Problem
libp2p PSK / pnet is unimplemented. Embedders who want a closed network (PoC chains, testnets that should not leak into public bootnodes, internal infra) can't gate inbound/outbound connections on a 32-byte shared key the way go-libp2p `pnet.NewProtector` does.
Today the only authentication is the libp2p TLS / Noise identity layer (per-peer), not a network-wide secret.
Scope
- New module `src/security/pnet.zig` implementing V1 PSK:
- 24-byte nonce + ChaCha20 XOR wrap around the post-handshake transport.
- Loader for the magic `/key/swarm/psk/1.0.0/` PEM-like format.
- Optional knob on `host.HostConfig` to attach a PSK; when set, transports refuse plain connections.
- Both TCP (post-Noise) and QUIC (negotiated at multistream layer before app streams) paths.
- Round-trip + cross-impl test against go-libp2p `pnet` once available.
Open question
QUIC + PSK is awkward — the libp2p PSK spec was written for plaintext post-TCP. The standard approach is don't apply PSK to QUIC since TLS already authenticates. Decide here whether we ship PSK as a TCP-only feature, or extend it.
Acceptance
- Module + PEM loader + tests.
- Documented behaviour for QUIC (likely "not applicable / use the libp2p TLS extension's peer set").
- README "Supported" matrix updated.
Problem
libp2p PSK / pnet is unimplemented. Embedders who want a closed network (PoC chains, testnets that should not leak into public bootnodes, internal infra) can't gate inbound/outbound connections on a 32-byte shared key the way go-libp2p `pnet.NewProtector` does.
Today the only authentication is the libp2p TLS / Noise identity layer (per-peer), not a network-wide secret.
Scope
Open question
QUIC + PSK is awkward — the libp2p PSK spec was written for plaintext post-TCP. The standard approach is don't apply PSK to QUIC since TLS already authenticates. Decide here whether we ship PSK as a TCP-only feature, or extend it.
Acceptance