Explain the importance of p2p encryption

More info about ciphersuites
More details about p2p encryption
2025-07-29 00:03:54 -04:00 · 2024-01-05 13:06:21 -08:00 · 2024-01-05 13:02:36 -08:00 · 2024-01-05 12:48:35 -08:00
1 changed files with 18 additions and 1 deletions
--- a/doc/overview.md
+++ b/doc/overview.md
@ -14,7 +14,24 @@ Equihash (200,9) (ASIC)

 ## P2P

-TLS1.3 via WolfSSL is enforced for all network connections as of v3.6.1
+TLS1.3 via WolfSSL is enforced for all network connections as of v3.6.1 .
+Many ciphersuites are technically supported by TLS1.3 but many of them
+are ancient, proved to be less secure than intended or likely backdoored.
+Hush only uses what are widely considered to be the most secure and [best ciphersuites](https://ciphersuite.info/cs/).
+
+New Hush P2P connections randomly choose between these two ciphersuites each
+time a new connection to a peer is created:
+
+  * `TLS_AES_256_GCM_SHA384`
+  * `TLS_CHACHA20_POLY1305_SHA256`
+
+Encrypted P2P connections are important because it means passive network spies,
+such as ISPs, cannot tell what nodes are communicating to each other and also
+prevents certain attacks against privacy at the network level, such as looking
+for which node was the first to relay a transaction. Bitcoin has no protection
+against this which is why it's trivial for network spies to tell which node
+(and hence which IP address) created a certain transaction and hence which
+IP address owns which addresses.

 ## RPC
Author	SHA1	Message	Date
Duke	4ed576a7e2	Explain the importance of p2p encryption	2024-01-05 13:06:21 -08:00
Duke	a358acab0b	More info about ciphersuites	2024-01-05 13:02:36 -08:00
Duke	ccc86839b9	More details about p2p encryption	2024-01-05 12:48:35 -08:00