Skywire
Skywire Node implementation
Install / Use
/learn @skycoin/SkywireREADME
PLEASE ALWAYS USE THE DEVELOP BRANCH
Skywire
Skywire is a fully open-source, privacy-focused suite of networking tools developed by Skycoin. The public Skywire Network enables this software to be developed and tested in real-world conditions. A few features the Skywire Network provides:
- service discovery for decentralized VPN and SOCKS5 proxy servers
- multi-hop public key-based routing
- a means of accessing and hosting hidden websites
- daily rewards in Skycoin ($SKY) to eligible participants in the Skywire Network
This overview explains Skywire’s key features and network architecture.
Skywire Control and Data Planes
Skywire uses dmsg as a control plane to enable all Skywire visors to connect to each other and to deployment services provided by the public Skywire Network (or a user-hosted deployment). DMSG (Read as: D-message) functions as a simple relay system and encrypted transport implementation, facilitating anonymous connections between dmsg clients (i.e., encrypted pubkey-based automatic routing), mediated by the dmsg server. Skywire expands upon this by creating a data plane of direct, secure, encrypted peer-to-peer transports between visors, which may then be used for routes.
Skywire Network and Transports
A Skywire visor is identified by its public key. Skywire transports are encrypted via the public keys of the visors on each side of the transport. Skywire uses a whitelist system to enable trusted nodes (route setup nodes) to set up routes as calculated by the route finder service through established transports registered in the transport discovery. An automatic transport creation mechanism, enabled by default, is used to establish transports to public visors via STCPR (Skywire TCP Relay) transports, and to visors connected to public visors via SUDPH (Skywire UDP Hole-punching) transports. This auto-transport mechanism is designed to create adequate transports for multi-hop routing.
Skywire Routing
Skywire routes consist of one or more transports. A Skywire route may not transit the same public key twice, in order to prevent data loops. The Skywire routing system is designed with privacy in mind to defeat data snooping efforts. Packets are encrypted using the Noise Protocol (ChaCha20-Poly1305), making their contents appear as random data to observers. A visor handling transports where data flows is only aware of the public key of the previous hop and the next hop — not the ultimate source or destination of the packet. These measures significantly mitigate the risk of metadata leakage or traffic analysis. When a transport is trafficking data from multiple sources and destinations, it becomes difficult to perform traffic correlation attacks or related exploits. Another planned feature is route multiplexing, which will multiplex multi-hop routes and permit more bandwidth between the source and destination — similar in concept to BitTorrent.
Skywire Visor
The name 'visor' was chosen as a less ambiguous term than 'node' to refer to the running Skywire process. The term 'node' is typically reserved as a reference to the hardware on which Skywire is running, in this ecosystem. A Skywire visor participates in transports and provides an interface to applications which can be accessed over or consume routes. The Skywire visor can also be configured to provide a hypervisor web UI for remotely managing a cluster of Skywire visors / nodes, typically referred to as a skyminer.
Skywire Cli (command line interface)
skywire cli is the primary interface to a running Skywire visor. Skywire cli provides an interface to generate a JSON config file for the Skywire visor, to control visor native applications, and to access data from different Skywire services.
Skywire Apps
Skywire visors include native VPN and SOCKS5 proxy server and client applications, as well as a messenger application, which are started and managed by the visor. When a server application is started, it registers itself in the service discovery as a proxy server or VPN server. These services may then be consumed by respective client applications via either a direct or multi-hop route. Refer to the documentation for skywire cli proxy and skywire cli vpn for more details.
DmsgWeb – Anonymous port forwarding over DMSG
The skywire dmsg web and skywire dmsg web srv subcommands allow port forwarding over DMSG. Additionally, DmsgWeb provides a resolving SOCKS5 proxy, similar to and inspired by I2P, which permits convenient configuration of a web browser to access DMSG websites. With additional proxy configuration, all browser traffic can be routed through a Skywire SOCKS5 proxy connection. With Skywire’s advanced routing, the already anonymous DMSG utilities can be made even more private by routing them through a Skywire SOCKS5 proxy connection.
SkyNet – P2P port forwarding over Skywire
SkyNet is the Skywire counterpart to DmsgWeb — facilitating port forwarding over Skywire's peer-to-peer transport types and advanced routing, without transiting a DMSG server. With SkyNet, you can:
- Expose local ports: Run a SkyNet server to make local TCP services accessible to other Skywire visors
- Connect to remote services: Use the SkyNet client to forward remote ports to your localhost
- Access control: Whitelist specific public keys to restrict who can connect to your server
- Multiple instances: Run multiple server and client instances simultaneously with unique names
Skywire Deployment Services
Skywire enables users to create their own network if desired. The implementation is fully open source. Documentation for making a custom Skywire deployment is here.
Skywire Rewards
The Skywire reward system is the distribution mechanism for Skycoin. Skycoin is not 'mined' as with other cryptocurrencies; rewards in Skycoin ($SKY) are distributed daily to eligible Skywire visors who meet the requirements for obtaining rewards.
Despite the terminology, Skywire visors do not process Skycoin transactions. Skywire visors do not sync the Skycoin blockchain and have no involvement in transaction processing. The only relationship between skywire and the skycoin cryptocurrency is via the reward system acting as the distribution mechanism for Skycoin.
