Skip to main content

Module lan

fips_core::discovery

Module lan 

Source
Expand description

LAN peer discovery via mDNS / DNS-SD (RFC 6762 / RFC 6763).

Publishes a _fips._udp.local. service advert carrying our npub and optional discovery scope on the local link, and concurrently browses for the same service type to learn peers reachable on the same broadcast domain. The result is sub-second peer pairing without any Nostr-relay roundtrip, STUN observation, or NAT traversal — the observed endpoint is by construction routable from the consumer’s LAN.

§Trust model

mDNS adverts are unauthenticated: anyone on the LAN can multicast a TXT carrying npub=.... Identity is still proven end-to-end by the Noise XX handshake the Node initiates against the observed endpoint — a spoofed advert with another peer’s npub fails the handshake and is silently dropped. Treat the mDNS advert as a routing hint, not as identity. LAN discovery is link-local mDNS only. It is not a Nostr advert and does not leave the broadcast domain unless the operator’s LAN bridges mDNS.

§Scope filtering

When a discovery_scope is configured, the advert carries it in a scope=<name> TXT entry and the browser only surfaces peers with a matching scope. Nodes on the same physical LAN but configured for different mesh networks don’t cross-feed each other.

Structs§

LanDiscoveredPeer
A peer we learned about via mDNS. Identity is unverified at this point; the Node initiates a Noise XX handshake against addr to confirm npub actually controls the matching private key.
LanDiscovery
Running mDNS responder + browser bound to the node’s UDP advert port.
LanDiscoveryConfig
Runtime configuration for the mDNS responder + browser.

Enums§

LanDiscoveryError
LanEvent
Browser-side events surfaced by LanDiscovery::drain_events.

Constants§

SERVICE_TYPE
DNS-SD service type for the FIPS LAN advert. RFC 6763 §4.1.2: must end with .local.. The _udp is the IP transport, not the upper protocol — both UDP and TCP FIPS endpoints announce under the same service type because the link-layer punch/handshake travels over UDP either way.
TXT_KEY_NPUB
TXT key carrying the bech32-encoded npub of the publishing node.
TXT_KEY_SCOPE
TXT key carrying the publishing node’s discovery_scope, if any.
TXT_KEY_VERSION
TXT key carrying the FIPS protocol version (matches the Nostr advert PROTOCOL_VERSION).