npm - @omindu/yaksha - Versions diffs - 1.0.1 → 1.0.2 - Mend

@omindu/yaksha 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@omindu/yaksha",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Lightning-fast, lightweight VPN protocol library with advanced firewall bypass capabilities",
   "main": "src/index.js",
   "bin": {

package/src/client/index.js CHANGED Viewed

@@ -251,10 +251,10 @@ class YakshaClient extends EventEmitter {
       const handler = (data) => {
         try {
-          const { header, payload } = this.protocol.deserialize(data);
+          const packet = this.protocol.deserialize(data);
-          if (header.type === Protocol.PACKET_TYPES.HANDSHAKE) {
-            const response = JSON.parse(payload.toString('utf8'));
+          if (packet.type === Protocol.PACKET_TYPES.HANDSHAKE) {
+            const response = JSON.parse(packet.payload.toString('utf8'));
             // Store session ID
             this.sessionId = response.sessionId;
@@ -296,15 +296,15 @@ class YakshaClient extends EventEmitter {
     this.emit('_rawData', data);
     try {
-      const { header, payload } = this.protocol.deserialize(data);
+      const packet = this.protocol.deserialize(data);
       this.stats.packetsReceived++;
       this.stats.bytesReceived += data.length;
       // Handle different packet types
-      switch (header.type) {
+      switch (packet.type) {
         case Protocol.PACKET_TYPES.DATA:
-          this._handleDataPacket(payload);
+          this._handleDataPacket(packet.payload);
           break;
         case Protocol.PACKET_TYPES.KEEPALIVE:

package/src/core/protocol.js CHANGED Viewed

@@ -278,6 +278,60 @@ class Protocol {
     }
     return `UNKNOWN(${type})`;
   }
+  /**
+   * Create handshake packet
+   * @param {number} sessionId - Session identifier
+   * @param {number} sequence - Packet sequence number
+   * @param {Buffer} payload - Handshake data (usually JSON)
+   * @returns {Object} { packet: Buffer, paddingSize: number }
+   */
+  createHandshake(sessionId, sequence, payload) {
+    return this.serialize(PACKET_TYPES.HANDSHAKE, payload, sessionId, sequence);
+  }
+  /**
+   * Create data packet
+   * @param {number} sessionId - Session identifier
+   * @param {number} sequence - Packet sequence number
+   * @param {Buffer} payload - Data payload
+   * @returns {Object} { packet: Buffer, paddingSize: number }
+   */
+  createData(sessionId, sequence, payload) {
+    return this.serialize(PACKET_TYPES.DATA, payload, sessionId, sequence);
+  }
+  /**
+   * Create ACK packet
+   * @param {number} sessionId - Session identifier
+   * @param {number} sequence - Packet sequence number
+   * @param {Buffer} payload - ACK data (optional)
+   * @returns {Object} { packet: Buffer, paddingSize: number }
+   */
+  createAck(sessionId, sequence, payload = Buffer.alloc(0)) {
+    return this.serialize(PACKET_TYPES.ACK, payload, sessionId, sequence);
+  }
+  /**
+   * Create close packet
+   * @param {number} sessionId - Session identifier
+   * @param {number} sequence - Packet sequence number
+   * @param {Buffer} payload - Close reason (optional)
+   * @returns {Object} { packet: Buffer, paddingSize: number }
+   */
+  createClose(sessionId, sequence, payload = Buffer.alloc(0)) {
+    return this.serialize(PACKET_TYPES.CLOSE, payload, sessionId, sequence);
+  }
+  /**
+   * Create keepalive packet
+   * @param {number} sessionId - Session identifier
+   * @param {number} sequence - Packet sequence number
+   * @returns {Object} { packet: Buffer, paddingSize: number }
+   */
+  createKeepalive(sessionId, sequence) {
+    return this.serialize(PACKET_TYPES.KEEPALIVE, Buffer.alloc(0), sessionId, sequence);
+  }
 }
 // Export

package/src/server/index.js CHANGED Viewed

@@ -242,20 +242,20 @@ class YakshaServer extends EventEmitter {
   _handleTCPData(buffer, client) {
     try {
       // Parse packet
-      const { header, payload, totalSize } = this.protocol.deserialize(buffer);
+      const packet = this.protocol.deserialize(buffer);
       this.stats.packetsReceived++;
-      this.stats.bytesReceived += totalSize;
+      this.stats.bytesReceived += buffer.length;
       client.lastActivity = Date.now();
       // Handle different packet types
-      switch (header.type) {
+      switch (packet.type) {
         case Protocol.PACKET_TYPES.HANDSHAKE:
-          this._handleHandshake(payload, client);
+          this._handleHandshake(packet.payload, client);
           break;
         case Protocol.PACKET_TYPES.DATA:
-          this._handleData(payload, client);
+          this._handleData(packet.payload, client);
           break;
         case Protocol.PACKET_TYPES.KEEPALIVE:
@@ -292,14 +292,14 @@ class YakshaServer extends EventEmitter {
       }
       // Process packet
-      const { payload } = this.protocol.deserialize(data);
+      const packet = this.protocol.deserialize(data);
       this.stats.packetsReceived++;
       this.stats.bytesReceived += data.length;
       client.lastActivity = Date.now();
       // Handle data packet
-      this._handleData(payload, client, 'udp');
+      this._handleData(packet.payload, client, 'udp');
     } catch (error) {
       this.logger.error('Error processing UDP data:', error.message);

package/README.md DELETED Viewed

@@ -1,597 +0,0 @@
-# Yaksha VPN Protocol
-<div align="center">
-⚡️ **Lightning-Fast** • 🔒 **Military-Grade Security** • 🚀 **Ultra-Lightweight** • 🛡️ **Firewall Bypass**
-[![NPM Version](https://img.shields.io/npm/v/yaksha)](https://www.npmjs.com/package/yaksha)
-[![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
-[![Node](https://img.shields.io/node/v/yaksha)](https://nodejs.org)
-[![Downloads](https://img.shields.io/npm/dm/yaksha)](https://www.npmjs.com/package/yaksha)
-A high-performance, lightweight VPN protocol library with advanced firewall bypass capabilities, built for Node.js.
-[Features](#-features) • [Installation](#-installation) • [Quick Start](#-quick-start) • [Documentation](#-documentation) • [Examples](#-examples)
-</div>
----
-## 🎯 Overview
-**Yaksha** is a modern VPN protocol implementation designed for maximum performance and security. It combines military-grade encryption with advanced traffic obfuscation techniques to bypass even the most restrictive firewalls and Deep Packet Inspection (DPI) systems.
-### Why Yaksha?
-- ⚡️ **Blazing Fast**: >1 Gbps throughput, <5ms latency overhead
-- 🪶 **Ultra-Lightweight**: <2000 lines of core code, <50MB memory per 1000 connections
-- 🔒 **Military-Grade Security**: AES-256-GCM, ChaCha20-Poly1305, double encryption
-- 🛡️ **Firewall Bypass**: SNI spoofing, traffic obfuscation, DPI evasion
-- 🌐 **DNS Security**: DNS-over-HTTPS, DNS-over-TLS with DNSSEC
-- 🚦 **Multi-Path Routing**: Aggregate bandwidth across multiple connections
-- 🎭 **TLS Camouflage**: Traffic looks like legitimate HTTPS
-- 📦 **Easy to Use**: Simple API, comprehensive documentation
-- 🔧 **Highly Configurable**: Four security levels (Low/Medium/High/Custom)
-- 🌍 **Cross-Platform**: Pure JavaScript, works everywhere Node.js runs
----
-## ✨ Features
-### Core Features
-| Feature | Description |
-|---------|-------------|
-| **Custom Protocol** | Lightweight, efficient protocol optimized for VPN traffic |
-| **Multiple Encryption** | ChaCha20-Poly1305, AES-256-GCM, double encryption |
-| **Perfect Forward Secrecy** | X25519 key exchange with automatic key rotation |
-| **Authentication** | Password, token, and certificate-based auth with 2FA |
-| **TCP + UDP** | Control channel (TCP) + high-speed data channel (UDP) |
-| **Connection Pooling** | Efficient resource management for 10,000+ connections |
-### Advanced Features
-| Feature | Description |
-|---------|-------------|
-| **SNI Spoofing** | Replace Server Name Indication with fake domains |
-| **Bug Host Support** | Use specific domains to bypass network restrictions |
-| **Traffic Obfuscation** | Randomize patterns to evade detection |
-| **Multi-Path Routing** | Split traffic across 2-5 simultaneous connections |
-| **DNS Override** | Tunnel all DNS queries through encrypted VPN |
-| **TLS Camouflage** | Mimic TLS 1.3 handshake and traffic patterns |
-| **Firewall Evasion** | Port hopping, packet fragmentation, timing manipulation |
-| **DPI Resistance** | Encrypted payload, randomized structure, protocol masquerading |
-| **Anti-Replay Protection** | Nonce + timestamp validation |
-| **Rate Limiting** | Prevent brute force attacks |
-### Security Levels
-#### 🟢 **LOW** (Speed Priority)
-- **Encryption**: ChaCha20-Poly1305
-- **Throughput**: ~2000 MB/s
-- **Latency**: <2ms overhead
-- **Use Cases**: Streaming, gaming, general browsing
-#### 🟡 **MEDIUM** (Balanced)
-- **Encryption**: AES-256-GCM
-- **Throughput**: ~1000 MB/s
-- **Latency**: <5ms overhead
-- **Use Cases**: Daily use, business applications
-#### 🔴 **HIGH** (Security Priority)
-- **Encryption**: Double (AES-256-GCM + ChaCha20-Poly1305)
-- **Throughput**: ~500 MB/s
-- **Latency**: <10ms overhead
-- **Use Cases**: Banking, sensitive data, high-security environments
-#### ⚙️ **CUSTOM** (User-Defined)
-- **Encryption**: Configurable (ChaCha20, AES-256-GCM, or Double)
-- **Throughput**: Varies based on configuration
-- **Latency**: Varies based on configuration
-- **Use Cases**: Specific requirements, fine-tuned security/performance balance
-- **Flexibility**: Mix and match features from any level
-- **Base Levels**: Start from LOW, MEDIUM, or HIGH and customize
-**Custom Level Features:**
-```javascript
-// Create custom configuration based on medium level
-const customConfig = SecurityLevels.createCustomConfig({
-  encryption: 'double',           // Override encryption
-  keyExchange: 'x25519-rotate',   // Override key exchange
-  obfuscation: 'aes-256-gcm',     // Override obfuscation
-  multiPath: 3,                    // Custom path count
-  keyRotation: true,              // Enable key rotation
-  keyRotationInterval: 2000       // Custom rotation interval
-}, 'medium'); // Base level
-// Use with server/client
-const server = createServer({
-  securityLevel: 'custom',
-  customSecurityConfig: customConfig
-});
-```
----
-## 📦 Installation
-```bash
-npm install @omindu/yaksha
-```
-### Requirements
-- **Node.js**: >=14.0.0
-- **OS**: Windows, Linux, macOS
-- **Dependencies**: `tweetnacl` (automatically installed)
----
-## 🚀 Quick Start
-### Server
-```javascript
-const yaksha = require('@omindu/yaksha');
-// Create server
-const server = yaksha.createServer({
-  port: 8443,
-  securityLevel: 'medium',
-  authMethod: 'token'
-});
-// Register client
-server.auth.registerToken('client1', 'your-secret-token');
-// Start server
-await server.start();
-console.log('VPN server running on port 8443');
-```
-### Client
-```javascript
-const yaksha = require('@omindu/yaksha');
-// Create client
-const client = yaksha.createClient({
-  server: 'vpn.example.com',
-  port: 8443,
-  securityLevel: 'medium',
-  authCredentials: {
-    identifier: 'client1',
-    token: 'your-secret-token'
-  }
-});
-// Connect
-await client.connect();
-console.log('Connected to VPN server');
-// Send data
-await client.send(Buffer.from('Hello, VPN!'));
-```
-### CLI Usage
-```bash
-# Start server
-yaksha server --port 8443 --security high
-# Connect client
-yaksha client --server vpn.example.com --token abc123
-# Generate keys
-yaksha keygen
-# Run benchmarks
-yaksha benchmark
-```
----
-## 📖 Documentation
-### Server API
-```javascript
-const server = yaksha.createServer(options);
-```
-**Options:**
-- `port` (number): Server port (default: 8443)
-- `host` (string): Bind address (default: '0.0.0.0')
-- `securityLevel` (string): 'low', 'medium', 'high', or 'custom' (default: 'medium')
-- `customSecurityConfig` (object): Custom security configuration (required if securityLevel is 'custom')
-- `authMethod` (string): 'password', 'token', or 'certificate' (default: 'token')
-- `maxConnections` (number): Maximum concurrent connections (default: 10000)
-- `logLevel` (string): 'debug', 'info', 'warn', 'error' (default: 'info')
-**Methods:**
-- `await server.start()`: Start the server
-- `await server.stop()`: Stop the server
-- `server.sendToClient(sessionId, data, protocol)`: Send data to specific client
-- `server.getStats()`: Get server statistics
-**Events:**
-- `listening`: Server started
-- `connection`: New client connected
-- `disconnection`: Client disconnected
-- `data`: Data received from client
-- `error`: Error occurred
-### Client API
-```javascript
-const client = yaksha.createClient(options);
-```
-**Options:**
-- `server` (string): Server address (required)
-- `port` (number): Server port (default: 8443)
-- `securityLevel` (string): 'low', 'medium', 'high', or 'custom' (default: 'medium')
-- `customSecurityConfig` (object): Custom security configuration (required if securityLevel is 'custom')
-- `autoReconnect` (boolean): Auto-reconnect on disconnect (default: true)
-- `authCredentials` (object): Authentication credentials
-- `features` (object): Enable/disable features
-**Methods:**
-- `await client.connect()`: Connect to server
-- `await client.disconnect()`: Disconnect from server
-- `await client.send(data, protocol)`: Send data through VPN
-- `await client.resolveDNS(domain, type)`: Resolve DNS through VPN
-- `client.getStats()`: Get client statistics
-**Events:**
-- `connected`: Connected to server
-- `disconnected`: Disconnected from server
-- `reconnecting`: Attempting reconnection
-- `data`: Data received from server
-- `error`: Error occurred
----
-## 💡 Examples
-### Basic Server
-```javascript
-const yaksha = require('@omindu/yaksha');
-const server = yaksha.createServer({
-  port: 8443,
-  securityLevel: 'medium',
-  authMethod: 'token'
-});
-server.auth.registerToken('client1', 'secret-token-123');
-server.on('connection', (sessionId, address) => {
-  console.log(`Client connected: ${address}`);
-});
-await server.start();
-```
-### Advanced Configuration
-```javascript
-const client = yaksha.createClient({
-  server: 'vpn.example.com',
-  port: 8443,
-  securityLevel: 'high',
-  features: {
-    sniSpoofing: true,
-    trafficObfuscation: true,
-    multiPath: true,
-    dnsOverride: true,
-    tlsCamouflage: true,
-    firewallEvasion: true
-  },
-  authCredentials: {
-    identifier: 'secure-client',
-    certificate: 'base64-cert',
-    totpToken: '123456'
-  }
-});
-await client.connect();
-```
-### Custom Security Level
-```javascript
-const { createServer, createClient, SecurityLevels } = require('@omindu/yaksha');
-// Create custom configuration
-const customConfig = SecurityLevels.createCustomConfig({
-  encryption: 'double',
-  keyExchange: 'x25519-rotate',
-  obfuscation: 'aes-256-gcm',
-  multiPath: 3,
-  keyRotation: true,
-  keyRotationInterval: 2000,
-  tlsCamouflage: 'full'
-}, 'medium'); // Base level
-// Server with custom security
-const server = createServer({
-  port: 8443,
-  securityLevel: 'custom',
-  customSecurityConfig: customConfig
-});
-// Client with custom security
-const client = createClient({
-  server: 'localhost',
-  port: 8443,
-  securityLevel: 'custom',
-  customSecurityConfig: customConfig
-});
-```
-### DNS Resolution
-```javascript
-const addresses = await client.resolveDNS('example.com', 'A');
-console.log('IP addresses:', addresses);
-```
-### Bug Host Configuration
-Bug Host allows bypassing network restrictions by setting SNI to an allowed domain:
-```javascript
-// Client with bug host
-const client = createClient({
-  server: 'vpn.example.com',
-  port: 8443,
-  bugHost: 'cloudflare.com',  // SNI appears as cloudflare.com
-  securityLevel: 'custom',
-  customSecurityConfig: {
-    sniSpoofing: 'static',
-    bugHost: 'cloudflare.com'
-  }
-});
-// Popular bug hosts
-const bugHosts = {
-  cdn: 'cloudflare.com',
-  social: 'facebook.com',
-  tech: 'google.com',
-  education: 'wikipedia.org'
-};
-```
-**See [examples/bug-host-example.js](examples/bug-host-example.js) for comprehensive bug host usage.**
----
-## 🔧 Configuration
-### Environment Variables
-```bash
-YAKSHA_HOST=0.0.0.0
-YAKSHA_PORT=8443
-YAKSHA_SECURITY_LEVEL=medium
-YAKSHA_AUTH_METHOD=token
-YAKSHA_LOG_LEVEL=info
-```
-### Configuration File
-```json
-{
-  "server": {
-    "host": "0.0.0.0",
-    "port": 8443,
-    "maxConnections": 10000
-  },
-  "security": {
-    "level": "high",
-    "authMethod": "certificate"
-  },
-  "features": {
-    "sniSpoofing": true,
-    "trafficObfuscation": true,
-    "multiPath": true,
-    "dnsOverride": true,
-    "tlsCamouflage": true,
-    "firewallEvasion": true
-  }
-}
-```
-Load with: `const config = new yaksha.Config(); config.loadFromFile('config.json');`
----
-## 📊 Performance
-### Benchmarks
-| Metric | Value |
-|--------|-------|
-| Throughput | >1 Gbps on gigabit connection |
-| Latency Overhead | <5ms (medium security) |
-| Memory Usage | <50MB per 1000 connections |
-| CPU Usage | <10% on 4-core modern CPU |
-| Concurrent Connections | 10,000+ |
-| Packet Processing | ~100,000 packets/second |
-### Optimization Tips
-1. **Use UDP for data**: Lower latency than TCP
-2. **Enable buffer pooling**: Reduces GC pressure
-3. **Choose appropriate security level**: Balance security vs performance
-4. **Enable multi-path**: Aggregate bandwidth
-5. **Adjust MTU**: Optimize for your network
----
-## 🔒 Security
-### Encryption Algorithms
-- **ChaCha20-Poly1305**: Fast, secure stream cipher
-- **AES-256-GCM**: Industry standard, hardware-accelerated
-- **Double Encryption**: Maximum security (AES + ChaCha20)
-### Key Exchange
-- **X25519**: Elliptic curve Diffie-Hellman
-- **Perfect Forward Secrecy**: New keys for each session
-- **Key Rotation**: Automatic rekeying (high security mode)
-### Authentication
-- **Password**: bcrypt hashing, rate limiting
-- **Token**: Time-based, automatic rotation
-- **Certificate**: X.509 with optional 2FA
-### Security Best Practices
-1. Always use TLS/SSL in production
-2. Enable all firewall bypass features
-3. Use high security level for sensitive data
-4. Rotate authentication tokens regularly
-5. Use custom security level for specific requirements
-6. Monitor for unusual traffic patterns
-7. Keep dependencies updated
-### Custom Security Configurations
-Yaksha supports custom security configurations through the `createCustomConfig` method:
-```javascript
-const { SecurityLevels } = require('@omindu/yaksha');
-// IoT Device (Low resource, moderate security)
-const iotConfig = SecurityLevels.createCustomConfig({
-  encryption: 'chacha20-poly1305',
-  obfuscation: 'xor',
-  multiPath: 1,
-  keyRotation: false
-}, 'low');
-// Corporate VPN (Balanced + Compliance)
-const corporateConfig = SecurityLevels.createCustomConfig({
-  encryption: 'aes-256-gcm',
-  certificateValidation: true,
-  keyRotation: true,
-  multiPath: 4
-}, 'medium');
-// Maximum Security (Government/Banking)
-const maxSecurityConfig = SecurityLevels.createCustomConfig({
-  encryption: 'double',
-  twoFactorAuth: true,
-  keyRotationInterval: 250,
-  multiPath: 8
-}, 'high');
-```
-**See [examples/custom-level-example.js](examples/custom-level-example.js) for more custom configurations.**
----
-## 🧪 Testing
-```bash
-# Run all tests
-npm test
-# Run specific test suite
-npm test -- core.test.js
-# Run with coverage
-npm run test:coverage
-# Run benchmarks
-npm run benchmark
-```
----
-## 🤝 Contributing
-Contributions are welcome! Please read our [Contributing Guidelines](CONTRIBUTING.md) first.
-1. Fork the repository
-2. Create your feature branch (`git checkout -b feature/AmazingFeature`)
-3. Commit your changes (`git commit -m 'Add some AmazingFeature'`)
-4. Push to the branch (`git push origin feature/AmazingFeature`)
-5. Open a Pull Request
----
-## 📝 License
-This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
----
-## 👤 Author
-**Omindu Dissanayaka** (SE U. G)
-- GitHub: [@OminduDissanayaka](https://github.com/OminduDissanayaka)
-- Email: contact@example.com
----
-## 🙏 Acknowledgments
-- Built with Node.js
-- Uses TweetNaCl for some cryptographic operations
-- Inspired by modern VPN protocols (WireGuard, OpenVPN)
----
-## 📚 Additional Documentation
-- [API Reference](docs/API.md)
-- [Security Model](docs/SECURITY.md)
-- [Protocol Specification](docs/PROTOCOL.md)
-- [Performance Tuning](docs/PERFORMANCE.md)
-- [Troubleshooting](docs/TROUBLESHOOTING.md)
----
-## 🗺️ Roadmap
-### Version 1.1
-- [ ] WebSocket support
-- [ ] QUIC protocol support
-- [ ] IPv6 support
-- [ ] Plugin system
-### Version 1.2
-- [ ] GUI client
-- [ ] Mobile support (React Native)
-- [ ] Traffic statistics dashboard
-- [ ] Web admin panel
-### Version 2.0
-- [ ] P2P mode
-- [ ] Mesh networking
-- [ ] Blockchain-based authentication
-- [ ] Quantum-resistant encryption
----
-## ⚠️ Disclaimer
-This software is provided for educational and research purposes. Ensure compliance with local laws and regulations when using VPN technology. The authors are not responsible for misuse of this software.
----
-<div align="center">
-Made with ❤️ by Omindu Dissanayaka
-**If you find this project useful, please give it a ⭐️**
-</div>