How to get the certhash for webrtc? #2406
-
Trying to understand how to make browser to server communication work over webrtc. I am looking at the example in the docs for js-libp2p/transport-webrtc and there I see this: const ma = multiaddr('/ip4/0.0.0.0/udp/56093/webrtc/certhash/uEiByaEfNSLBexWBNFZy_QB1vAKEj7JAXDizRs4_SnTflsQ') This has me stumped. Why is there a hardcoded There are lots of docs on WebRTC. Many are a real interesting read. But when it comes to setting this up practically speaking, initially just for a Node JS server running on localhost and later for a public server running on some public IP somewhere, I am running into a dead end. I would be willing to update the docs with PRs, if I can get into a place where I actually understand how to do it myself. But as of yet I have no idea where this magic hardcoded value is coming from and what I could do to get this value for my own server. Any help would be greatly appreciated. |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments
-
To make matters a bit more practical, I created a very small program that represents my current attempt at starting a node that supports circuit-relay and webRTC (because I understand that WebRTC requires Circuit-Relay but please correct me if I'm wrong). I am generating a public/private keypair at the start of the program and generating a peerid based on that.... So if I need to do something with e.g. the private key in order to generate the certhash, it can be done once I know how... Example programimport type { PeerId, PrivateKey, PublicKey } from '@libp2p/interface'
import { keys } from '@libp2p/crypto'
import { peerIdFromKeys } from '@libp2p/peer-id'
import { createLibp2p } from 'libp2p'
import { circuitRelayTransport } from '@libp2p/circuit-relay-v2'
import { webRTC } from '@libp2p/webrtc'
import { noise } from '@chainsafe/libp2p-noise'
import { yamux } from '@chainsafe/libp2p-yamux'
type PeerInfo = {
peerId: PeerId;
privateKey: PrivateKey;
publicKey: PublicKey;
}
async function generatePeerInfo(): Promise<PeerInfo> {
console.info('Generating a secp256k1 private/public key pair...')
const privateKey: PrivateKey = await keys.generateKeyPair('secp256k1')
console.info('Generated a secp256k1 private key. Extracting public key...')
const publicKey: PublicKey = privateKey.public;
console.info('Extracted public key. Generating PeerId...')
const peerId: PeerId = await peerIdFromKeys(publicKey.bytes, privateKey.bytes)
console.info('Generated PeerId: ' + peerId.toString())
return {
peerId,
privateKey,
publicKey
}
}
async function createNode (peerInfo: PeerInfo) {
return await createLibp2p({
peerId: peerInfo.peerId,
// libp2p nodes are started by default,
// pass false to override this
start: false,
addresses: {
listen: [
`/webrtc`,
]
},
transports: [
circuitRelayTransport(),
webRTC(),
],
connectionEncryption: [noise()],
streamMuxers: [yamux()],
})
}
// generate peer info
const peerInfo: PeerInfo = await generatePeerInfo()
// create a node using generated peer info
const node = await createNode(peerInfo)
// start the node
await node.start()
// log multi addresses
console.info('Node listening on ', node.getMultiaddrs())
// stop the node
await node.stop()
console.info('Node stopped'); Example program outputGenerating a secp256k1 private/public key pair...
Generated a secp256k1 private key. Extracting public key...
Extracted public key. Generating PeerId...
Generated PeerId: 16Uiu2HAkxwMUYVjNJetbMYtUJACwibUC35NYcXDwHTpMjLmjtNEq
Node listening on []
Node stopped My expectationI am expecting to get some listening addresses so I can contact the running node from some other node. But as you can see from the output it prints only an empty array after |
Beta Was this translation helpful? Give feedback.
-
Since first asking this question, I have done some more research, mostly by looking at the browser pubsub example, which uses both WebRTC and Circuit Relay. Following the instructions in that example, I have been able to directly connect one node running in the browser to another node running in the browser. I have verified that even after I terminate the server node (running the relay server), both nodes in the browser are still able to communicate with each other. So that is good news. However, I still don't understand where the certhash comes into the picture and how to manage it (if indeed it needs to be managed in the first place?). Here is what I am seeing in the browser pubsub example: I open a relay server
If I dial this address from a second browser node, they see each other as peers. I can subscribe both to the same pubsub topic and if one node publishes a message to the topic, the other node sees it. This works even after stopping the relay server. So that is the good news. The bad news is that I still have no idea where the I have something working now but with little actual understanding on my part. Maybe that will come later as I expand on this example and read more of the source code.... But as far as docs and guides go I simply cannot find the answer and also this question got zero answers so far... I am trying to help improve the docs but I cant unless I understand it myself so that is a bit of a catch-22. Hoping people that understand it better than me can chime in on this question to help me improve my understanding to the point where I can contribute to the docs better. |
Beta Was this translation helpful? Give feedback.
-
I am trying to solve this exact problem. See the following https://github.com/libp2p/specs/blob/master/webrtc/webrtc-direct.md
I tried generating a selfsigned certificate via https://github.com/jfromaniello/selfsigned and extracting the fingerprint. Then hashing this with sha256 multihash, then encoding with multibase (base64url). However my solution does not work. |
Beta Was this translation helpful? Give feedback.
-
It's only used by the WebRTC Direct transport which is dial-only in browsers and not implemented in Node.js (the other flavour of WebRTC OTOH is implemented in browsers, node, electron, etc). You should be able to obtain it from the multiaddr of the server, which you'd get by some out-of-band method. Unfortunately the WebRTC readme was out of date and showed an example for WebRTC Direct but used a multiaddr with a |
Beta Was this translation helpful? Give feedback.
certhash
is the hash of the SSL certificate the listener is using to encrypt the connection and is not derived from the PeerId.It's only used by the WebRTC Direct transport which is dial-only in browsers and not implemented in Node.js (the other flavour of WebRTC OTOH is implemented in browsers, node, electron, etc).
You should be able to obtain it from the multiaddr of the server, which you'd get by some out-of-band method.
Unfortunately the WebRTC readme was out of date and showed an example for WebRTC Direct but used a multiaddr with a
webrtc
protocol instead ofwebrtc-direct
. I've updated it now, please open a PR if you think it can be improved further - https://github.com/libp2p/js-…