cunicu/docs/ToDo.md

TODOs

• Sign published candidates with XEdDSA signatures

• Add peer discovery

• Add libp2p backend

• Separate code into multiple repos:

  • XEdDSA

• Contribute code into existing packages

  • Watch for interfaces in wgctrl

• Single socket per Wireguard interface / ICE Agent

  • Pass traffic in-process between userspace Wireguard and ICE sockets
  • Use Wireguard-go's conn.Bind interface

• Single eBPF program per network NS to steer STUN traffic to ICE Agents

  • Slides

• Use in-process pipe for wireguard-go's UAPI

• Update proxy instances instead of recreating them.

  • Avoids possible packet loss during change of candidate pairs

• Use pion/ice's udpmux for creating a RAW socket sharing

  • Sharing the same port as Wireguard kernel interface
  • Use BPF filters for filtering STUN-only traffic

• Add better proxy implementations for OpenBSD, FreeBSD, Android and Windows

• Test co-existance of multipe wice instances

  • nft tables might collide

• Use netlink multicast subscription for notification of Wireguard peer changes

  • Patch

• Use netlink multicast group RTMGRP_LINK to for notification of new Wireguard interfaces

• Add links to code in README

• Add XEdDSA and VXEdDSA signature schemes to JOSE IANA alg registry

• Add sub-commands for controlling wice deaemon:

  • wice show [[INTF] [PEER]]
  • wice add INTF
  • wice del INTF
  • wice discover INTF GROUP
  • wice sync [INTF]
  • wice restart INTF PEER
  • wice monitor

• Add check for availability of turnserver

• Add check for handshakes before attempting to ping

• Add context for waiting for events

• Use mermaid actor diagram for signaling docs

• Use RTT & packet loss for selecting ICE relay candidates

• Embed routing daemon into WICE

  • Facilitates reachability for non-directly connected peers
  • Candidates:
    • bio-rd
    • gobgp

• Add gRPC signaling backend by contacting already connected peers