Lib.rs

Network programmingrustpatcher
#networking #p2p #system #iroh #patcher #patch #pkarr

macro rustpatcher-macros

p2p patching system

Owned by rustonbsd.

1 unstable release

new 0.1.0 Mar 5, 2025

#5 in #patcher

Download history 98/week @ 2025-02-28

99 downloads per month
Used in rustpatcher

MIT license

6KB

Rust Patcher

Secure Decentralized Software Updates - Working work in progress

Crates.io Docs.rs License

Implementation Flow

1. Add Dependency (Crates.io)

# Cargo.toml
[dependencies]
rustpatcher = "0.1"

2. Initialize Cryptographic Identity

cargo run -- rustpatcher init

Output:

New keys generated:
  Trusted-Key = mw6iuq1iu7qd5gcz59qpjnu6tw9yn7pn4gxxkdbqwwwxfzyziuro
  Shared-Secret = 8656fg8j6s43a4jndkzdysjuof588zezsn6s8sd6wwcpwf6b3r9y

Add to build.rs:
println!("cargo:rustc-env=TRUSTED_KEY=mw6iuq...");
println!("cargo:rustc-env=SHARED_SECRET_KEY=8656fg...");

3. Configure build.rs

// build.rs
fn main() {
    println!("cargo:rustc-env=TRUSTED_KEY={}", env!("TRUSTED_KEY"));
    println!("cargo:rustc-env=SHARED_SECRET_KEY={}", env!("SHARED_SECRET_KEY"));
}

4. Main Application Setup

// main.rs
use rustpatcher::Patcher;

#[tokio::main]
async fn main() -> anyhow::Result<()> {
    let patcher = Patcher::new()
        .trusted_key_from_z32_str(env!("TRUSTED_KEY"))
        .shared_secret_key_from_z32_str(env!("SHARED_SECRET_KEY"))
        .build()
        .await?;
}

5. Publish Updates (Master Node)

# Increment version in Cargo.toml first
cargo run -- rustpatcher publish

Creates signed package with:

  • SHA-256 executable hash
  • Version metadata (major.minor.patch)
  • Ed25519 publisher signature
  • PKARR DHT record

Network Architecture

Master Node Flow

sequenceDiagram
    Master->>+PKARR: Publish signed package
    Master->>+Iroh: Announce version topic
    Master-->>Network: Propagate via DHT

Client Node Flow

sequenceDiagram
    Client->>+PKARR: Check version records
    PKARR-->>-Client: Return latest signed package
    Client->>+Iroh: Discover peers via topic
    Iroh-->>-Client: Return node list
    Client->>Peer: Establish P2P connection
    Peer-->>Client: Stream verified update
    Client->>Self: Safe replace via self_replace

Key Processes

  1. Version Propagation

    • Master nodes sign packages with secret key
    • PKARR DHT stores version records with TTL
    • Iroh topic tracker maintains peer list per version

  2. Update Verification

    // Verification chain
if pub_key.verify(&data, &sig).is_ok() 
   && compute_hash(data) == stored_hash 
   && version > current_version {
    apply_update()
}

  3. Self-Update Mechanism

    • Temp file write with atomic replacement
    • Execv syscall for instant reload
    • Rollback on hash mismatch

CLI Reference

Command Function
init Generate cryptographic identity
publish Create/distribute signed package

Zero configuration needed for peer discovery - automatic via Iroh Topic Tracker

Old Architecture Diagram

Rough outline of how everythong works

Dependencies

~245–680KB
~16K SLoC