Skip to content

LP Registration + Telescoping + Gateway Probe Localnet Mode #6286

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
durch wants to merge 32 commits into
base: develop
Choose a base branch
from
Open

LP Registration + Telescoping + Gateway Probe Localnet Mode #6286

Changes from 1 commit
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
5e0f1c7
Add KKT cryptographic primitives
georgio Dec 12, 2025
ee0f1ef
Implement LP registration protocol with KKT/PSQ integration
durch Dec 12, 2025
bcba4c8
Add LP telescoping with nested sessions and subsession support
durch Dec 12, 2025
c7bc838
Add gateway-probe localnet mode with WireGuard tunnel support
durch Dec 12, 2025
96e40f7
Increase KCP fragment limit from u8 to u16
durch Dec 16, 2025
61501c3
Zeroize Ed25519 key material in to_x25519 conversion
durch Dec 16, 2025
30d6397
Return Result from KCP session input() for error detection
durch Dec 16, 2025
ed5341f
Fix Zeroizing deref in ed25519 to_x25519 conversion
durch Dec 16, 2025
4eec053
Add semaphore-based connection limiting for LP packet forwarding
durch Dec 16, 2025
796653e
Return error on session unavailable in handle_subsession_packet
durch Dec 16, 2025
f71d7f0
Use explicit bincode Options helper in nested_session
durch Dec 16, 2025
1bdaa44
Deduplicate outer_key lookup pattern in nested_session.rs
durch Dec 16, 2025
184009f
Add LpConfig struct and AIDEV-NOTE documentation for KKT+PSQ
durch Dec 16, 2025
cca9dc2
Add forward_timeout to LP client config
durch Dec 16, 2025
44cb3ab
Add negotiated_version field to LpSession
durch Dec 16, 2025
c3f543d
Change MessageType from u16 to u32
durch Dec 16, 2025
bf60a39
Various smaller fixes
durch Dec 16, 2025
f5ebc79
Refactor LP to stream-oriented TCP processing
durch Dec 20, 2025
0de0f38
Add persistent exit stream for entry→exit forwarding
durch Dec 20, 2025
3c39352
Fix code review issues for stream-oriented LP
durch Dec 20, 2025
34c7394
Add LP registration idempotency and retry logic
durch Dec 20, 2025
1e7698d
Add no-mix-acks feature flag to nym-sphinx-framing
durch Dec 22, 2025
6da1176
Create nym-lp-speedtest crate scaffold
durch Dec 22, 2025
5c9d1ba
Implement topology fetching for nym-lp-speedtest
durch Dec 22, 2025
d0fd238
Implement LP+Sphinx+KCP client with SURB support
durch Dec 22, 2025
177d09d
Rename nym-lp-speedtest to nym-lp-client and fix KCP bug
durch Dec 22, 2025
23c7b69
Add LP mixnet mode registration with nym address return
durch Dec 23, 2025
cb2a0f9
Implement LP data handler on UDP:51264
durch Dec 23, 2025
b7c729e
Fix replay protection vulnerability in LP data handler
durch Dec 23, 2025
ade0128
feat(ipr): add KcpSessionManager for LP client KCP handling
durch Dec 23, 2025
13cd958
feat(ipr): integrate KcpSessionManager into MixnetListener
durch Dec 23, 2025
287ea9a
fix(ipr): prevent KCP detection false positives on IPR messages
durch Dec 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions common/nym-lp/src/session.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,6 +219,11 @@ pub struct LpSession {
/// ID of the successor session that replaced this one.
/// Set when demote() is called.
successor_session_id: Mutex<Option<u32>>,

/// Negotiated protocol version from handshake.
/// Set during handshake completion from the ClientHello/ServerHello packet header.
/// Used for future version negotiation and compatibility checks.
negotiated_version: std::sync::atomic::AtomicU8,
}

/// Generates a fresh salt for PSK derivation.
Expand Down Expand Up @@ -263,6 +268,24 @@ impl LpSession {
self.is_initiator
}

/// Returns the negotiated protocol version from the handshake.
///
/// Defaults to 1 (current LP version). Set during handshake via
/// `set_negotiated_version()` when ClientHello/ServerHello is processed.
pub fn negotiated_version(&self) -> u8 {
self.negotiated_version
.load(std::sync::atomic::Ordering::Acquire)
}

/// Sets the negotiated protocol version from handshake packet header.
///
/// Should be called during handshake when processing ClientHello (responder)
/// or ServerHello (initiator) to record the agreed protocol version.
pub fn set_negotiated_version(&self, version: u8) {
self.negotiated_version
.store(version, std::sync::atomic::Ordering::Release);
}

/// Returns the local X25519 public key derived from the private key.
///
/// This is used for KKT protocol when the responder needs to send their
Expand Down Expand Up @@ -409,6 +432,7 @@ impl LpSession {
subsession_counter: AtomicU64::new(0),
read_only: AtomicBool::new(false),
successor_session_id: Mutex::new(None),
negotiated_version: std::sync::atomic::AtomicU8::new(1), // Default to version 1
Copy link
Contributor

@jstuczyn jstuczyn Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldn't this be somehow derived from the exchange rather than being hardcoded? just thinking of how backwards compatibility is going to work once we bump it up to v2

})
}

Expand Down Expand Up @@ -1329,6 +1353,8 @@ impl SubsessionHandshake {
subsession_counter: AtomicU64::new(0),
read_only: AtomicBool::new(false),
successor_session_id: Mutex::new(None),
// Inherit parent's protocol version
negotiated_version: std::sync::atomic::AtomicU8::new(1),
})
}
}
Expand Down