Why not give every libp2p node an IP.ip.libp2p.io address and certificate?
Currently the browser communicates over ONE signalling server and a few bootstrapper nodes (which then get used as releays for all the other TCP nodes)
When a large number of browser nodes using the default configuration joins the network those nodes and the server get overloaded pretty quickly. Additionally they can be all blocked by some malicious government (china, russia, ...) thus creating a single point of failure.
The only solution would be to make the browser connect to some other websocket-capable nodes.
Problem: HTTP on HTTPS is disabled due to security
Solution: HTTPS enabled websocket nodes
A libp2p node (the "server") will run a special dns server that resolves ips encoded in subdomains to real ips. Example: ip48-8-8-8.ip.libp2p-nodetrust.tk => [A] 8.8.8.8
This server will additionally offer letsencrypt certificates for the domain over the /nodetrust/2.0.0 protocol which requires the client to connect over tcp in order to determine it's ip address.
Nodes will then announce themselves over floodsub in the _nodetrust_discovery_v2 channel. Those messages will get relayed by the server.
Additionally the clients will relay each others floodsub messages so there is no single point of failure after the certificate has been obtained.
Might be outdated
The configs for development have already been created for you. In order to launch the 3 services in 1 terminal we recommend Overmind
Go to server/src and run overmind s
You need a certificate for ip4127-0-0-1.ip.libp2p-nodetrust.tk to use the server-stub. You can either generate a self-signed using server/gencert.sh or request a valid one from me at mkg20001 at gmail dot com.
Run nodemon src/bin.js ./config.dev.json in the server/ directory
Run nodemon -x env NODETRUST_IGNORE_ID_FILTER=1 SKIP_NAT=1 USE_LOCAL=1 node test-client.js