chore: add connection encryption examples

Author: achingbrain

README.md

@@ -49,6 +49,7 @@ Feel free to jump directly into the examples, however going through the followin
 #### Understanding how libp2p works
 
 - [Circuit Relay](./examples/js-libp2p-example-circuit-relay) - configuring Circuit Relay connections
+- [Connection Encryption](./examples/js-libp2p-example-connection-encryption) - how to encrypt connection between libp2p nodes
 
 #### Other examples
 

examples/js-libp2p-example-connection-encryption/.github/pull_request_template.md

@@ -0,0 +1,17 @@
+# ⚠️ IMPORTANT ⚠️
+
+# Please do not create a Pull Request for this repository
+
+The contents of this repository are automatically synced from the parent [js-libp2p Examples Project](https://github.com/libp2p/js-libp2p-examples) so any changes made to the standalone repository will be lost after the next sync.
+
+Please open a PR against [js-libp2p Examples](https://github.com/libp2p/js-libp2p-examples) instead.
+
+## Contributing
+
+Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are **greatly appreciated**.
+
+1. Fork the [js-libp2p Examples Project](https://github.com/libp2p/js-libp2p-examples)
+2. Create your Feature Branch (`git checkout -b feature/amazing-example`)
+3. Commit your Changes (`git commit -a -m 'feat: add some amazing example'`)
+4. Push to the Branch (`git push origin feature/amazing-example`)
+5. Open a Pull Request

examples/js-libp2p-example-connection-encryption/.github/workflows/sync.yml

@@ -0,0 +1,19 @@
+name: pull
+
+on:
+  workflow_dispatch
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Pull from another repository
+        uses: ipfs-examples/actions-pull-directory-from-repo@main
+        with:
+          source-repo: libp2p/js-libp2p-examples
+          source-folder-path: examples/${{ github.event.repository.name }}
+          source-branch: main
+          target-branch: main
+          git-username: github-actions
+          git-email: [email protected]

examples/js-libp2p-example-connection-encryption/LICENSE

@@ -0,0 +1,4 @@
+This project is dual licensed under MIT and Apache-2.0.
+
+MIT: https://www.opensource.org/licenses/mit
+Apache-2.0: https://www.apache.org/licenses/license-2.0

examples/js-libp2p-example-connection-encryption/LICENSE-APACHE

@@ -0,0 +1,5 @@
+Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

examples/js-libp2p-example-connection-encryption/LICENSE-MIT

@@ -0,0 +1,19 @@
+The MIT License (MIT)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

examples/js-libp2p-example-connection-encryption/README.md

@@ -0,0 +1,67 @@
+# @libp2p/example-connection-encryption <!-- omit in toc -->
+
+[![libp2p.io](https://img.shields.io/badge/project-libp2p-yellow.svg?style=flat-square)](http://libp2p.io/)
+[![Discuss](https://img.shields.io/discourse/https/discuss.libp2p.io/posts.svg?style=flat-square)](https://discuss.libp2p.io)
+[![codecov](https://img.shields.io/codecov/c/github/libp2p/js-libp2p-examples.svg?style=flat-square)](https://codecov.io/gh/libp2p/js-libp2p-examples)
+[![CI](https://img.shields.io/github/actions/workflow/status/libp2p/js-libp2p-examples/ci.yml?branch=main\&style=flat-square)](https://github.com/libp2p/js-libp2p-examples/actions/workflows/ci.yml?query=branch%3Amain)
+
+> An example of how to configure connection encrypters
+
+## Table of contents <!-- omit in toc -->
+
+- [Set up encrypted communications](#set-up-encrypted-communications)
+- [License](#license)
+- [Contribution](#contribution)
+
+All traffic sent over connections between two libp2p nodes is encrypted. This gives us peace of mind that the node we are talking to is the node we think we are talking to, and that no-one is able to eavesdrop or interfere with the data we are exchanging.
+
+You may have noticed that every time we dial the [multiaddr](https://multiformats.io/multiaddr) of a peer in libp2p space, we include the [PeerId](https://docs.libp2p.io/concepts/fundamentals/peers/#peer-id) at the end:
+
+```
+/ip4/127.0.0.1/tcp/89765/p2p/12D3Foo
+```
+
+For some types of `PeerID`, it is the public key of the remote node (Ed25519 and secp256k1) or, when the public key is too large to embed in a string, it can be the a hash of the public key (RSA).
+
+Including the `PeerID` in the multiaddr allows us to authenticate the remote peer by creating a crypto challenge that allows them to prove they hold the the private key that matches the public key we know.
+
+Once authenticated in this fashion we can proceed to encrypt/decrypt all traffic sent over the connection.
+
+There are several strategies for performing encryption, the most common uses the [Noise Protocol Framework](http://www.noiseprotocol.org/).
+
+js-libp2p also supports a plaintext "encryption" implementation that should not be used in production but is sometimes useful for testing.
+
+## Set up encrypted communications
+
+To add them to your libp2p configuration, all you have to do is:
+
+```JavaScript
+import { noise } from '@chainsafe/libp2p-noise'
+import { yamux } from '@chainsafe/libp2p-yamux'
+import { tcp } from '@libp2p/tcp'
+import { createLibp2p } from 'libp2p'
+
+const createNode = async () => {
+  return await createLibp2p({
+    transports: [ tcp() ],
+    streamMuxers: [ yamux() ],
+    // Attach noise as the crypto channel to use
+    conectionEncrypters: [ noise() ]
+  })
+}
+```
+
+And that's it, from now on, all your libp2p communications are encrypted. Try running the example [noise.js](./noise.js) to see it working.
+
+To experiment with the plaintext implementation, run [plaintext.js](./plaintext.js).
+
+## License
+
+Licensed under either of
+
+- Apache 2.0, ([LICENSE-APACHE](LICENSE-APACHE) / <http://www.apache.org/licenses/LICENSE-2.0>)
+- MIT ([LICENSE-MIT](LICENSE-MIT) / <http://opensource.org/licenses/MIT>)
+
+## Contribution
+
+Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

examples/js-libp2p-example-connection-encryption/noise.js

@@ -0,0 +1,43 @@
+/* eslint-disable no-console */
+
+import { noise } from '@chainsafe/libp2p-noise'
+import { yamux } from '@chainsafe/libp2p-yamux'
+import { tcp } from '@libp2p/tcp'
+import { pipe } from 'it-pipe'
+import { createLibp2p } from 'libp2p'
+import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string'
+import { toString as uint8ArrayToString } from 'uint8arrays/to-string'
+
+const createNode = async () => {
+  const node = await createLibp2p({
+    addresses: {
+      listen: ['/ip4/0.0.0.0/tcp/0']
+    },
+    transports: [tcp()],
+    streamMuxers: [yamux()],
+    connectionEncryption: [noise()]
+  })
+
+  return node
+}
+
+const node1 = await createNode()
+const node2 = await createNode()
+
+node2.handle('/a-protocol', ({ stream }) => {
+  pipe(
+    stream,
+    async function (source) {
+      for await (const msg of source) {
+        console.log(uint8ArrayToString(msg.subarray()))
+      }
+    }
+  )
+})
+
+const stream = await node1.dialProtocol(node2.getMultiaddrs(), '/a-protocol')
+
+await pipe(
+  [uint8ArrayFromString('This information is sent out encrypted to the other peer')],
+  stream
+)

examples/js-libp2p-example-connection-encryption/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "@libp2p/example-connection-encryption",
+  "version": "0.0.0",
+  "description": "An example of how to configure connection encryption",
+  "license": "Apache-2.0 OR MIT",
+  "homepage": "https://github.com/libp2p/js-libp2p-examples/tree/master/examples/js-libp2p-example-connection-encryption#readme",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/libp2p/js-libp2p-examples.git"
+  },
+  "bugs": {
+    "url": "https://github.com/libp2p/js-libp2p-examples/issues"
+  },
+  "type": "module",
+  "scripts": {
+    "test": "test-node-example test/*"
+  },
+  "dependencies": {
+    "@chainsafe/libp2p-noise": "^13.0.0",
+    "@chainsafe/libp2p-yamux": "^5.0.0",
+    "@libp2p/mplex": "^9.0.0",
+    "@libp2p/tcp": "^8.0.0",
+    "it-pipe": "^3.0.1",
+    "libp2p": "^0.46.0",
+    "uint8arrays": "^4.0.6"
+  },
+  "devDependencies": {
+    "test-ipfs-example": "^1.0.0"
+  },
+  "private": true
+}

examples/js-libp2p-example-connection-encryption/plaintext.js

@@ -0,0 +1,43 @@
+/* eslint-disable no-console */
+
+import { yamux } from '@chainsafe/libp2p-yamux'
+import { tcp } from '@libp2p/tcp'
+import { pipe } from 'it-pipe'
+import { createLibp2p } from 'libp2p'
+import { plaintext } from 'libp2p/insecure'
+import { fromString as uint8ArrayFromString } from 'uint8arrays/from-string'
+import { toString as uint8ArrayToString } from 'uint8arrays/to-string'
+
+const createNode = async () => {
+  const node = await createLibp2p({
+    addresses: {
+      listen: ['/ip4/0.0.0.0/tcp/0']
+    },
+    transports: [tcp()],
+    streamMuxers: [yamux()],
+    connectionEncryption: [plaintext()]
+  })
+
+  return node
+}
+
+const node1 = await createNode()
+const node2 = await createNode()
+
+node2.handle('/a-protocol', ({ stream }) => {
+  pipe(
+    stream,
+    async function (source) {
+      for await (const msg of source) {
+        console.log(uint8ArrayToString(msg.subarray()))
+      }
+    }
+  )
+})
+
+const stream = await node1.dialProtocol(node2.getMultiaddrs(), '/a-protocol')
+
+await pipe(
+  [uint8ArrayFromString('This information is sent out encrypted to the other peer')],
+  stream
+)