Add persistent Ed25519 peer identity keys#334
Open
myleshorton wants to merge 10 commits intoper-peer-bandwidthfrom
Open
Add persistent Ed25519 peer identity keys#334myleshorton wants to merge 10 commits intoper-peer-bandwidthfrom
myleshorton wants to merge 10 commits intoper-peer-bandwidthfrom
Conversation
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: myleshorton <1143966+myleshorton@users.noreply.github.com>
Co-authored-by: myleshorton <1143966+myleshorton@users.noreply.github.com>
[WIP] Update implementation based on feedback for OnConnectionChangeFunc
Add OnConnectionChangeFunc callback to BroflakeOptions
Previously, the egress server tracked ingress bytes as a single global counter. This change attributes bytes to individual peers so the data can be consumed by a future reward oracle. Changes: - Add PeerID field to EgressOptions (UUID by default) - Include peer ID in WebSocket subprotocol header alongside consumer session ID (backwards compatible: old clients fall back to CSID) - Replace global nIngressBytes atomic with per-peer sync.Map of atomic counters, shared across all connections from the same peer - Add "ingress-bytes-by-peer" OTel metric with peer_id attribute - Preserve existing "ingress-bytes" total metric for backward compat Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add a PeerIdentity type wrapping an Ed25519 keypair for persistent peer identification in the LANTERN token compensation system. The public key serves as the PeerID for bandwidth attribution, and the keypair doubles as a Solana wallet (Ed25519 is Solana's native curve). Desktop clients load/generate identity from ~/.unbounded/identity.key. WASM clients expose generateIdentity() to JS and accept an optional private key arg, with localStorage persistence on the JS side. External callers continue getting UUID PeerIDs with no changes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds support for persistent Ed25519-based peer identities to replace ephemeral UUID-based peer identification in the Broflake client. The Ed25519 keypairs serve dual purposes: they provide stable peer identification for the LANTERN token compensation system and can function as Solana wallets since Ed25519 is Solana's native cryptographic curve.
Changes:
- Introduces
PeerIdentitytype with Ed25519 keypair generation, persistence, and validation - Desktop clients automatically generate and persist identities to
~/.unbounded/identity.keywith environment variable override support - WASM clients expose
generateIdentity()JavaScript function and manage identity persistence via browser localStorage - Maintains backward compatibility by keeping UUID-based PeerID as the default fallback
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
clientcore/identity.go |
Core Ed25519 identity implementation with key generation, hex encoding/decoding, and validation |
clientcore/identity_test.go |
Comprehensive unit tests covering generation, uniqueness, round-trip serialization, signing/verification, and error cases |
clientcore/settings.go |
Adds Identity field to EgressOptions with SetIdentity() helper method; clarifies ConnectionChangeFunc documentation |
cmd/client_default_impl.go |
Desktop client implementation with file-based identity persistence at ~/.unbounded/identity.key |
cmd/client_wasm_impl.go |
WASM implementation exposing generateIdentity() to JavaScript and accepting optional private key parameter |
ui/src/utils/wasmInterface.ts |
TypeScript integration with localStorage-based identity persistence and graceful error handling |
clientcore/ui_wasm_impl.go |
Adds missing OnConnectionChangeFunc field to WASM UI implementation for consistency with desktop |
go.mod |
Promotes github.com/armon/go-socks5 and github.com/pion/transport/v3 to direct dependencies (cleanup) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Replace the tightly-coupled receipt infrastructure with a single optional callback so that external modules (lantern-token) can observe per-peer bandwidth without broflake depending on any LANTERN-specific crypto or receipt logic. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
PeerIdentitytype wrapping Ed25519 keypair (clientcore/identity.go) for persistent peer identification in the LANTERN token compensation system~/.unbounded/identity.key(overridable viaIDENTITY_FILEenv var), with graceful fallback to UUID on errorgenerateIdentity()to JS and accept an optional 12th arg innewBroflake()for the private key; JS side manages localStorage persistenceNewDefaultEgressOptions()still generates UUID PeerIDsTest plan
go build ./...passes~/.unbounded/identity.keyis created and same PeerID appears on restartgenerateIdentity()is callable from JS console🤖 Generated with Claude Code