Federation: multiplayer arborist#
Gossip-based mesh for cross-peer data sharing. Arborist peers
that ingest the same source under the same chunker and
canonicalization compute bit-identical document_root hashes;
the mesh layer is what lets peers exchange and verify each other’s
records without a central authority.
Mesh — gossip / membership layer for federated arborist trees.
Off by default. Loaded only when the user explicitly opts in via arborist mesh init (creates this peer’s identity) and arborist mesh enable (flips the gating flag in the meta table).
- The cryptographic substrate:
Ed25519 (signing) — every gossip message and every membership mutation event is signed by the sender’s pubkey.
X25519 (ECDH) — used to wrap each epoch’s symmetric mesh secret to every current member’s DH pubkey, so the new secret is reconstructible only by the post-rotation roster.
- Membership state is per-epoch:
epoch 0 = group genesis (just the founder) epoch N = the N-th roster mutation (add member, kick, scheduled rotate)
Eviction is a rotate where the kicked member’s pubkey isn’t in the new envelope. Their previously-signed events stay verifiable forever (historical roster preserved in mesh_roster), but they no longer have the new secret, so any AEAD-protected gossip for epoch N+1 is opaque to them.
This module deliberately avoids networking. The wire layer (HTTP/TLS gossip server + sync client) lives in arborist.mesh.wire and is also opt-in.
- class arborist.mesh.MeshIdentity(member_id: 'str', sign_priv: 'bytes', sign_pub: 'bytes', dh_priv: 'bytes', dh_pub: 'bytes', group_name: 'str', created_at: 'int')[source]#
Bases:
object- Parameters:
- class arborist.mesh.MeshRosterEntry(member_id: 'str', sign_pub: 'bytes', dh_pub: 'bytes', role: 'str')[source]#
Bases:
object
- arborist.mesh.aead_decrypt(key, nonce, ciphertext, aad=b'')[source]#
Decrypt + verify. Raises ValueError on tag mismatch (no plaintext leak).
- arborist.mesh.aead_encrypt(key, nonce, plaintext, aad=b'')[source]#
Encrypt + authenticate. Returns ciphertext||tag.
- arborist.mesh.current_epoch(conn)[source]#
- Parameters:
conn (Connection)
- Return type:
int | None
X25519 ECDH -> 32-byte shared secret (HKDF-extracted).
- arborist.mesh.generate_dh_keypair()[source]#
Return (priv_bytes, pub_bytes) for a fresh X25519 keypair.
- arborist.mesh.generate_signing_keypair()[source]#
Return (priv_bytes, pub_bytes) for a fresh Ed25519 keypair.
- arborist.mesh.init_identity(conn, *, group_name, member_id=None)[source]#
Generate this peer’s keys and seed epoch 0 with this peer as founding admin.
Idempotent on re-call only in the sense that it raises — the schema enforces a singleton via PK = 1. Caller is expected to check load_identity() first.
- Parameters:
conn (Connection)
group_name (str)
member_id (str | None)
- Return type:
- arborist.mesh.is_enabled(conn)[source]#
- Parameters:
conn (Connection)
- Return type:
- arborist.mesh.load_identity(conn)[source]#
- Parameters:
conn (Connection)
- Return type:
MeshIdentity | None
- arborist.mesh.set_enabled(conn, enabled)[source]#
- Parameters:
conn (Connection)
enabled (bool)
- Return type:
None
- arborist.mesh.verify(pub_bytes, signature, message)[source]#
Ed25519 verify. Returns True/False — never raises.
Permacomputer Preamble — License: AGPL-3.0-only
This is free software for the public good of a permacomputer hosted at permacomputer.com, an always-on computer by the people, for the people. Durable, easy to repair, & distributed like tap water for machine learning intelligence.
Our permacomputer is community-owned infrastructure optimized around four values:
TRUTH — First principles, math & science, open source code freely distributed.
FREEDOM — Voluntary partnerships, freedom from tyranny & corporate control.
HARMONY — Minimal waste, self-renewing systems with diverse thriving connections.
LOVE — Be yourself without hurting others, cooperation through natural law.
NO WARRANTY. Software is provided “AS IS” without warranty of any kind. Full text: License.