Refactor: Update Default Bind Addresses to 127.0.0.1 Across All Examples and Core Modules

[yashksaini-coder]

Description

Following the recent integration of thin waist address validation utilities (see PR #811), the examples/echo/echo.py example now dynamically selects a bindable interface, rather than hardcoding addresses like /ip4/0.0.0.0/tcp/{port}. However, other examples and modules—including those for Identify, mDNS, and PubSub—still use 0.0.0.0 or ::1 as their default bind/listen addresses.

Using 0.0.0.0 (wildcard) or ::1 (IPv6 loopback) can have the following drawbacks:

• Security: Binding to all interfaces exposes services unnecessarily.
• Inconsistency: Example and module behaviors are not aligned, leading to confusion for users and contributors.
• Best Practices: The updated thin waist utilities support better defaults, but this is not reflected everywhere.

Unify the address selection strategy across the codebase so that all examples and relevant modules use 127.0.0.1 (IPv4 loopback) as the default bind/listen address unless explicitly required otherwise.

• PR ✨ Feat: add Thin Waist address validation utilities and integrate into echo example #811: Thin Waist Address Validation Utilities
• multiaddr best practices

Motivation

What I want to do is to make changes to:-

1. Audit All Relevant Files
   • examples/*
   • libp2p/identify/*
   • libp2p/mdns/*
   • libp2p/pubsub/*
2. Update Hardcoded Addresses
   • Replace any usage of /ip4/0.0.0.0/tcp/... or /ip4/::1/tcp/... (and similar patterns) with /ip4/127.0.0.1/tcp/... where possible.
   • Where the new thin waist utility (get_optimal_binding_address) is available, use it for address selection, ensuring it prefers loopback (127.0.0.1) over wildcard.
3. Review and Test
   • Ensure all examples still run correctly.
   • Confirm no security regressions and that no public-facing interfaces are opened unintentionally.
   • Update/readme or inline comments to document the address policy.
4. Optional: Add Tests
   • Consider adding tests that assert examples/modules do not bind to 0.0.0.0 or ::1 by default.

Current Implementation

Current Implementation in echo.py (and other examples):

• Many example files use the multiaddr format for IP addresses, with patterns like /ip4/0.0.0.0/tcp/{port} or /ip4/127.0.0.1/tcp/{port}.
• For instance, in examples/ping/ping.py, the code constructs a listening address as:

  listen_addr = multiaddr.Multiaddr(f"/ip4/0.0.0.0/tcp/{port}")

  and provides examples for /ip4/127.0.0.1/tcp/8000/... in help text.
• examples/doc-examples/example_transport.py, example_encryption_noise.py, example_encryption_insecure.py, and example_multiplexer.py all use /ip4/0.0.0.0/tcp/8000 as the listen address.
• In examples/kademlia/kademlia.py, the implementation uses /ip4/127.0.0.1/tcp/{port} for node addresses.
• Documentation and chat/pubsub examples also reference both /ip4/0.0.0.0/... and /ip4/127.0.0.1/....

Further Directory Coverage:

• The search (which may be incomplete due to result limits) indicates the following example files directly use or reference addresses in the form of /ip4/0.0.0.0/ or /ip4/127.0.0.1/:
  • examples/ping/ping.py
  • examples/doc-examples/example_transport.py
  • examples/doc-examples/example_encryption_noise.py
  • examples/doc-examples/example_encryption_insecure.py
  • examples/doc-examples/example_multiplexer.py
  • examples/kademlia/kademlia.py
• Documentation files (docs/examples.*.rst) also provide user instructions and sample commands with these addresses.

---

CC: @acul71 @seetadev

[seetadev]

@yashksaini-coder : awesome, thank you for opening the issue :) Looking forward to the PR.