feat(dash-spv): Add BIP324 v2 encrypted P2P transport

Implement BIP324 encrypted transport for dash-spv peer connections:

- Add Transport trait abstracting v1/v2 protocol differences
- Implement V1Transport (extracted from existing peer.rs code)
- Implement V2Transport with ChaCha20-Poly1305 encryption
- Add V2 handshake with ElligatorSwift key exchange
- Add Dash-specific short message IDs (128-167)
- Add TransportPreference config (V2Preferred, V2Only, V1Only)
- Default to V2Preferred with automatic fallback to v1

Key implementation details:
- Cache decrypted packet length to prevent cipher state desync
- Support all Dash short IDs matching Dash Core's V2_DASH_IDS
- Proper handling of bip324 crate's packet type header byte

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <[email protected]>

Author: PastaPastaPasta

dash-spv/Cargo.toml

@@ -18,6 +18,9 @@ key-wallet-manager = { path = "../key-wallet-manager" }
 # BLS signatures
 blsful = { git = "https://github.com/dashpay/agora-blsful", rev = "0c34a7a488a0bd1c9a9a2196e793b303ad35c900" }
 
+# BIP324 v2 P2P encrypted transport
+bip324 = { git = "https://github.com/rust-bitcoin/bip324", rev = "8c469432", features = ["std", "tokio"] }
+
 # CLI
 clap = { version = "4.0", features = ["derive", "env"] }
 

dash-spv/src/client/config.rs

@@ -7,6 +7,7 @@ use std::time::Duration;
 use dashcore::Network;
 // Serialization removed due to complex Address types
 
+use crate::network::transport::TransportPreference;
 use crate::types::ValidationMode;
 
 /// Strategy for handling mempool (unconfirmed) transactions.
@@ -152,6 +153,10 @@ pub struct ClientConfig {
 
     /// Timeout for QRInfo requests (default: 30 seconds).
     pub qr_info_timeout: Duration,
+
+    /// Transport preference for peer connections (V1, V2, or V2 with fallback).
+    /// Default is V2Preferred: try V2 encrypted transport first, fall back to V1.
+    pub transport_preference: TransportPreference,
 }
 
 impl Default for ClientConfig {
@@ -201,6 +206,8 @@ impl Default for ClientConfig {
             // QRInfo defaults (simplified per plan)
             qr_info_extra_share: false, // Matches DMLviewer.patch default
             qr_info_timeout: Duration::from_secs(30),
+            // Transport preference (BIP324 v2 encrypted by default with v1 fallback)
+            transport_preference: TransportPreference::default(),
         }
     }
 }
@@ -342,6 +349,16 @@ impl ClientConfig {
         self
     }
 
+    /// Set transport preference for peer connections.
+    ///
+    /// - `V2Preferred` (default): Try BIP324 v2 encrypted transport first, fall back to v1
+    /// - `V2Only`: Require BIP324 v2 encrypted transport, fail if peer doesn't support it
+    /// - `V1Only`: Use traditional unencrypted v1 transport only
+    pub fn with_transport_preference(mut self, preference: TransportPreference) -> Self {
+        self.transport_preference = preference;
+        self
+    }
+
     /// Validate the configuration.
     pub fn validate(&self) -> Result<(), String> {
         // Note: Empty peers list is now valid - DNS discovery will be used automatically

dash-spv/src/error.rs

@@ -104,6 +104,19 @@ pub enum NetworkError {
 
     #[error("System time error: {0}")]
     SystemTime(String),
+
+    // BIP324 V2 transport errors
+    #[error("V2 handshake failed: {0}")]
+    V2HandshakeFailed(String),
+
+    #[error("V2 decryption failed: {0}")]
+    V2DecryptionFailed(String),
+
+    #[error("V2 encryption failed: {0}")]
+    V2EncryptionFailed(String),
+
+    #[error("V2 not supported by peer")]
+    V2NotSupported,
 }
 
 /// Storage-related errors.

dash-spv/src/network/manager.rs

@@ -27,6 +27,7 @@ use crate::network::pool::PeerPool;
 use crate::network::reputation::{
     misbehavior_scores, positive_scores, PeerReputationManager, ReputationAware,
 };
+use crate::network::transport::TransportPreference;
 use crate::network::{HandshakeManager, NetworkManager, Peer};
 use crate::types::PeerInfo;
 
@@ -71,6 +72,8 @@ pub struct PeerNetworkManager {
     exclusive_mode: bool,
     /// Cached count of currently connected peers for fast, non-blocking queries
     connected_peer_count: Arc<AtomicUsize>,
+    /// Transport preference for peer connections (V1, V2, or V2 with fallback)
+    transport_preference: TransportPreference,
 }
 
 impl PeerNetworkManager {
@@ -124,6 +127,7 @@ impl PeerNetworkManager {
             user_agent: config.user_agent.clone(),
             exclusive_mode,
             connected_peer_count: Arc::new(AtomicUsize::new(0)),
+            transport_preference: config.transport_preference,
         })
     }
 
@@ -210,13 +214,16 @@ impl PeerNetworkManager {
         let mempool_strategy = self.mempool_strategy;
         let user_agent = self.user_agent.clone();
         let connected_peer_count = self.connected_peer_count.clone();
+        let transport_preference = self.transport_preference;
 
         // Spawn connection task
         let mut tasks = self.tasks.lock().await;
         tasks.spawn(async move {
             log::debug!("Attempting to connect to {}", addr);
 
-            match Peer::connect(addr, CONNECTION_TIMEOUT.as_secs(), network).await {
+            match Peer::connect(addr, CONNECTION_TIMEOUT.as_secs(), network, transport_preference)
+                .await
+            {
                 Ok(mut peer) => {
                     // Perform handshake
                     let mut handshake_manager =
@@ -1036,6 +1043,7 @@ impl Clone for PeerNetworkManager {
             user_agent: self.user_agent.clone(),
             exclusive_mode: self.exclusive_mode,
             connected_peer_count: self.connected_peer_count.clone(),
+            transport_preference: self.transport_preference,
         }
     }
 }

dash-spv/src/network/mod.rs

@@ -9,6 +9,7 @@ pub mod peer;
 pub mod persist;
 pub mod pool;
 pub mod reputation;
+pub mod transport;
 
 #[cfg(test)]
 mod tests;
@@ -25,6 +26,7 @@ use dashcore::BlockHash;
 pub use handshake::{HandshakeManager, HandshakeState};
 pub use manager::PeerNetworkManager;
 pub use peer::Peer;
+pub use transport::{Transport, TransportPreference, V1Transport};
 
 /// Network manager trait for abstracting network operations.
 #[async_trait]