feat(mix): integrate LIONESS Sphinx payload encryption

2026-05-11 21:09:27 +00:00 · 2026-04-28 17:01:24 +05:30 · 2026-04-28 17:01:24 +05:30 · d2cb0a5ada
commit d2cb0a5ada
parent 15d341ca02
6 changed files with 105 additions and 15 deletions
--- a/simulations/mixnet/run_lioness_sim.sh
+++ b/simulations/mixnet/run_lioness_sim.sh
@ -0,0 +1,87 @@
+#!/bin/bash
+# Headless mixnet simulation driver for the LIONESS payload-encryption branch.
+# Starts 5 mix nodes + 2 chat clients in background, sends a test message
+# from alice → bob through the mixnet, captures cover-traffic metrics, tears down.
+
+set -u
+cd "$(dirname "$0")"
+
+# --- cleanup helper ---------------------------------------------------
+cleanup() {
+  echo "[cleanup] killing wakunode2 + chat2mix processes..."
+  pkill -f 'wakunode2 --config-file' 2>/dev/null
+  pkill -f 'chat2mix --cluster-id=2' 2>/dev/null
+  sleep 1
+}
+trap cleanup EXIT
+
+# --- start mix nodes --------------------------------------------------
+echo "[sim] starting bootstrap mix node..."
+./run_mix_node.sh > mix_node.log 2>&1 &
+sleep 6
+
+for i in 1 2 3 4; do
+  echo "[sim] starting mix node $i..."
+  ./run_mix_node$i.sh > mix_node$i.log 2>&1 &
+  sleep 2
+done
+
+echo "[sim] waiting 15s for nodes to peer..."
+sleep 15
+
+echo "[sim] checking node setup completion..."
+for f in mix_node.log mix_node1.log mix_node2.log mix_node3.log mix_node4.log; do
+  if grep -q "Node setup complete" "$f"; then
+    echo "  [ok] $f"
+  else
+    echo "  [WARN] $f missing 'Node setup complete'"
+  fi
+done
+
+# --- baseline metrics -------------------------------------------------
+echo ""
+echo "[sim] === baseline cover-traffic metrics (t0) ==="
+./check_cover_traffic.sh > metrics_t0.log 2>&1
+cat metrics_t0.log
+
+# --- chat clients -----------------------------------------------------
+echo ""
+echo "[sim] launching chat clients..."
+
+# alice: nickname → wait → send message → wait → /exit
+( echo "alice"
+  sleep 20
+  echo "Hello from Alice via LIONESS!"
+  sleep 25
+  echo "/exit"
+) | ./run_chat_mix.sh > chat_alice.log 2>&1 &
+
+# bob: nickname → wait → /exit (just listening)
+( echo "bob"
+  sleep 50
+  echo "/exit"
+) | ./run_chat_mix1.sh > chat_bob.log 2>&1 &
+
+echo "[sim] waiting 60s for message round-trip through mixnet..."
+sleep 60
+
+# --- verify message receipt ------------------------------------------
+echo ""
+echo "[sim] === message delivery check ==="
+if grep -q "Hello from Alice via LIONESS" chat_bob.log; then
+  echo "[PASS] Bob received Alice's message"
+  grep "Hello from Alice" chat_bob.log
+else
+  echo "[FAIL] Bob did not receive Alice's message"
+  echo "--- last 20 lines of chat_bob.log ---"
+  tail -20 chat_bob.log
+fi
+
+# --- final metrics ----------------------------------------------------
+echo ""
+echo "[sim] === post-traffic cover-traffic metrics (t1) ==="
+./check_cover_traffic.sh > metrics_t1.log 2>&1
+cat metrics_t1.log
+
+echo ""
+echo "[sim] done. Logs: mix_node*.log, chat_alice.log, chat_bob.log, metrics_t{0,1}.log"
--- a/vendor/nim-libp2p
+++ b/vendor/nim-libp2p
@ -1 +1 @@
-Subproject commit d2675d122c5ec6f21a9620f9360e5fd29de75404
+Subproject commit c518502842f34a542a9d70ed0766d0efc9d694b4
--- a/waku/discovery/waku_kademlia.nim
+++ b/waku/discovery/waku_kademlia.nim
@ -68,11 +68,9 @@ proc new*(
  # initial self-signed peer record published to the DHT
  if params.advertiseMix:
    if params.mixPubKey.isSome():
-      let alreadyAdvertising = kademlia.startAdvertising(
+      kademlia.startAdvertising(
        ServiceInfo(id: MixProtocolID, data: @(params.mixPubKey.get()))
      )
-      if alreadyAdvertising:
-        warn "mix service was already being advertised"
      debug "extended kademlia advertising mix service",
        keyHex = byteutils.toHex(params.mixPubKey.get()),
        bootstrapNodes = params.bootstrapNodes.len
@ -162,17 +160,18 @@ proc lookupMixPeers*(
    return err("cannot lookup mix peers: kademlia not mounted")

  let mixService = ServiceInfo(id: MixProtocolID, data: @[])
-  var records: seq[ExtendedPeerRecord]
-  try:
-    records = await wk.protocol.lookup(mixService)
-  except CatchableError:
-    return err("mix peer lookup failed: " & getCurrentExceptionMsg())
+  let advertisements =
+    try:
+      (await wk.protocol.lookup(mixService)).valueOr:
+        return err("mix peer lookup failed: " & error)
+    except CatchableError:
+      return err("mix peer lookup failed: " & getCurrentExceptionMsg())

-  debug "mix peer lookup returned records", numRecords = records.len
+  debug "mix peer lookup returned records", numRecords = advertisements.len

  var added = 0
-  for record in records:
-    let peerOpt = remotePeerInfoFrom(record)
+  for ad in advertisements:
+    let peerOpt = remotePeerInfoFrom(ad.data)
    if peerOpt.isNone():
      continue

@ -202,7 +201,7 @@ proc runDiscoveryLoop(

      var records: seq[ExtendedPeerRecord]
      try:
-        records = await wk.protocol.randomRecords()
+        records = await wk.protocol.lookupRandom()
      except CatchableError as e:
        warn "extended kademlia discovery failed", error = e.msg
        await sleepAsync(interval)
--- a/waku/factory/builder.nim
+++ b/waku/factory/builder.nim
@ -189,7 +189,7 @@ proc build*(builder: WakuNodeBuilder): Result[WakuNode, string] =
      wsAddress = builder.netConfig.get().wsHostAddress,
      transportFlags = {ServerFlags.ReuseAddr, ServerFlags.TcpNoDelay},
      rng = rng,
-      maxConnections = builder.switchMaxConnections.get(builders.MaxConnections),
+      maxConnections = builder.switchMaxConnections.get(MaxConnections),
      wssEnabled = builder.netConfig.get().wssEnabled,
      secureKeyPath = builder.switchSslSecureKey.get(""),
      secureCertPath = builder.switchSslSecureCert.get(""),
@ -209,7 +209,7 @@ proc build*(builder: WakuNodeBuilder): Result[WakuNode, string] =
    maxServicePeers = some(builder.maxServicePeers),
    colocationLimit = builder.colocationLimit,
    shardedPeerManagement = builder.shardAware,
-    maxConnections = builder.switchMaxConnections.get(builders.MaxConnections),
+    maxConnections = builder.switchMaxConnections.get(MaxConnections),
  )

  var node: WakuNode
--- a/waku/node/peer_manager/peer_manager.nim
+++ b/waku/node/peer_manager/peer_manager.nim
@ -24,6 +24,7 @@ import
    common/utils/parse_size_units,
    common/broker/broker_context,
    node/health_monitor/online_monitor,
+    node/waku_switch,
  ],
  ./peer_store/peer_storage,
  ./waku_peer_store
--- a/waku/node/waku_switch.nim
+++ b/waku/node/waku_switch.nim
@ -17,6 +17,9 @@ import

 # override nim-libp2p default value (which is also 1)
 const MaxConnectionsPerPeer* = 1
+# nim-libp2p#2329 made libp2p's MaxConnections const private
+# (renamed to DefaultMaxConnections); redeclare here to keep waku's cap explicit.
+const MaxConnections* = 50

 proc withWsTransport*(b: SwitchBuilder): SwitchBuilder =
  b.withTransport(