1 unstable release

0.3.0 Aug 30, 2024

#1428 in Network programming

GPL-3.0-or-later

310KB
10K SLoC

CNSPRCY (alpha)

CNSPRCY is a daemon process that connects your personal computing devices (i.e. desktop, laptop & phone but not wearables). By constantly attempting to establish and then maintain connections between the devices, it can act as a central source of information for applications and scripts that need to exchange data between your devices. Additionally, if a dedicated connection isn't required, messages can simply be sent in-protocol, invoking scripts (called "event handlers") on the receiving device.

The same daemon process runs on each device, operating a fully decentralized mesh network, using gossip-style event propagation to reduce and equally share the load across devices. It knows the status of all peers (i.e. whether they are reachable) at all times, and it exposes this information, including the IP addresses and latencies when available, over a UNIX socket. This socket can either be queried directly using JSON, or via the provided CLI application.

Because not all applications & scripts need to open a dedicated connection, CNSPRCY also makes it trivial to send messages between devices. Messages are part of the protocol and sent over the connections the daemon already maintains - as such they are also encrypted & authenticated using the ChaCha20-Poly1305 cipher suite. On the receiving device, a script is invoked with the message content and originator. To decide which script (obviously it may also be a binary) is invoked, each message contains a user-defined tag, which maps onto the directory structure and filenames in the handler directory. For more information, see event_handlers.md.

CNSPRCY only targets (recent) distributions of Linux. It is written entirely in (async) Rust, using the Tokio runtime. Its central inspiration is the serf "service orchestration and management tool", and it tries to bring it from its data-center / server context to that of personal computers.

Current State

This Rust crate implements the cnspr binary which closely resembles the serf binary, acting as both the daemon process (./cnspr serve) and the client querying it (see ./cnspr help).
At this point, CNSPRCY is alpha-quality software and, while the underlying protocol and architecture of the daemon is reasonably well fleshed out, several important features are missing.

Among these is the integration with system services like NetworkManager to automatically start listening on network interfaces as they become available. This is crucial on devices like laptops and phones where connectivity is constantly changing.
Also lacking is a mechanism for devices to discover each other in the same local network. This will be modeled after the way it is done in Syncthing, mainly using a IP multicast protocol like SSDP and perhaps eventually using a global "rendezvous" server.

Eventually-Consistent Distributed Datastore

However, the most important feature currently missing is a persistent, eventually-consistent distributed datastore. Initially, it was planned for this component to be built "on top" of the CNSPRCY messaging protocol, at a point when it was more finished, but it has become clear that the two are too tightly coupled; that the datastore is a part of CNSPRCY rather than an extension of it. The CNSPRCY protocol needs this persistent datastore to efficiently gossip and the datastore in turn needs to be tightly integrated into CNSPRCY.

It might not be clear from the name alone, but the promise of this feature is far greater than just "efficient gossip": with a database that is always synchronized between all your computers, there is no longer any need for "cloud" software!

By exposing this datastore to other applications, CNSPRCY provides the key ingredient for creating great "offline-first" applications that work the way they ought to work: where it doesn't matter which of your computers you're using, where everything doesn't immediately break when the internet cuts out, where your data isn't mined, analyzed, sold or held for ransom.

Funding

This project was awarded a grant through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.

Dependencies

~58MB
~1M SLoC