Damn, inet256 is actually very nice as well. I'm currently reading through its architecture, so far I like that it's just a layer that can reuse existing infrastructure and that it's deriving its addresses from the public keys directly so it is very flexible in its use cases.

Are there predefined ways for peer discovery? The architecture [1] document doesn't mention things like hole punching, NAT breaking (like pwnat), TURN/TURTLE routers or NAT tracing via UDP TTLs and multicast, so I'm a bit curious how peers would discover themselves in such a setup with their necessary transport layer information (IPs, ports, punched holes with internal UDP ports, UPnP config etc).

In my case I decided to implement a custom DNS (over TLS/HTTPS) that's verifying the pushed updates of entries via the TLS client certificates, and those are namespaced via their own subdomain (which is also the subject part of the TLS certificate). This way the initial DNS answer that is sent from the peer to the server contains all information that's necessary for other peers to connect to them later.

[1] https://github.com/inet256/inet256/blob/master/ARCHITECTURE....