Peerfetch – Peer-to-Peer HTTP over WebRTC (opens in new tab)

(github.com)

280 pointsVt71fcAqt71y ago73 comments

73 comments

43 comments · 12 top-level

whitehexagon1y ago· 9 in thread

Is there a way to do this without the signaling server?

iod1y ago

Webtorrent

Use a free signalling server from the webtorrent community. You can skip the torrent part of the implementation and just use the signalling, it's awesome. You can use a libraries like:

https://github.com/webtorrent/bittorrent-tracker

https://github.com/subins2000/p2pt

to get started. For me, I found the protocol is simple enough where I just use small vanilla javascipt implementation to talk to the websocket servers to generate the signalling messages. I wish more people knew about this and realize how easy it can be to bring WebRTC to their applications.

List of some free webtorrent trackers:

  wss://tracker.openwebtorrent.com
  wss://tracker.files.fm:7073
  wss://tracker.webtorrent.dev

---> Usage stats for the last one: https://tracker.webtorrent.dev

Some free stun servers for NAT traversal:

  stun:stun.cloudflare.com
  stun:stun.l.google.com:19302

nhkcode1y ago

This is super cool and almost makes it possible building PWAs that only need a dumb http server to deliver the app as a bunch of static files and still allow users to synchronize data between their devices. It still depends on the tracker but if the user could change the tracker it sounds like it's currently the best way to get clients to communicate with each other without depending on a server provided by the PWA.

catapart1y ago

Thank you for this! I knew this shit was done by someone already and I've spent two years resisting the urge to re-invent this wheel. p2pt is exactly what I knew was possible and have been looking for!

turblety1y ago

I think the closest you might get is something like the bittorrent dht. There are still bootstrap servers for the first few connections, but there's really no getting away from that, right?

https://github.com/webtorrent/bittorrent-dht

tfolbrecht1y ago

Not with the three major browsers and NAT unfortunately.

https://developer.mozilla.org/en-US/docs/Web/API/WebRTC_API/...

wuiheerfoj1y ago

check out NAT hole-punching in libp2p: https://docs.libp2p.io/concepts/nat/hole-punching/

scroll down a bit for the STUNless/TURNless bit

dmotz1y ago

You might be interested in my side project Trystero https://github.com/dmotz/trystero

It abstracts away the work of signaling and connects peers via open decentralized networks like BitTorrent, Nostr, MQTT, IPFS, etc.

fullspectrumdev1y ago

Not had time to read through the docs properly, but would this work for CLI apps (Node compiled to an executable?) or similar?

The problems this solves look interesting for a few CLI tools I want to build :)

1 more reply

Sean-Der1y ago

Yep! If you do one non-browser WebRTC agents https://github.com/pion/offline-browser-communication

This could be possible browser to browser! I don’t think that has ever been an official use case

tarasglek1y ago· 7 in thread

Doing http over webrtc is how https://camect.com works to let one access cameras own private server via their ui. They have a centralized bit for auth and then use webrtc and a physical nvr to serve your videos maximally efficiently...so there is low risk of their cloud becoming a financial burden that they cancel ala google nest cams

It's a super nice architecture

kabes1y ago

So from your explanation I get that they use webrtc for videos. But then what do they use http over webrtc for? Do they serve the UI as well over webrtc?

tarasglek1y ago

Their ui is also hosted on the nvr, they serve ui assets over webrtc

londons_explore1y ago

> have a centralized bit for auth

Theoretically they could get the camera itself do auth, and then the server becomes fully 'dumb', and need not even be service specific.

tehlike1y ago

Oauth is nice and convenient.

Saris1y ago

Sounds kind of similar to Frigate but packaged up ready to go, neat.

tehlike1y ago

I am an early backer and have been using it for few years bow. Camect is great.

cyanydeez1y ago

How soon do you think IT will clamp down on webrtc?

robertclaus1y ago· 6 in thread

Clever idea. Begs the question of why you would use http if you already have a bidirectional webRTC connection, but I guess it depends on the application.

ongy1y ago

Provide a server on-prem at the customer, but allow them a hybrid access to the system.

Via cloud when necessary, "local" (by WebRTC) when possible. While we could just open a local port, using the cloud to arbitrate gives us a common product vision, and proper authN/authZ.

Also allows us to pull the latency down to single digit milliseconds. The regional relays are double digit. When we use relays that aren't regional it's a couple hundred.

throwawaymaths1y ago

You can securely serve a webpage from a server behind NAT without creating a VPN and without https certificated

dlenski1y ago

I suppose the persistence of IPv4 has broken all of our brains, but with IPv6 you can just Not Have NAT, and just have normal end-to-end connectivity to any random box in your home from outside.

(And yes, I do this. Works great.)

6 more replies

dingi1y ago

I don't think that's possible without a jump server. If all peers are NATed, there is no way doing p2p without a jump server. WebRTC is a giant rabbit hole itself.

evbogue1y ago

This idea makes me want cjdns and/or yggdrasil over websockets.

immibis1y ago

Don't you want static peering setup for them?

lerpgame1y ago· 5 in thread

its advertising that it’s secure e2e even behind firewall/etc but that’s not true because webrtc will fallback to using TURN server to relay when other methods fail which will break the encryption, just fyi.

WatchDog1y ago

WebRTC won’t use TURN unless it’s explicitly configured with a TURN server. Even if it did use a TURN server webrtc is still e2e encrypted.

You need to trust the signalling server though.

This library seems to do a few other things, which maybe reduces the trust in the signalling server, but I didn’t really read it in enough detail to comment on it.

Sean-Der1y ago

Connection is E2E encrypted when using TURN. Using TURN has no negative impact on security.

The TURN server can see the size/src/dst so that has a privacy implication!

strbean1y ago

You can pass configuration to disable ICE entirely.

Looks like it's using PeerJS, which defaults to a config of using a Google STUN server and no TURN servers. Not sure if using a STUN server compromises the E2E in some way?

server_man30001y ago

Why would STUN compromise e2e? STUN just returns your IP

1 more reply

lerpgame1y ago

i was wrong actually, it doesn’t weaken security as long as the data is encrypted either using DLTS or application layer encryption, please ignore my comment lol.

meiraleal1y ago· 2 in thread

It is really annoying when someone posts an interesting project and HN has a big discussion but when I get to try to lib, it is unmaintained and the last update was 3 years ago.

There were great recommendations in this thread tho, thanks a lot! This one looks good: https://github.com/subins2000/p2pt

evbogue1y ago

If we're talking about great p2p WebRTC libraries, try Trystero: https://github.com/dmotz/trystero

meiraleal1y ago

Wow, really impressive project! Thanks.

thrdbndndn1y ago· 2 in thread

(Aside) speaking of WebRTC, but is there any solution to record videos that is done by webRTC?

There are already more than enough tools that can record HLS and Dash, but I haven't find anything, not even PoC that can record video streams transited via WebRTC (e.g. agora.io).

HyprMusic1y ago

https://recordrtc.org/ should be able to do it.

Sean-Der1y ago

Do you want this in the browser or a specific language?

sitkack1y ago

https://github.com/webtorrent/webtorrent

https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...

thoronton1y ago

I don't get it. Where is the signaling server and how is it working?

chfritz1y ago

Using webrtc is actually overkill in this case. What you really want is just the ICE part used by webrtc to establish a peer-to-peer connection. That's what tailscale does, too. Webrtc then adds a lot of media-related protocols on top of that connection, which, of course, the Peerfetch application doesn't care about.

jiehong1y ago

Nice!

Although, an alternative is something like Tailscale.

etherdream1y ago

I have tried this idea before, combining Service Worker to implement a decentralized website.

localfirst1y ago

got excited but the repo hasn't been updated for over 3 years.

j / k navigate · click thread line to collapse

73 comments

43 comments · 12 top-level

whitehexagon1y ago· 9 in thread

Is there a way to do this without the signaling server?

iod1y ago

Webtorrent

Use a free signalling server from the webtorrent community. You can skip the torrent part of the implementation and just use the signalling, it's awesome. You can use a libraries like:

https://github.com/webtorrent/bittorrent-tracker

https://github.com/subins2000/p2pt

List of some free webtorrent trackers:

  wss://tracker.openwebtorrent.com
  wss://tracker.files.fm:7073
  wss://tracker.webtorrent.dev

---> Usage stats for the last one: https://tracker.webtorrent.dev

Some free stun servers for NAT traversal:

  stun:stun.cloudflare.com
  stun:stun.l.google.com:19302

nhkcode1y ago

catapart1y ago

turblety1y ago

I think the closest you might get is something like the bittorrent dht. There are still bootstrap servers for the first few connections, but there's really no getting away from that, right?

https://github.com/webtorrent/bittorrent-dht

tfolbrecht1y ago

Not with the three major browsers and NAT unfortunately.

https://developer.mozilla.org/en-US/docs/Web/API/WebRTC_API/...

wuiheerfoj1y ago

check out NAT hole-punching in libp2p: https://docs.libp2p.io/concepts/nat/hole-punching/

scroll down a bit for the STUNless/TURNless bit

dmotz1y ago

You might be interested in my side project Trystero https://github.com/dmotz/trystero

It abstracts away the work of signaling and connects peers via open decentralized networks like BitTorrent, Nostr, MQTT, IPFS, etc.

fullspectrumdev1y ago

Not had time to read through the docs properly, but would this work for CLI apps (Node compiled to an executable?) or similar?

The problems this solves look interesting for a few CLI tools I want to build :)

1 more reply

Sean-Der1y ago

Yep! If you do one non-browser WebRTC agents https://github.com/pion/offline-browser-communication

This could be possible browser to browser! I don’t think that has ever been an official use case

tarasglek1y ago· 7 in thread

It's a super nice architecture

kabes1y ago

So from your explanation I get that they use webrtc for videos. But then what do they use http over webrtc for? Do they serve the UI as well over webrtc?

tarasglek1y ago

Their ui is also hosted on the nvr, they serve ui assets over webrtc

londons_explore1y ago

> have a centralized bit for auth

Theoretically they could get the camera itself do auth, and then the server becomes fully 'dumb', and need not even be service specific.

tehlike1y ago

Oauth is nice and convenient.

Saris1y ago

Sounds kind of similar to Frigate but packaged up ready to go, neat.

tehlike1y ago

I am an early backer and have been using it for few years bow. Camect is great.

cyanydeez1y ago

How soon do you think IT will clamp down on webrtc?

robertclaus1y ago· 6 in thread

Clever idea. Begs the question of why you would use http if you already have a bidirectional webRTC connection, but I guess it depends on the application.

ongy1y ago

Provide a server on-prem at the customer, but allow them a hybrid access to the system.

Via cloud when necessary, "local" (by WebRTC) when possible. While we could just open a local port, using the cloud to arbitrate gives us a common product vision, and proper authN/authZ.

Also allows us to pull the latency down to single digit milliseconds. The regional relays are double digit. When we use relays that aren't regional it's a couple hundred.

throwawaymaths1y ago

You can securely serve a webpage from a server behind NAT without creating a VPN and without https certificated

dlenski1y ago

I suppose the persistence of IPv4 has broken all of our brains, but with IPv6 you can just Not Have NAT, and just have normal end-to-end connectivity to any random box in your home from outside.

(And yes, I do this. Works great.)

6 more replies

dingi1y ago

I don't think that's possible without a jump server. If all peers are NATed, there is no way doing p2p without a jump server. WebRTC is a giant rabbit hole itself.

evbogue1y ago

This idea makes me want cjdns and/or yggdrasil over websockets.

immibis1y ago

Don't you want static peering setup for them?

lerpgame1y ago· 5 in thread

WatchDog1y ago

WebRTC won’t use TURN unless it’s explicitly configured with a TURN server. Even if it did use a TURN server webrtc is still e2e encrypted.

You need to trust the signalling server though.

This library seems to do a few other things, which maybe reduces the trust in the signalling server, but I didn’t really read it in enough detail to comment on it.

Sean-Der1y ago

Connection is E2E encrypted when using TURN. Using TURN has no negative impact on security.

The TURN server can see the size/src/dst so that has a privacy implication!

strbean1y ago

You can pass configuration to disable ICE entirely.

Looks like it's using PeerJS, which defaults to a config of using a Google STUN server and no TURN servers. Not sure if using a STUN server compromises the E2E in some way?

server_man30001y ago

Why would STUN compromise e2e? STUN just returns your IP

1 more reply

lerpgame1y ago

i was wrong actually, it doesn’t weaken security as long as the data is encrypted either using DLTS or application layer encryption, please ignore my comment lol.

meiraleal1y ago· 2 in thread

It is really annoying when someone posts an interesting project and HN has a big discussion but when I get to try to lib, it is unmaintained and the last update was 3 years ago.

There were great recommendations in this thread tho, thanks a lot! This one looks good: https://github.com/subins2000/p2pt

evbogue1y ago

If we're talking about great p2p WebRTC libraries, try Trystero: https://github.com/dmotz/trystero

meiraleal1y ago

Wow, really impressive project! Thanks.

thrdbndndn1y ago· 2 in thread

(Aside) speaking of WebRTC, but is there any solution to record videos that is done by webRTC?

There are already more than enough tools that can record HLS and Dash, but I haven't find anything, not even PoC that can record video streams transited via WebRTC (e.g. agora.io).

HyprMusic1y ago

https://recordrtc.org/ should be able to do it.

Sean-Der1y ago

Do you want this in the browser or a specific language?

sitkack1y ago

https://github.com/webtorrent/webtorrent

https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...

thoronton1y ago

I don't get it. Where is the signaling server and how is it working?

chfritz1y ago

jiehong1y ago

Nice!

Although, an alternative is something like Tailscale.

etherdream1y ago

I have tried this idea before, combining Service Worker to implement a decentralized website.

localfirst1y ago

got excited but the repo hasn't been updated for over 3 years.

j / k navigate · click thread line to collapse