It was changed to AntTP a few weeks back. I can’t edit the OP atm.

DNS naming has been removed for now too, with the medium/long term plan being around pet names.

If there is another service that does DNS, it could be integrated though. It just felt hard to manage and was too much scope for this app.

Some security info for your consideration in this matter of security concerns with https and TLS…

Via the Brave AI assisted Search I asked their variant of the mistral mixtral AI (mix of agents) this question.: (Since the Brave Browser team is using their own platform to get smarter)

“Given TLS and HTTPS are prone to security exploits, how does QUIC improve on or replace the latter two capabilities with respect to better public secure access to content?”

the url

The result: (all roads lead to QUIC for public access?)

QUIC vs HTTPS and TLS

QUIC improves upon and replaces TLS and HTTP/2 by integrating TLS encryption directly into its transport layer, eliminating the need for a separate TLS handshake process. This results in a faster and more secure connection establishment, as QUIC combines the TLS handshake and transport setup into a single step, reducing the initial connection time and latency.15

QUIC encrypts all transport information at the transport layer, which virtually eliminates the attack surface that TCP offers, making it more resistant to certain types of security exploits.3 Additionally, QUIC encrypts additional connection metadata that could be exploited by middle-boxes to interfere with connections, ensuring that only the end-points in the connection can use this information.5

By encrypting everything in the transport layer, QUIC provides a secure-by-default transport protocol, which is one of its main design goals. This means that QUIC connections are always authenticated and encrypted, enhancing security compared to traditional TLS and HTTP/2 setups.5

QUIC also solves the head-of-line (HOL) blocking issue present in TCP, where the loss of a single packet forces all subsequent packets to wait until the lost packet is retransmitted. QUIC uses independent streams within a single connection, allowing multiple streams to operate independently, thus improving performance and reliability.1

In summary, QUIC enhances public secure access to content by providing faster and more secure connections through integrated encryption, reducing latency, and improving reliability compared to TLS and HTTP/2.15

AI-generated answer. Please verify critical facts.

zscaler.com
QUIC: The Secure Communication Protocol Shaping the Internet’s Future | Zscaler


f5.com
What Are QUIC and HTTP/3? | F5


netquestcorp.com
Google QUIC and Its Impact on Network Security - NetQuest


netquestcorp.com
What Is QUIC and Why Threat Hunters Care - NetQuest


blog.cloudflare.com
The Road to QUIC


en.wikipedia.org
QUIC - Wikipedia

Proper application of UNIX-type thinking

How about using namecoin for DNS?
https://www.namecoin.org/

hmm, its blockchain and consensus bound, perhaps we should look at this as follows?:

Again I ask Mixtral this question:

“Who are the top three FOSS Distributed DNS headless clients written in rust programming language making use of the QUIC protocol stack and what are the comparative differentiated capabilities of each implementation?”

The brave url: (you can try it yourself, but might need the brave browser which embeddes access to their version of the Mistral Mixtral AI mix of agents, or at least have brave search engine in your browser…)

There are some solid FOSS options one can investigate when looking to incoporate DNS on top of QUIC with Autonomi Network (written in Rust in a headless fashion) as follows:

Top Rust QUIC DNS Clients

The top three FOSS (Free and Open Source Software) distributed DNS headless clients written in Rust that make use of the QUIC protocol stack are:

• Quiche :
  • Description : Quiche is a library developed by Cloudflare. It is designed to follow the latest QUIC specification with a strong focus on security and compliance. Quiche is known for its robustness and adherence to standards, making it a reliable choice for implementing QUIC in DNS clients.
  • Differentiated Capabilities : Quiche is built with a focus on performance and security. It leverages Cloudflare’s extensive research and experience in the QUIC protocol, ensuring that it stays up-to-date with the latest developments. Quiche is also known for its low-level control over the QUIC protocol, which can be beneficial for advanced use cases and customizations.
• Quinn :
  • Description : Quinn is a pure Rust implementation of the QUIC protocol. It is maintained by an open-source community and is known for its straightforward and friendly API, making it accessible for new QUIC developers. Quinn is built entirely in Rust, which can provide better integration with other Rust projects.
  • Differentiated Capabilities : Quinn’s pure Rust implementation ensures better compatibility and integration with other Rust projects. Its user-friendly API and active community support make it a popular choice for developers who are new to QUIC. Quinn is also known for its flexibility and ease of use, which can be advantageous for rapid development and prototyping.
• S2N-QUIC :
  • Description : S2N-QUIC is part of the s2n library suite developed by AWS. It aims to provide a secure and efficient QUIC implementation. S2N-QUIC is designed to be highly secure and efficient, leveraging AWS’s expertise in cloud and network security.
  • Differentiated Capabilities : S2N-QUIC is particularly strong in security and efficiency, making it a suitable choice for applications where these aspects are critical. It is well-integrated with AWS services and can be a good fit for cloud-based DNS clients. S2N-QUIC also benefits from the extensive testing and validation processes used by AWS, ensuring high reliability and performance.

Each of these libraries has its own strengths, and the choice between them depends on the specific requirements of the project, such as the need for security, performance, ease of use, and integration with other systems.

AI-generated answer. Please verify critical facts.

blog.adamchalmers.com
What I learned from making a DNS client in Rust


dev.to
What is QUIC protocol, and how to use through Rust - DEV Community


edransit.medium.com
Diving into HTTP/3: Security, congestion control, and TCP comparisons on QUIC protocol | by EDRANS Stories | Medium

Since I dont care for AWS or Cloudflare, here is more on Quinn which is IETF ratified, with other big companies pushing it, Quinn is a framework, so its a heavier lift to build your own DNS system with it… That said, when you use Quinn framework to build your Distributed DNS capabilities, its yours and you can modify it as you like in your own fork, Quinn is probably a better fit for Autonomi?

DNS over QUIC

Quinn is a Rust library for QUIC, a general-purpose network protocol built on top of UDP and standardized by the IETF.5 While Quinn itself is not a DNS service, it offers a framework that can be used to implement DNS services over QUIC, leveraging the protocol’s advantages such as improved connection establishment speed, better congestion control, and multiplexing without head-of-line blocking.5

DNS over QUIC (DoQ) is a protocol that uses QUIC to transmit DNS queries and responses, providing enhanced privacy, improved performance, and robust security compared to traditional DNS protocols.26 DoQ encrypts DNS traffic by default, ensuring that queries and responses are not visible to unauthorized parties.26 It also offers faster connection establishment and better performance in networks with high packet loss rates.6

Several organizations have started implementing DoQ, including AdGuard DNS, which supports DNS over TLS, DNS over HTTPS, and DNS over QUIC.1 PowerDNS’s dnsdist 1.9.0 version supports DoQ in addition to DoT and DoH, enabling DNS resolvers to offer encrypted DNS services with improved performance.1

The IETF standardized DNS over QUIC in 2022 with the publication of RFC 9250, making it a proposed standard.6 Although DoQ is relatively new and its adoption is gradual, it has the potential to replace older, unencrypted DNS protocols due to its comprehensive encryption and performance benefits.6

DoQ is particularly useful for recursive DNS servers, but it can also be used for authoritative DNS servers, allowing for end-to-end encryption of DNS traffic.6

AI-generated answer. Please verify critical facts.

catchpoint.com
DNS over QUIC (DoQ)—Working and Implementation Guide.


dn.org
DNS over QUIC A Next Generation Transport for Privacy and Performance – DN.org


docs.quic.cloud
Setting up DNS | Onboarding | QUIC.cloud | QUIC.cloud Documentation


quic.cloud
Managing DNS with QUIC.cloud - QUIC.cloud


quinn-rs.github.io
QUIC introduction - Quinn


adguard-dns.io
DNS-over-QUIC is now officially a proposed standard

More on actual implementations of QUINN by others creating DNS services:

QUIC Vendor DNS Capabilities

The QUINN framework is being utilized by several vendors to implement distributed DNS services over QUIC. Here are the top three vendors and their comparative differentiated capabilities:

• Adgaurd DNS : Adgaurd DNS offers a suite of tools that support DNS over QUIC (DoQ), including dnslookup , a client that supports DNS over TLS (DoT), DNS over HTTPS (DoH), and DoQ. Additionally, dnsproxy acts as a proxy server for these secure DNS protocols, and DnsLibs is an open-source C++ library for implementing these protocols. Adgaurd DNS is known for its comprehensive support and flexibility in DNS security options.2
• PowerDNS : PowerDNS has integrated DoQ support into its latest version of dnsdist (1.9.0), which already supports DoT and DoH. This makes PowerDNS a robust solution for organizations looking to implement secure DNS services with minimal changes to their existing infrastructure. PowerDNS is recognized for its reliability and ease of integration with existing DNS systems.2
• European Public DNS Resolver (DNS0.EU) : DNS0.EU is a public DNS resolver that supports DoQ, providing users with a secure and privacy-focused DNS service. It is particularly useful for individuals and organizations concerned about DNS privacy and security. DNS0.EU is known for its focus on user privacy and its commitment to open standards.2

Comparative Differentiated Capabilities:

• Adgaurd DNS :
  • Comprehensive Toolset : Offers a client (dnslookup ), a proxy server (dnsproxy ), and a library (DnsLibs ), making it a versatile solution for various deployment scenarios.
  • Open-Source : The DnsLibs library is open-source, allowing for customization and community contributions.
• PowerDNS :
  • Integration with Existing Systems : dnsdist 1.9.0 supports DoQ alongside DoT and DoH, making it easy to integrate with existing DNS infrastructure.
  • Reliability and Performance : Known for its reliability and performance, PowerDNS is a trusted choice for enterprise-level DNS services.
• European Public DNS Resolver (DNS0.EU) :
  • Privacy Focus : Emphasizes user privacy and security, making it a preferred choice for users concerned about DNS privacy.
  • Public Service : Provides a public DNS resolver, making it accessible to a wide range of users without the need for complex setup.

These vendors offer different strengths, from comprehensive toolsets and open-source contributions to ease of integration and a strong focus on privacy. The choice of vendor depends on the specific needs and priorities of the organization or individual implementing DNS over QUIC.

AI-generated answer. Please verify critical facts.

catchpoint.com
DNS over QUIC (DoQ)—Working and Implementation Guide.


help.nextdns.io
What is DNS over TLS (DoT), DNS over Quic (DoQ) and DNS over HTTPS (DoH & DoH3)? - Getting Started - NextDNS Help Center


f5.com
QUIC Will Eat the Internet |

Fwiw, I did think about just using regular DNS.

It is perfectly possible to read in TXT field, which could contain an XOR address (or anything arbitrary). This depends on regular DNS though, along with the centralisation that comes with it.

However, with XOR addresses, we don’t need to resolve names (to IP addresses), as they resolve directly. V4 IP addresses need a name to resolve usually, due to insufficient IP addresses.

So, it comes down to what is readable and how we want to share them. We can use QR codes or just share XOR links. The challenge is verbal, not clickable or visual as such.

I also though about taking a DNS implementation, gutting it, then replacing its internals with autonomi lookups. So, same protocol, but uses autonomi. Great, but then you still have to organise who has what domains, who is squatting, etc.

So, really it isn’t a technical problem. Indeed, on proxy mode (SOCKS5) DNS lookups can be done by the proxy (i.e. AntTP). So, any lookup to autonomi is trivial to perform as a name/XOR mapper…

The problem is, who gets what name. Pet names don’t have this problem. Neither do bookmarks and XOR only.

Another used mini PC landed with Windows on it. So, before I wiped it to put Linux on it, I gave AntTP a whirl and it worked perfectly first time! Just double clicked on the exe and agreed to popups.

I noticed both Edge and Chrome want to change a system wide proxy, which is a bit naff. However, Firefox let me specify a proxy and that worked perfectly first time too!

I will share a screenshot tomorrow.

P.s. IMIM worked too!

Windows screenshot, with Firefox on the left and Edge on the right. AntTP is running in the ‘command line’ below:

Screenshot (2)1920×1080 204 KB

I actually tried recording a video of the setup. In a rush, I didn’t replay it (had to do other work), but then realised it only tracked the Edge window! D’oh!

I took one of my VPS’ and set this up for external access. Anyone here is welcome to play with it. I even put HTTPS in front of it for fun, for those that use browsers that force HTTPS usage.

Examples:
Autonomi Blocks
https://va.worldwidenodes.cyou/261f85f041460702dd3598e543808ff9835e748786999fced5c1803533eac644/autonomi-blocks-v4.html

BegBlag.mp3
https://va.worldwidenodes.cyou/a0f6fa2b08e868060fe6e57018e3f73294821feaf3fdcf9cd636ac3d11e7e2ac/BegBlag.mp3

Another new version pushed, which fixes an eTag regression and has includes further refactors.

Github: Release v0.3.21 · traktion/AntTP · GitHub
Dockerhub: https://hub.docker.com/repository/docker/traktion/anttp/general

Can this container handle multiple simultaneous requests or is it limited to 1 at a time?

Yes, it should handle a number connections simultaneously. IIRC, Actix changes the limits depending on the number of CPUs in the host machine.

However, I haven’t done extensive optimisation or testing on whether multiple Autonomi clients should/shouldn’t be used, etc. The library is thread safe, but it may be faster to have more than one instance still.

FWIW, this network does seem slower that the last test network too. I’m not sure if that is due to changes in the library or the network itself.

Worked Great, I observed about a 10 sec lag to load first chunks and have the link start playing (Brave Browser on Linux) on this 160/160 upload/download MB/sec Cogeco ISP link lightly loaded (Sun 16 Mar 2025 EDT 12:33 start 12:39 finish, located in Eastern, ON Canada, otherwise smooth, cached way ahead of play intially 2X for first 2 min, then stayed ahead 50% of what was being played, Paused and started ok twice running at 1.5X and 2X speeds as well, then back to 1X, finished and then downloaded ok as well as 15.0MB for 6min 34sec of mp3.

I am using LXC with incus, I want to bind this to the MAKO LUA microwebserver Framework I am using to develop an application hosted with dependencies in an Alpine Linux 3.21 enabled LXC container,

Q? any gottychas you might anticipate and or tips/advice that might help?

Also is there a reliable stable release git url location on which I can rely to fetch anttp from an ansible playbook function LURKING within my bash script?

Finally, I want to display credits in the about part of my WebUI for your anttp work… suggestions on what info I can surface in the UI?

Great work!

Nice! No specific gotchas. Just be aware that the proxy will need to be reachable by the app, but I’m sure you’re all over that!

EDIT: Actually, one thing that may not be obvious is the need for writable storage for caching archives. Without this, it’s very slow to resolve names, as it has to download the archive file each time. The cache directory is automatically created in the system temporary directory, currently.

I’m using trunk based releases, so trunk should always be stable.

I’ll be pushing changes to feature branches going forward, now that things are starting to stabilise.

Thanks - much appreciated!

Just linking the project in Github should be good for now. Folks should be able to find anything they need from there. I don’t have a website etc anyway, so definitely the best place to link!

Let me know how you get on - it’s great to see AntTP becoming useful!

Thanks for the tips and feedback , especially the cache much appreciated, I will keep you posted, we have some webserver work left to do and WEB UI work still WIP on this ‘anyone can plug it in, do a minimal config anduse it’ appliance stuff we are working on, so anttp will definitely be helping those find their public and private files… via the WebUI, deep in Lua at the moment.

It is about time there was a new release, so please welcome v0.4.1!

Github: Release v0.4.1 · traktion/AntTP · GitHub
Dockerhub: https://hub.docker.com/repository/docker/traktion/anttp/general

What does it add? Well, including 0.4.0, it now supports two substantial new features:

• Streaming data download support
• Multipart file uploads as async tasks

I’ll provide more documentation on how to use file uploads, but a quick example is:

POST http://localhost:8080/api/v1/archive
Content-Type: multipart/form-data; boundary=WebAppBoundary

--WebAppBoundary
Content-Disposition: form-data; name="testvideo.mp4"; filename="testvideo.mp4"

< /home/myhome/testvideo.mp4
--WebAppBoundary--

You can then check the status using the ID returned in the following format:

GET http://localhost:8080/api/v1/archive/status/<ID>

For streaming downloads, it happens automatically when your browser uses an embedded video player. It will ask AntTP if partial content is supported, then use it (as it is).

I’ve setup a quick test page here: http://d11e8cc28cefa6bd378248a2c99659de07bd136fab6fbcd662a70057226b0358/streaming.html

Screenshot from 2025-04-03 18-59-451920×1200 314 KB

(obviously, you need your browser setup with AntTP as a proxy to access the above URL)

I’m still experimenting with supported file formats, but MP4 files should work well.

I also have a test video on my IMIM blog: http://62003e683b5a792f425a75c5d7d99d06e80f7047be8de8176b7d295e510b3b4c/blog/cec7a9eb2c644b9a5de58bbcdf2e893db9f0b2acd7fc563fc849e19d1f6bd872/article/streaming-on-autonomi.md#article

You can check out the improved performance with the latest Autonomi 0.4.3 libraries here too, with the website loading relatively quickly. Once a single page has loaded, the CSS, JS, fonts, etc, will all be cached indefinitely too, which makes it nice and quick after that point!

Screenshot from 2025-04-03 19-05-041854×1168 173 KB

Lastly, you can also have some fun with VLC or your favourite video streamer. For VLC, you need to use localhost:8080, as it doesn’t like the URL format even with the proxy (annoyingly!)

E.g. http://localhost:8080/9bc691bb03f16936e3e6c5ddc7dd222d84c73aef714dad665bbdd4cd449451e4/newcastle-promenade-hq.mp4

Screenshot from 2025-04-03 19-01-311882×1197 2.57 MB

So, please take a look and have a play. I hope you like it!

Sorry if this is a dumb question. Can I disable uploads if I’ve opened my AnTP publicly?