Skip to main content

Crate srx

Crate srx 

Source
Expand description

§SRX — Stochastic Routing eXtended

A next-generation VPN protocol is designed around three pillars:

  1. Stealth — DPI evasion through protocol mimicry, jitter modeling, cover traffic, and elimination of static signatures.

  2. Resilience — Multi-transport channel splitting with stochastic routing, automatic fallback, and self-healing under interference.

  3. Cryptographic strength — Hybrid post-quantum (Kyber) + ECDH key exchange, AEAD encryption, deterministic seed-based coordination, and pseudo-random re-keying.

§Architecture overview

┌─────────────────────────────────────────────────┐
│                  Application                     │
├─────────────────────────────────────────────────┤
│  Session (handshake, re-key, seed sync)          │
├─────────────────────────────────────────────────┤
│  Frame (encode/decode, fragment/reassemble)      │
├──────────┬──────────────────────────────────────┤
│ Routing  │  Masking (mimicry, jitter, cover)     │
├──────────┴──────────────────────────────────────┤
│  Channel (multiplex, fallback, health)           │
├─────────────────────────────────────────────────┤
│  Transport (TCP, UDP, QUIC, WS, gRPC, HTTP)     │
├─────────────────────────────────────────────────┤
│  Crypto (PQC-KEM, ECDH, AEAD, KDF)              │
└─────────────────────────────────────────────────┘

Re-exports§

pub use config::SrxConfig;
pub use crypto::AeadPipeline;
pub use error::Result;
pub use error::SrxError;
pub use frame::read_length_prefixed;
pub use frame::write_length_prefixed;
pub use high_api::SecureTcpSession;
pub use node::SrxNode;
pub use pipeline::Payload;
pub use pipeline::SrxPipeline;
pub use replay_storage::CustomHmacKeyProvider;
pub use replay_storage::ReplayStoreMetricsSnapshot;
pub use replay_storage::register_custom_hmac_key_provider;
pub use session::Session;
pub use signaling::inband::Signal;
pub use transport::ReconnectConfig;
pub use transport::ReconnectingTransport;
pub use transport::TcpTransport;
pub use transport::TimeoutTransport;
pub use transport::TlsTcpTransport;
pub use transport::TransportManager;
pub use transport::UdpTransport;
pub use transport::HttpTunnelTransport;
pub use transport::WebSocketTransport;
pub use transport::GrpcTransport;
pub use transport::TunnelEcho;
pub use transport::serve_tunnel_echo;
pub use transport::serve_tunnel_echo_tls;
pub use transport::QuicStreamChannel;
pub use transport::QuicTransport;

Modules§

channel
Channel management: multiplexing, fallback, health monitoring.
client
Client-side components.
config
Configuration types for SRX protocol nodes.
crypto
Cryptographic primitives for SRX.
error
Unified error types for the SRX protocol.
frame
Frame encoding, decoding, fragmentation, and reassembly.
high_api
High-level SRX API: secure framed TCP session with automatic handshake.
masking
DPI evasion and traffic masking.
metrics
Lightweight metrics for SRX pipeline and transport observability.
node
High-level entry point: ties handshake, session, and pipeline into a single API.
pipeline
End-to-end SRX pipeline: wires together padding, encryption, framing, mimicry, jitter, cover traffic, and transport dispatch into a single send/recv path.
replay_storage
Replay-state storage adapters and integrity envelope.
routing
Stochastic orthogonal routing.
seed
Seed management and deterministic PRNG for stochastic decisions.
server
Server-side components.
session
Session lifecycle: handshake, state, re-keying, and seed management.
signaling
In-band signaling and decoy protocol mechanisms.
transport
Multi-transport abstraction layer.