yakmesh 1.7.0 → 1.8.0

package/CHANGELOG.md

@@ -2,7 +2,92 @@
 
 All notable changes to YAKMESH will be documented in this file.
 
-## [1.7.0] - 2026-01-18
+## [1.8.0] - 2026-01-18
+
+### 🏔️ SHERPA: Decentralized Peer Discovery
+
+This release implements SHERPA, a novel peer discovery mechanism that uses the public web as a decentralized DHT.
+
+#### New Feature: SHERPA Discovery
+
+##### The Innovation: "The Web IS the DHT"
+- Each node exposes `/.well-known/yakmesh/beacon` with its peer list
+- Discovery crawls known endpoints to find new peers
+- No central authority - truly decentralized bootstrap
+- Works with existing CDN infrastructure
+
+##### New Module: `mesh/sherpa-discovery.js`
+- `SherpaDiscovery` - Main discovery engine with peer crawling
+- `BeaconMessage` - Signed beacon format for peer advertisement
+- `PeerRegistry` - Scored peer management with decay
+- `createBeaconMiddleware` - Express middleware for beacon endpoint
+
+##### New Endpoints
+- `GET /.well-known/yakmesh/beacon` - Advertise this node and known peers
+- `GET /sherpa/status` - Discovery statistics
+- `GET /sherpa/candidates` - Get connection candidates
+
+##### Configuration
+```javascript
+// yakmesh.config.js
+export default {
+  sherpa: {
+    enabled: true,
+    selfEndpoint: 'https://mynode.example.com',
+    wsEndpoint: 'wss://mynode.example.com:9001',
+    seeds: ['https://peer1.example.com', 'https://peer2.example.com'],
+  },
+};
+```
+
+##### Beacon Response Format
+```json
+{
+  "version": "1.0",
+  "nodeId": "abc123...",
+  "networkName": "mobius-rabi-junction",
+  "timestamp": 1737225600000,
+  "capabilities": { "wsPort": 9001, "supportsAnnex": true },
+  "peers": [{ "nodeId": "...", "endpoint": "https://..." }],
+  "publicKey": "...",
+  "signature": "..."
+}
+```
+
+---
+
+## [1.7.1] - 2026-01-18
+
+### 🦬 NAKPAK & SHERPA: Yak-Themed Protocol Naming
+
+This release renames dark-themed protocols to yak-themed names for brand consistency.
+
+#### Renamed Protocols
+
+##### NAKPAK (formerly Phantom)
+- **N**ested **A**nonymous **K**ernel for **P**rivate **A**uthenticated **K**omms
+- Post-quantum onion routing with ML-KEM768 key encapsulation
+- File renamed: `phantom-routing.js` → `nakpak-routing.js`
+- Classes renamed: `PhantomRouter` → `NakpakRouter`, etc.
+- Etymology: NAK (female yak) + PAK (package) = sounds like "knapsack" 🎒
+
+##### SHERPA (new protocol slot)
+- **S**ecure **H**idden **E**ndpoint **R**esolution **P**ath **A**rchitecture
+- Peer discovery DHT via public web layer
+- Guides nodes to find each other like Sherpas guide travelers
+
+#### Protocol Stack Update
+```text
+1. HTTP API - Public content delivery
+2. Annex - Encrypted P2P messaging
+3. Gossip - Message propagation
+4. Beacon - Emergency broadcast
+5. Nakpak - Onion routing (NEW NAME)
+6. Sherpa - Peer discovery (NEW)
+7. Mesh - Core P2P network
+```
+
+---
 
 ### 🛡️ SLH-DSA Backup Signatures & Monitoring Dashboard
 
@@ -95,7 +180,7 @@ All hash operations now use SHA3-256 for post-quantum consistency:
 - `oracle/phase-epoch.js` - Phase derivation uses SHA3-256
 - `gossip/protocol.js` - Bloom filters and message IDs use SHA3-256
 - `mesh/temporal-encoder.js` - Temporal hashes use SHA3-256
-- `mesh/phantom-routing.js` - Key derivation uses SHA3-256
+- `mesh/nakpak-routing.js` - Key derivation uses SHA3-256 (formerly phantom-routing)
 - `mesh/annex.js` - Session key derivation uses SHA3-256
 - `mesh/echo-ranging.js` - Probe key derivation uses SHA3-256
 

package/README.md

@@ -182,7 +182,8 @@ See [TRADEMARK.md](TRADEMARK.md) for trademark usage policy.
   <p>
     <a href="https://discord.gg/8mSPfbJB8N">💬 Discord</a> •
     <a href="https://t.me/yakmesh">📱 Telegram</a> •
-    <a href="https://x.com/yakmesh_dev">𝕏 Twitter</a>
+    <a href="https://x.com/yakmesh_dev">𝕏 Twitter</a> •
+    <a href="https://patreon.com/yakmesh">❤️ Patreon</a>
   </p>
   <br>
   <sub>© 2026 YAKMESH™ Project. Sturdy & Secure.</sub>

package/announcements/discord-v1.7.0.md

@@ -0,0 +1,35 @@
+# Discord Announcement - v1.7.0
+
+## Embed
+
+**Title:** 🦬 YAKMESH™ v1.7.0 Released!
+
+**Description:**
+Defense-in-depth with dual post-quantum signatures!
+
+**Fields:**
+
+### 🛡️ SLH-DSA Backup Signatures
+- Hash-based signatures (FIPS 205) as backup to ML-DSA
+- Defense-in-depth: if lattice breaks, hash-based still holds
+- `signDual()` and `verifyDual()` for maximum security
+
+### 📊 Monitoring Dashboard  
+- New `/metrics` endpoint with comprehensive node status
+- Dashboard shows Oracle, Crypto, Time Source, Uptime
+- Real-time health monitoring
+
+### 🤖 Dev.to Automation
+- Release articles now auto-posted to Dev.to
+- Three platforms automated: Discord, Telegram, Dev.to
+
+### 📦 Install
+```
+npm install yakmesh@1.7.0
+```
+
+**Links:** [npm](https://npmjs.com/package/yakmesh) • [GitHub](https://github.com/yakmesh/yakmesh) • [Docs](https://yakmesh.dev/docs) • [Discord](https://discord.gg/8mSPfbJB8N) • [Telegram](https://t.me/yakmesh)
+
+---
+
+YAKMESH™ - Sturdy & Secure 🏔️

package/announcements/patreon-welcome.md

@@ -0,0 +1,83 @@
+# Welcome to YAKMESH™ Patreon! 🦬
+
+## Thank You for Supporting Post-Quantum Security
+
+Welcome to the YAKMESH™ community! Your support helps us build the future of secure, decentralized networking.
+
+---
+
+## 🏔️ What is YAKMESH?
+
+**YAKMESH** (Yielding Atomic Kernel Modular Encryption Secured Hub) is a high-resiliency, decentralized mesh network designed to survive the quantum computing era.
+
+### Why It Matters
+- 🔐 **Post-quantum cryptography** - Protected against future quantum attacks using ML-DSA-65, ML-KEM768, and SLH-DSA
+- 🌐 **Truly decentralized** - No central servers, no single points of failure
+- 🔮 **Self-verifying oracle** - Code is the authority, not humans
+- 🕵️ **Phantom routing** - Onion routing for privacy
+- ⚡ **PCIe atomic timing** - Nanosecond precision across the network
+
+---
+
+## 💚 What Your Support Enables
+
+### Infrastructure
+- 🖥️ Official node hosting and bandwidth
+- 🔒 Security audits and penetration testing
+- 📊 Network monitoring and uptime
+
+### Development
+- 🛠️ Full-time development resources
+- 🧪 Testing infrastructure
+- 📚 Documentation and tutorials
+
+### Community
+- 🎮 Discord bot (YakBot) hosting
+- 🎉 Community events and hackathons
+- 📰 Regular development updates
+
+---
+
+## 🎁 Supporter Benefits
+
+### All Supporters
+- 💬 Patron-only Discord channel access
+- 📋 Early access to roadmap discussions
+- 🏷️ Patron badge in Discord
+- 📰 Monthly development digest
+
+### Future Tiers (Coming Soon)
+- **Builder** - Vote on feature priorities
+- **Pioneer** - Name in contributors list
+- **Architect** - Monthly dev call access
+
+---
+
+## 🔗 Connect With Us
+
+- 🌐 **Website**: [yakmesh.dev](https://yakmesh.dev)
+- 💬 **Discord**: [Join Server](https://discord.gg/8mSPfbJB8N)
+- 📱 **Telegram**: [@yakmesh](https://t.me/yakmesh)
+- 𝕏 **Twitter/X**: [@yakmesh_dev](https://x.com/yakmesh_dev)
+- 📦 **npm**: [yakmesh](https://npmjs.com/package/yakmesh)
+- 📂 **GitHub**: [yakmesh/yakmesh](https://github.com/yakmesh/yakmesh)
+
+---
+
+## 🚀 Quick Start
+
+```bash
+npm install yakmesh
+npx yakmesh init
+npx yakmesh start
+```
+
+---
+
+**Thank you for being part of the quantum-resistant future!**
+
+*Sturdy & Secure* 🏔️
+
+---
+
+© 2026 YAKMESH™ Project | [PeerQuanta](https://peerquanta.com)

package/announcements/telegram-v1.7.0.md

@@ -0,0 +1,11 @@
+# Telegram Announcement - v1.7.0
+
+🦬 *YAKMESH™ v1.7.0 Released!*
+
+🛡️ SLH-DSA backup signatures for defense-in-depth
+📊 New monitoring dashboard with /metrics endpoint  
+🤖 Automated Dev.to article posting
+
+📦 `npm install yakmesh@1.7.0`
+
+🔗 https://github.com/yakmesh/yakmesh/releases/tag/v1.7.0

package/announcements/x-v1.7.0.md

@@ -0,0 +1,41 @@
+# X/Twitter Announcement - v1.7.0
+
+## Thread
+
+### Tweet 1
+🦬 YAKMESH™ v1.7.0 Released!
+
+Defense-in-depth with dual post-quantum signatures 🛡️
+
+Now using BOTH:
+• ML-DSA (lattice-based) - fast primary
+• SLH-DSA (hash-based) - backup
+
+If lattice crypto ever breaks, hash-based still protects you.
+
+npm i yakmesh@1.7.0
+
+### Tweet 2 (Reply)
+New features in v1.7.0:
+
+📊 Monitoring Dashboard
+- /metrics endpoint with full node status
+- Oracle, Crypto, Time Source visualization
+- Real-time uptime tracking
+
+🤖 Automation
+- Release articles auto-posted to Dev.to
+- Discord + Telegram + Dev.to = 3 platforms automated
+
+### Tweet 3 (Reply)
+The philosophy: Sturdy & Secure 🏔️
+
+Like a yak on a mountain, YAKMESH™ is built to survive harsh conditions.
+
+Quantum computers? Covered.
+Lattice assumptions break? Still covered.
+Single point of failure? Mesh eliminates it.
+
+Docs: yakmesh.dev
+
+#PostQuantum #P2P #Cryptography

package/cli/index.js

@@ -56,7 +56,7 @@ program
     // Parse bootstrap nodes
     const bootstrapNodes = options.bootstrap 
       ? options.bootstrap.split(',').map(s => s.trim())
-      : ['wss://peerquanta.com:9001'];
+      : [];  // Empty by default - YAKMESH is decentralized, no central bootstrap
 
     // Generate config
     const config = `/**
@@ -302,6 +302,6 @@ if (!process.argv.slice(2).length) {
   showBanner();
   program.outputHelp();
 }
-
-
-
+
+
+

package/mesh/{phantom-routing.js → nakpak-routing.js}

@@ -1,5 +1,5 @@
 /**
- * Yakmesh Phantom Routing - Post-quantum Hidden Anonymous Network Transmission Over Mesh
+ * Yakmesh NAKPAK Routing - Nested Anonymous Kernel for Private Authenticated Komms
  * 
  * The first post-quantum secure onion routing implementation featuring:
  * - ML-DSA-65 signatures at every routing layer
@@ -7,12 +7,15 @@
  * - Multi-layer encryption with perfect forward secrecy
  * - Timing attack resistance through temporal padding
  * 
- * Key Innovation: "Your packets become ghosts"
+ * Key Innovation: "Your packets travel like yak caravans through hidden mountain paths"
  * - Each routing layer uses different quantum-resistant keys
  * - Decoy traffic masks real communication patterns
  * - Temporal obfuscation defeats traffic analysis
  * 
- * @module mesh/phantom-routing
+ * Etymology: NAK (female yak, the pack carrier) + PAK (package) = NAKPAK (sounds like "knapsack")
+ * Works with SHERPA (Secure Hidden Endpoint Resolution Path Architecture) for peer discovery.
+ * 
+ * @module mesh/nakpak-routing
  * @license MIT
  * @copyright 2026 YAKMESH™ Contributors
  */
@@ -23,7 +26,7 @@ import { ml_kem768 } from '@noble/post-quantum/ml-kem.js';
 import { sha3_256 } from '@noble/hashes/sha3.js';
 import { bytesToHex, hexToBytes, utf8ToBytes } from '@noble/hashes/utils.js';
 
-const PHANTOM_CONFIG = {
+const NAKPAK_CONFIG = {
   // Circuit settings
   defaultHopCount: 3,           // Number of hops (like Tor)
   maxHopCount: 7,               // Maximum allowed hops
@@ -44,13 +47,13 @@ const PHANTOM_CONFIG = {
   maxPayloadSize: 7000,         // Max actual payload
   
   // Key derivation
-  keyDerivationSalt: 'PHANTOM-YAKMESH-2026',
+  keyDerivationSalt: 'NAKPAK-YAKMESH-2026',
 };
 
 /**
- * A single routing layer in the onion
+ * A single routing layer in the onion (like a yak's pack saddle layer)
  */
-class PhantomLayer {
+class NakpakLayer {
   constructor(options) {
     this.hopIndex = options.hopIndex;
     this.nodeId = options.nodeId;
@@ -114,12 +117,12 @@ class PhantomLayer {
       throw new Error('No encryption key established');
     }
 
-    const nonce = randomBytes(PHANTOM_CONFIG.nonceSize);
+    const nonce = randomBytes(NAKPAK_CONFIG.nonceSize);
     const cipher = createCipheriv(
-      PHANTOM_CONFIG.layerEncryption,
+      NAKPAK_CONFIG.layerEncryption,
       this.encryptionKey,
       nonce,
-      { authTagLength: PHANTOM_CONFIG.authTagLength }
+      { authTagLength: NAKPAK_CONFIG.authTagLength }
     );
 
     const plaintext = typeof data === 'string' ? data : JSON.stringify(data);
@@ -148,10 +151,10 @@ class PhantomLayer {
     const tag = Buffer.from(encryptedData.tag, 'hex');
 
     const decipher = createDecipheriv(
-      PHANTOM_CONFIG.layerEncryption,
+      NAKPAK_CONFIG.layerEncryption,
       this.encryptionKey,
       nonce,
-      { authTagLength: PHANTOM_CONFIG.authTagLength }
+      { authTagLength: NAKPAK_CONFIG.authTagLength }
     );
     decipher.setAuthTag(tag);
 
@@ -166,16 +169,16 @@ class PhantomLayer {
   _deriveEncryptionKey(sharedSecret) {
     return createHash('sha3-256')
       .update(sharedSecret)
-      .update(PHANTOM_CONFIG.keyDerivationSalt)
+      .update(NAKPAK_CONFIG.keyDerivationSalt)
       .update(Buffer.from([this.hopIndex]))
       .digest();
   }
 }
 
 /**
- * An onion-wrapped packet
+ * An onion-wrapped packet (like a yak's cargo bundle)
  */
-class PhantomPacket {
+class NakpakPacket {
   constructor(options = {}) {
     this.id = options.id || bytesToHex(randomBytes(16));
     this.circuitId = options.circuitId;
@@ -211,7 +214,7 @@ class PhantomPacket {
     });
 
     const currentSize = Buffer.byteLength(serialized, 'utf8');
-    const paddingNeeded = PHANTOM_CONFIG.fixedPacketSize - currentSize - 50; // Reserve for padding field
+    const paddingNeeded = NAKPAK_CONFIG.fixedPacketSize - currentSize - 50; // Reserve for padding field
 
     if (paddingNeeded > 0) {
       this.padding = randomBytes(Math.max(1, paddingNeeded)).toString('base64');
@@ -222,7 +225,7 @@ class PhantomPacket {
    * Create decoy packet
    */
   static createDecoy(circuitId) {
-    const decoy = new PhantomPacket({
+    const decoy = new NakpakPacket({
       circuitId,
       isDecoy: true,
     });
@@ -251,7 +254,7 @@ class PhantomPacket {
   }
 
   static deserialize(obj) {
-    const packet = new PhantomPacket({
+    const packet = new NakpakPacket({
       id: obj.id,
       circuitId: obj.circuitId,
       timestamp: obj.timestamp,
@@ -263,12 +266,12 @@ class PhantomPacket {
 }
 
 /**
- * A circuit through the mesh (like a Tor circuit)
+ * A circuit through the mesh (like a yak caravan route)
  */
-class PhantomCircuit {
+class NakpakCircuit {
   constructor(options = {}) {
     this.circuitId = options.circuitId || bytesToHex(randomBytes(16));
-    this.hops = [];                // Array of PhantomLayer
+    this.hops = [];                // Array of NakpakLayer
     this.isEstablished = false;
     this.createdAt = Date.now();
     this.lastUsed = Date.now();
@@ -279,14 +282,14 @@ class PhantomCircuit {
    * Build a circuit through specified nodes
    */
   async buildCircuit(nodeIds) {
-    if (nodeIds.length > PHANTOM_CONFIG.maxHopCount) {
-      throw new Error('Too many hops: max is ' + PHANTOM_CONFIG.maxHopCount);
+    if (nodeIds.length > NAKPAK_CONFIG.maxHopCount) {
+      throw new Error('Too many hops: max is ' + NAKPAK_CONFIG.maxHopCount);
     }
 
     this.hops = [];
     
     for (let i = 0; i < nodeIds.length; i++) {
-      const layer = new PhantomLayer({
+      const layer = new NakpakLayer({
         hopIndex: i,
         nodeId: nodeIds[i],
         nextHop: nodeIds[i + 1] || null,
@@ -356,7 +359,7 @@ class PhantomCircuit {
       };
     }
 
-    const packet = new PhantomPacket({
+    const packet = new NakpakPacket({
       circuitId: this.circuitId,
     });
     packet.addLayer(payload);
@@ -369,14 +372,14 @@ class PhantomCircuit {
   }
 
   isExpired() {
-    return Date.now() - this.createdAt > PHANTOM_CONFIG.circuitTimeout;
+    return Date.now() - this.createdAt > NAKPAK_CONFIG.circuitTimeout;
   }
 }
 
 /**
- * Relay node handler for forwarding phantom packets
+ * Relay node handler for forwarding nakpak packets
  */
-class PhantomRelay {
+class NakpakRelay {
   constructor(options = {}) {
     this.nodeId = options.nodeId || bytesToHex(randomBytes(16));
     this.circuits = new Map();    // circuitId -> local layer info
@@ -401,7 +404,7 @@ class PhantomRelay {
    * Handle incoming circuit creation request
    */
   async handleCircuitCreate(request) {
-    const layer = new PhantomLayer({
+    const layer = new NakpakLayer({
       hopIndex: request.hopIndex,
       nodeId: this.nodeId,
       nextHop: request.nextHop,
@@ -491,8 +494,8 @@ class PhantomRelay {
    * Add random delay to defeat timing analysis
    */
   async _addTimingDelay() {
-    const delay = PHANTOM_CONFIG.minPaddingMs + 
-      Math.random() * (PHANTOM_CONFIG.maxPaddingMs - PHANTOM_CONFIG.minPaddingMs);
+    const delay = NAKPAK_CONFIG.minPaddingMs + 
+      Math.random() * (NAKPAK_CONFIG.maxPaddingMs - NAKPAK_CONFIG.minPaddingMs);
     await new Promise(resolve => setTimeout(resolve, delay));
   }
 
@@ -500,9 +503,9 @@ class PhantomRelay {
    * Maybe inject a decoy packet to mask traffic patterns
    */
   _maybeInjectDecoy(circuitId) {
-    if (Math.random() < PHANTOM_CONFIG.decoyProbability) {
+    if (Math.random() < NAKPAK_CONFIG.decoyProbability) {
       this.stats.decoysInjected++;
-      return PhantomPacket.createDecoy(circuitId).serialize();
+      return NakpakPacket.createDecoy(circuitId).serialize();
     }
     return null;
   }
@@ -537,13 +540,13 @@ class PhantomRelay {
 }
 
 /**
- * Main PHANTOM routing manager
+ * Main NAKPAK routing manager
  */
-class PhantomRouter {
+class NakpakRouter {
   constructor(options = {}) {
     this.nodeId = options.nodeId || bytesToHex(randomBytes(16));
-    this.relay = new PhantomRelay({ nodeId: this.nodeId });
-    this.circuits = new Map();     // circuitId -> PhantomCircuit (for circuits we created)
+    this.relay = new NakpakRelay({ nodeId: this.nodeId });
+    this.circuits = new Map();     // circuitId -> NakpakCircuit (for circuits we created)
     this.knownNodes = new Map();   // nodeId -> { publicKey, lastSeen }
     
     this.stats = {
@@ -576,7 +579,7 @@ class PhantomRouter {
       const availableNodes = Array.from(this.knownNodes.keys())
         .filter(id => id !== this.nodeId);
       
-      if (availableNodes.length < PHANTOM_CONFIG.defaultHopCount) {
+      if (availableNodes.length < NAKPAK_CONFIG.defaultHopCount) {
         throw new Error('Not enough known nodes for circuit');
       }
       
@@ -586,10 +589,10 @@ class PhantomRouter {
         [availableNodes[i], availableNodes[j]] = [availableNodes[j], availableNodes[i]];
       }
       
-      hopNodeIds = availableNodes.slice(0, PHANTOM_CONFIG.defaultHopCount);
+      hopNodeIds = availableNodes.slice(0, NAKPAK_CONFIG.defaultHopCount);
     }
 
-    const circuit = new PhantomCircuit();
+    const circuit = new NakpakCircuit();
     const buildResult = await circuit.buildCircuit(hopNodeIds);
     
     this.circuits.set(circuit.circuitId, circuit);
@@ -638,7 +641,7 @@ class PhantomRouter {
    * Handle incoming packet (as a relay)
    */
   async handlePacket(packetData) {
-    const packet = PhantomPacket.deserialize(packetData);
+    const packet = NakpakPacket.deserialize(packetData);
     const result = await this.relay.processPacket(packet);
 
     if (result.type === 'EXIT') {
@@ -690,10 +693,10 @@ class PhantomRouter {
 }
 
 export {
-  PHANTOM_CONFIG,
-  PhantomLayer,
-  PhantomPacket,
-  PhantomCircuit,
-  PhantomRelay,
-  PhantomRouter,
+  NAKPAK_CONFIG,
+  NakpakLayer,
+  NakpakPacket,
+  NakpakCircuit,
+  NakpakRelay,
+  NakpakRouter,
 };