v0.28.3

What's Changed

• Updates quic-go to v0.33.1

Full Changelog: v0.28.2...v0.28.3

v0.27.9

What's Changed

• Update quic-go to v0.33.1

Full Changelog: v0.27.8...v0.27.9

v0.27.8

This patch release contains backports of:

• updating the qtls dependencies (qtls is quic-go's fork of crypto/tls). The new versions now contain a backport of the Go standard library fix included in the Go 1.20.7 / 1.19.12 release for quic-go's crypto/tls fork: golang/go@2350afd
• core/crypto: restrict RSA keys to <= 8192 bits: #2454. The analogous vulnerability in go-libp2p's crypto package.
• swarm: don't open new streams over transient connections: #2450. This fixes a regression introduced in v0.26.0.

Note that in order to be protected against the DoS attack making use of large RSA keys, it's necessary to update to this patch release AND to use the updated Go compiler (1.20.7 or 1.19.12, respectively).

Full Changelog: v0.27.7...v0.27.8

v0.29.1

This patch release contains backports of:

• update quic-go to v0.36.3, fixing RSA key size vulnerability: #2455. This in turn is a backport of the Go standard library fix included in the Go 1.20.7 / 1.19.12 release for quic-go's crypto/tls fork: golang/go@2350afd
• core/crypto: restrict RSA keys to <= 8192 bits: #2454. The analogous vulnerability in go-libp2p's crypto package.
• swarm: don't open new streams over transient connections: #2450. This fixes a regression introduced in v0.26.0.

Note that in order to be protected against the DoS attack making use of large RSA keys, it's necessary to update to this patch release AND to use the updated Go compiler (1.20.7 or 1.19.12, respectively).

Full Changelog: v0.29.0...v0.29.1

v0.28.2

This patch release contains backports of:

• updating the qtls dependencies (qtls is quic-go's fork of crypto/tls). The new versions now contain a backport of the Go standard library fix included in the Go 1.20.7 / 1.19.12 release for quic-go's crypto/tls fork: golang/go@2350afd
• core/crypto: restrict RSA keys to <= 8192 bits: #2454. The analogous vulnerability in go-libp2p's crypto package.
• swarm: don't open new streams over transient connections: #2450. This fixes a regression introduced in v0.26.0.

Note that in order to be protected against the DoS attack making use of large RSA keys, it's necessary to update to this patch release AND to use the updated Go compiler (1.20.7 or 1.19.12, respectively).

Full Changelog: v0.28.1...v0.28.2

v0.29.0

⚠️ Warning

Be warned if you run go get -u github.com/libp2p/go-libp2p the Go toolchain will incorrectly update github.com/quic-go/qtls-go1-20 to an incompatible version of v0.3.0 (at v0.* everything may change according to semver). You may have to downgrade github.com/quic-go/qtls-go1-20 to v0.2.2 manually.

It's recommended to do go get github.com/libp2p/go-libp2p instead.

🔦 Highlights

Smart Dialing

In our last release, we shipped Smart Dialing. To reiterate, it’s a clever way to reduce the number of spurious dials. Instead of dialing all addresses in parallel (which is what we did before v0.28), we now carefully rank the addresses and dial them one by one.

However, there were two areas where the logic we introduced could lead to suboptimal results:

• There are some networks that block UDP. This means that we won’t be able to dial any QUIC or WebTransport connections at all. This is problematic since our smart dialing logic dials a QUIC address first before dialing a TCP address, which would lead to a regression for these users.
• Similarly, not all ISPs support IPv6 yet. This is problematic as well, since we prefer IPv6 addresses over IPv4.

This is why smart dialing was disabled by default in v0.28.

For this release, we implemented a logic we call Black Hole Detection in this release. We now detect if UDP or IPv6 is completely blocked (blackholed) by observing the outcomes of dial attempts. When a black hole is detected, we skip QUIC / WebTransport and IPv6 addresses, respectively. This significantly reduces the number of unsuccessful dials for users in these environments. To monitor the status of black hole detection, we added two Grafana dashboards to our swarm dashboard, showing the percentage successful / failed dials on UDP and IPv6, and if that leads to our blackhole logic kicking in.

This now allows us to use RFC8305 Happy Eyballs for QUIC: When we dial a peer that has a QUIC IPv6 and IPv4 address, we dial the IPv6 address first, and only start dialing the IPv4 address if we haven’t heard back from the peer within 250ms. Only if we don’t hear back within another 250ms, we start dialing on TCP.

In a future release, we will enable a similar logic for TCP IPv6 and IPv4 addresses, however, this will require us to refactor our code a bit (see #2394 for details).

Preliminary measurements on the IPFS network show that:

• In ~90% of the cases, we end up with a connection on the first address we dial.
• Canceled connection attempts are reduced by more than 60% (compared to the v0.27 release).

Smart Dialing is now enabled by default. We don’t expect it to cause any performance regression, but if you find any problems, please open an issue. It can be disabled via a constructor option to libp2p.New:

libp2p.SwarmOpts(swarm.WithDialRanker(swarm.NoDelayDialRanker))

Metrics

• It's now possible to spin up a local Grafana dashboards - with all libp2p dashboards imported and ready to go - by just running docker-compose up in the dashboards directory: #2383.
• Resource Manager metrics are now enabled by default: #2370.

Changelog

• github.com/libp2p/go-libp2p:
  • webtransport: reject listening on a multiaddr with a certhash (#2426) (libp2p/go-libp2p#2426)
  • swarm: deprecate libp2p.DialRanker option (#2430) (libp2p/go-libp2p#2430)
  • chore: update deps ahead of the v0.29 release (#2427) (libp2p/go-libp2p#2427)
  • quic: Update to quic-go v0.36.2 (#2424) (libp2p/go-libp2p#2424)
  • autonat: fix typo in WithSchedule option comment (#2425) (libp2p/go-libp2p#2425)
  • identify: filter nat64 well-known prefix ipv6 addresses (#2392) (libp2p/go-libp2p#2392)
  • update go-multiaddr to v0.10.1, use Unique function from there (#2407) (libp2p/go-libp2p#2407)
  • swarm: enable smart dialing by default (#2420) (libp2p/go-libp2p#2420)
  • transport integration tests: make TestMoreStreamsThanOurLimits less flaky (#2410) (libp2p/go-libp2p#2410)
  • holepunch: skip racy TestDirectDialWorks (#2419) (libp2p/go-libp2p#2419)
  • swarm: change relay dial delay to 500ms (#2421) (libp2p/go-libp2p#2421)
  • identify: disable racy TestLargeIdentifyMessage with race detector (#2401) (libp2p/go-libp2p#2401)
  • swarm: make black hole detection configurable (#2403) (libp2p/go-libp2p#2403)
  • net/mock: support ConnectionGater in MockNet (#2297) (libp2p/go-libp2p#2297)
  • docs: Add a Github workflow for checking dead links (#2406) (libp2p/go-libp2p#2406)
  • rcmgr: enable metrics by default (#2389) (#2409) (libp2p/go-libp2p#2409)
  • chore: remove outdated info in README and link to libp2p-implementers slack (#2405) (libp2p/go-libp2p#2405)
  • metrics: deduplicate code in examples (#2404) (libp2p/go-libp2p#2404)
  • transport tests: remove mplex tests (#2402) (libp2p/go-libp2p#2402)
  • swarm: implement Happy Eyeballs ranking (#2365) (libp2p/go-libp2p#2365)
  • docs: fix some comments (#2391) (libp2p/go-libp2p#2391)
  • metrics: provide separate docker-compose files for OSX and Linux (#2397) (libp2p/go-libp2p#2397)
  • chore: Update .github/workflows/stale.yml [skip ci]
  • identify: use zero-alloc slice sorting function (#2396) (libp2p/go-libp2p#2396)
  • rcmgr: move StatsTraceReporter to rcmgr package (#2388) (libp2p/go-libp2p#2388)
  • swarm: implement blackhole detection (#2320) (libp2p/go-libp2p#2320)
  • basichost / blankhost: wrap errors (#2331) (libp2p/go-libp2p#2331)
  • network: don't allocate in DedupAddrs (#2395) (libp2p/go-libp2p#2395)
  • rcmgr: test snapshot defaults and that we keep consistent defaults (#2315) (libp2p/go-libp2p#2315)
  • rcmgr: register prometheus metrics with the libp2p registerer (#2370) (libp2p/go-libp2p#2370)
  • metrics: make it possible to spin up Grafana using docker-compose (#2383) (libp2p/go-libp2p#2383)
  • identify: set stream deadlines for Identify and Identify Push streams (#2382) (libp2p/go-libp2p#2382)
  • fix: in the swarm move Connectedness emit after releasing conns (#2373) (libp2p/go-libp2p#2373)
  • metrics: add example for metrics and dashboard (#2232) (libp2p/go-libp2p#2232)
  • dashboards: finish metrics effort (#2362) (libp2p/go-libp2p#2362)
  • transport tests: many streams and lots of data (#2296) (libp2p/go-libp2p#2296)
  • webtransport: close the challenge stream after the Noise handshake (#2305) (libp2p/go-libp2p#2305)
  • test: document why InstantTimer is required (#2351) (libp2p/go-libp2p#2351)
  • examples: update go-libp2p to v0.28.0 (#2366) (libp2p/go-libp2p#2366)
  • rcmgr: fix link to dashboards in README (#2363) (libp2p/go-libp2p#2363)
  • chore: Update .github/workflows/stale.yml [skip ci]
  • docs: fix some comments errors (#2356) (libp2p/go-libp2p#2356)
• github.com/libp2p/go-yamux/v4 (v4.0.0 -> v4.0.1):
  • Release v4.0.1 (libp2p/go-yamux#106)
  • fix: sendWindowUpdate respects deadlines (#105) (libp2p/go-yamux#105)
  • chore: Update .github/workflows/stale.yml [skip ci]
• github.com/multiformats/go-multiaddr (v0.9.0 -> v0.10.1):
  • release v0.10.1 (#206) (multiformats/go-multiaddr#206)
  • fix nat64 well-known prefix check (#205) (multiformats/go-multiaddr#205)
  • release v0.10.0 (#204) (multiformats/go-multiaddr#204)
  • add a Unique function (#203) (multiformats/go-multiaddr#203)
  • manet: add function to test if address is NAT64 IPv4 converted IPv6 address (#202) (multiformats/go-multiaddr#202)
• github.com/multiformats/go-multihash (v0.2.2 -> v0.2.3):
  • chore: release v0.2.3
  • perf: outline...

v0.28.1

What's Changed

• fix: in the swarm move Connectedness emit after releasing conns #2373
• identify: set stream deadlines for Identify and Identify Push streams #2382

Full Changelog: v0.28.0...v0.28.1

v0.27.7

What's Changed

• fix: in the swarm move Connectedness emit after releasing conns #2373
• identify: set stream deadlines for Identify and Identify Push streams #2382

Full Changelog: v0.27.6...v0.27.7

v0.28.0

🔦 Highlights

Smart Dialing

This release introduces smart dialing logic. Currently, libp2p dials all addresses of a remote peer in parallel, and
aborts all outstanding dials as soon as the first one succeeds.
Dialing many addresses in parallel creates a lot of churn on the client side, and unnecessary load on the network and
on the server side, and is heavily discouraged by the networking community (see RFC 8305 for example).

When connecting to a peer we first determine the order to dial its addresses. This ranking logic considers a number of corner cases
described in detail in the documentation of the swarm package (swarm.DefaultDialRanker).
At a high level, this is what happens:

• If a peer offers a WebTransport and a QUIC address (on the same IP:port), the QUIC address is preferred.
• If a peer has a QUIC and a TCP address, the QUIC address is dialed first. Only if the connection attempt doesn't succeed within 250ms, a TCP connection is started.

Our measurements on the IPFS network show that for >90% of established libp2p connections, the first connection attempt succeeds,
leading a dramatic decrease in the number of aborted connection attempts.

We also added new metrics to the swarm Grafana dashboard, showing:

• The number of connection attempts it took to establish a connection
• The delay introduced by the ranking logic

This feature should be safe to enable for nodes running in data centers and for most nodes in home networks.
However, there are some (mostly home and corporate networks) that block all UDP traffic. If enabled, the current implementation
of the smart dialing logic will lead to a regression, since it preferes QUIC addresses over TCP addresses. Nodes would still be
able to connect, but connection establishment of the TCP connection would be delayed by 250ms.

In a future release (see #1605 for details), we will introduce a feature called blackhole detection. By observing the outcome of
QUIC connection attempts, we can determine if UDP traffic is blocked (namely, if all QUIC connection attempts fail), and stop
dialing QUIC in this case altogether. Once this detection logic is in place, smart dialing will be enabled by default.

More Metrics!

Since the last release, we've added metrics for:

• Holepunching
• Smart Dialing (see above)

WebTransport

• #2251: Infer public WebTransport address from quic-v1 addresses if both transports are using the same port for both quic-v1 and WebTransport addresses.
• #2271: Only add certificate hashes to WebTransport mulitaddress if listening on WebTransport

Housekeeping updates

• Identify
  • #2303: Don't send default protocol version
  • Prevent polluting PeerStore with local addrs
    • #2325: Don't save signed peer records
    • #2300: Filter received addresses based on the node's remote address
• WebSocket
  • #2280: Reverted back to the Gorilla library for WebSocket
• NAT
  • #2248: Move NAT mapping logic out of the host

🐞 Bugfixes

• Identify
  • Reject signed peer records on peer ID mismatch
  • #2299: Avoid spuriously pushing updates
• Swarm
  • #2322: Dedup addresses to dial
  • #2284: Change maps with multiaddress keys to use strings
• QUIC
  • #2262: Prioritize listen connections for reuse
  • #2276: Don't panic when quic-go's accept call errors
  • #2263: Fix race condition when generating random holepunch packet

New Contributors

• @chaitanyaprem made their first contribution in #2312

Full Changelog: v0.27.0...v0.28.0

v0.27.6

What's Changed

• Clean up stream scope in case of error

Full Changelog: v0.27.5...v0.27.6