npm - @decentnetwork/lan - Versions diffs - 0.1.6 → 0.1.8 - Mend

@decentnetwork/lan 0.1.6 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/bin/tun-helper-darwin-amd64 +0 -0
package/bin/tun-helper-darwin-arm64 +0 -0
package/bin/tun-helper-linux-amd64 +0 -0
package/bin/tun-helper-linux-arm64 +0 -0
package/dist/config/loader.js +7 -5
package/dist/daemon/server.js +12 -6
package/dist/dora/dora-integration.js +10 -8
package/package.json +1 -1

package/bin/tun-helper-darwin-amd64 CHANGED Viewed

Binary file

package/bin/tun-helper-darwin-arm64 CHANGED Viewed

Binary file

package/bin/tun-helper-linux-amd64 CHANGED Viewed

Binary file

package/bin/tun-helper-linux-arm64 CHANGED Viewed

Binary file

package/dist/config/loader.js CHANGED Viewed

@@ -108,11 +108,13 @@ export class ConfigLoader {
                 enabled: false,
                 userids: [],
                 refreshIntervalMs: 60_000,
-                // Default: do NOT auto-friend roster peers. Dora is a naming
-                // / IP service, not a trust statement. Operators opt in with
-                // `agentnet dora autofriend all` (closed labs) or
-                // `agentnet dora autofriend allow <name|userid>` (whitelist).
-                autoFriend: "none",
+                // Default: auto-friend every peer in the dora roster. Dora
+                // membership IS the trust statement — joining a dora means
+                // "I want to be on this network", and a single-tenant lab is
+                // the common case. Operators on a multi-tenant / public
+                // dora opt out with `agentnet dora autofriend none` or
+                // whitelist via `agentnet dora autofriend allow <peer>...`.
+                autoFriend: "all",
             },
         };
     }

package/dist/daemon/server.js CHANGED Viewed

@@ -90,15 +90,21 @@ export class DaemonServer {
             // optional dora registration can decide our IP.
             const keyFile = resolve(this.config.carrier.dataDir, "keypair.json");
             this.peerManager = new PeerManager();
-            // Daemon does NOT use express nodes. Express is the offline-message
-            // store-and-forward relay — appropriate for friend-request delivery
-            // (peer might be offline) but not for live packet forwarding (peer
-            // must be online; we drop packets via SessionManager.isFriendOnline).
-            // Passing empty array prevents the SDK from falling back to express.
+            // Use express nodes. Previously the daemon passed an empty array
+            // here on the theory that "express is for offline messages, not
+            // live packet forwarding". But asymmetric Carrier sessions (peer
+            // A thinks B is online, B thinks A is offline — common across
+            // China-WAN paths) make dora's sendText reply fail direct and
+            // fall back to express; if we don't subscribe to express we
+            // never see the response. dora -> cn for register-ok / list-ok
+            // hits this exact case. The cost of enabling express here is
+            // that idle text messages may take an extra hop through the
+            // HTTPS relay — packet-router doesn't use sendText, so its
+            // hot path is unaffected.
             await this.peerManager.create({
                 keyFile,
                 bootstrapNodes: this.config.carrier.bootstrapNodes,
-                expressNodes: [],
+                expressNodes: this.config.carrier.expressNodes ?? [],
             });
             await this.peerManager.start();
             this.logger.info(`Identity: ${this.peerManager.getAddress()}`);

package/dist/dora/dora-integration.js CHANGED Viewed

@@ -318,14 +318,16 @@ export class DoraIntegration {
             this.friendRequested.add(entry.userid);
             return;
         }
-        // Policy gate. Dora is a name service, not a trust statement.
-        // Default ("none") means we DON'T auto-friend roster peers —
-        // an operator on a multi-tenant dora isn't asking to be
-        // mutually-friended with everyone else just because they share
-        // a name service. "all" reproduces the old behavior (closed
-        // labs). Otherwise the policy is a whitelist of names or
-        // userids; only matches are friended.
-        const policy = this.opts.config.autoFriend ?? "none";
+        // Policy gate. The undefined default is "all" because a peer
+        // that just joined a dora explicitly said "I want to be on
+        // this network" — that's the trust statement. Without "all"
+        // as the legacy-config default, new peers can never join an
+        // existing mesh: their roster fills up but everyone else's
+        // legacy configs (lacking autoFriend) silently refuse to
+        // friend them back. Operators on a public / multi-tenant dora
+        // can opt out with `agentnet dora autofriend none` or supply
+        // a whitelist via `agentnet dora autofriend allow <peer>...`.
+        const policy = this.opts.config.autoFriend ?? "all";
         if (!this.policyAllows(entry, policy)) {
             // Mark as "seen" so we don't re-evaluate the policy every
             // 60s for entries we deliberately skip — but DON'T mark as

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@decentnetwork/lan",
-  "version": "0.1.6",
+  "version": "0.1.8",
   "description": "Private virtual LAN for self-hosted services and AI agents, built on Elastos Carrier. NAT-traversal, name service, ACL, all over a peer-to-peer mesh — no public IP required.",
   "type": "module",
   "main": "./dist/index.js",