allows peers to securely determine if they have capabilities in common without revealing what those capabilities are//|//Willow//
29 |[[Prefix Pruning>>https://willowprotocol.org/specs/data-model/index.html#prefix_pruning]]|Enables removal of data by replacing data with a new timestamped file that is empty, encouraging replication of the deletion.  "you have a path hierarchy which lets you prune off a whole bunch of leaves by cutting at the root. Like if you replaced your Documents directory with a text file of the same name."|//Willow//
30 |Message" Encryption|//End-to-end secrecy, async//|//MLS, Olm/Megolm, DR//
31 |Identity & Trust|//Who’s who, key bootstrapping//|//DIDs, TOFU, Web-of-trust//
32 |Integrity|//Detect tampering//|//AEAD, Merkle DAGs//
33 |Key Lifecycle|//Rotation, revocation, recovery//|//X3DH, key transparency//
34 |Anonymity & Metadata Protection|//Hide who communicates with whom//|//Tor, mixnets//
35 |Anti-Abuse / Sybil Resistance|//Resist spam and capture//|//PoW, stake, identity proofs//
36 |Censorship Resistance|//Survive blocking, surveillance//|//pluggable transports, relays//
37 |Secure Storage|//Protect data at rest//|//hardware keystores, secret sharing//
38 |Integrated Overlays|//All of the above in one stack//|//Veilid, I2P, Nym//
39 |Confidentiality|//Only intended peers can read communication//|//TLS, DTLS, Noise Protocol Framework, AEAD (e.g., ChaCha20-Poly1305), MLS, Olm/Megolm, WireGuard, Veilid E2E channels//
40 |Integrity|//Messages can't be modified undetected//|//Digital signatures (Ed25519, BLS), MACs, Merkle DAGs (IPLD/IPFS), Hash chains, Signed Gossip, BPSec//
41 |Authentication|//Verify identity or cryptographic key ownership//|//Noise handshake patterns, TLS mutual auth, DIDs, Web-of-Trust (PGP), TOFU (SSH-style), libp2p PeerIDs, X3DH (Signal)//
42 |Forward Secrecy|//Compromising long-term keys does not reveal past messages//|//Double Ratchet, X3DH, MLS TreeKEM, Noise ephemeral handshakes, Olm (Matrix)//
43 |Metadata protection|//Hide sender, receiver, and communication patterns//|//Tor (Onion routing), Mixnets (Katzenpost / Nym), Dandelion++ (P2P routing privacy), Cover traffic schemes, Veilid routing obfuscation//
44 |Resilience|//Continue operating despite adversarial environments//|//Multipath routing (Tor bridges, libp2p relay), Censorship-resistant transports (Snowflake, Pluggable transports), DTN/BPSec, CRDT/replicated DHT storage (IPFS/Kademlia), Opportunistic mesh routing (Briar/Scuttlebutt), Veilid global overlay network//
45
46
47
48
49
50
51
52
53
54
55