2026-03-24T16:59:14Z https://yabu.me fips https://yabu.me/npub1y0gja7r4re0wyelmvdqa03qmjs62rwvcd8szzt4nf4t2hd43969qj000ly https://blossom.primal.net/686f6a2747e20e97e3ce5a7e6d7e0ec6e4e8ede023e72094e28028a514368013.png https://blossom.primal.net/686f6a2747e20e97e3ce5a7e6d7e0ec6e4e8ede023e72094e28028a514368013.png https://yabu.me/nevent1qqszxhda0qkem32mxvhmxupe66nfxqz2pz8hte74xkdvj86rrsvnrdgzyq3azthcw509acn8ld35r47yrw2rfgdenp57qgfwkdx4d2akkyhg5282hpz FIPS v0.2.0 is here!<br/><br/>Make sure to update your nodes as it includes some breaking changes!<br/><br/>To join the mesh, connect to our pubic nodes over TCP/UDP:<br/>- testnode1.fips.network<br/>- testnode2.fips.network<br/><blockquote class="border-l-05rem border-l-strongpink border-solid"><div class="-ml-4 bg-gradient-to-r from-gray-100 dark:from-zinc-800 to-transparent mr-0 mt-0 mb-4 pl-4 pr-2 py-2">quoting <br/><span itemprop="mentions" itemscope itemtype="https://schema.org/Article"><a itemprop="url" href="/naddr1qvzqqqr4gupzqg739mu828j7ufnlkc6p6lzph9p55xues60qyyhtxn2k4wmtzt52qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgkwaehxw309aex2mrp0yhxg6t5w3hjuur4vghsqynxd9c8xttkxqerqttjv4kx2ctnv4jqha7h4l" class="bg-lavender dark:prose:text-neutral-50 dark:text-neutral-50 dark:bg-garnet px-1">naddr1qv…7h4l</a></span> </div> <p>FIPS v0.2.0 is now available. This release includes a major discovery protocol overhaul, Tor transport support, runtime peer management, and 12 bug fixes.</p> <h2 id="highlights-2">Highlights</h2> <h3 id="smarter-discovery-routing-2">Smarter Discovery Routing</h3> <p>The discovery protocol has been rewritten to use bloom-filter-guided tree routing instead of flooding. Lookups are now forwarded only to spanning tree peers whose bloom filter contains the target, reducing discovery traffic by 90%. When no tree peer matches, a non-tree fallback preserves reachability. The new design includes originator retry with exponential backoff and transit-side rate limiting for defense-in-depth.</p> <h3 id="tor-transport-2">Tor Transport</h3> <p>Nodes can now peer over Tor using SOCKS5 for outbound connections and directory-mode onion services for inbound. This enables anonymous peering without exposing IP addresses.</p> <h3 id="runtime-peer-management-2">Runtime Peer Management</h3> <p>New <code>fipsctl connect</code> and <code>fipsctl disconnect</code> commands allow adding and removing peers at runtime without restarting the daemon. Supports hostname resolution from <code>/etc/fips/hosts</code>.</p> <h3 id="reproducible-builds-2">Reproducible Builds</h3> <p>The build infrastructure now produces deterministic, reproducible packages. Rust toolchain pinning via <code>rust-toolchain.toml</code> and <code>SOURCE_DATE_EPOCH</code> timestamps ensure bit-identical output across builds from the same commit.</p> <h2 id="breaking-change-2">Breaking Change</h2> <p>This release changes the discovery wire format. The visited bloom filter has been removed from LookupRequest, and a forwarded flag has been added to LookupResponse. <strong>Nodes running v0.1.0 cannot interoperate with v0.2.0 on discovery.</strong> All mesh nodes must be upgraded to v0.2.0.</p> <h2 id="bug-fixes-2">Bug Fixes</h2> <ul> <li><p>DNS responder NXDOMAIN for A queries on <code>.fips</code> names (#9)</p></li> <li><p>Stale sessions blocking reconnect (#5)</p></li> <li><p>Rekey dual-initiation race on Tor links</p></li> <li><p>Rekey cutover race causing AEAD failures</p></li> <li><p>Post-rekey jitter spikes corrupting EWMA (#10)</p></li> <li><p>ICMPv6 PTB source address ignored by Linux (#16)</p></li> <li><p>Parent selection bypassing SRTT eligibility gate</p></li> <li><p>Auto-connect peers permanently abandoned after retry exhaustion</p></li> <li><p>MMP metric discontinuity across rekey</p></li> <li><p>Control socket permissions for non-root users</p></li> <li><p>Reconnect backoff reset on link-dead cycles (#5)</p></li> <li><p>ETX unresponsive to recent loss (#14)</p></li> </ul> <h2 id="install-2">Install</h2> <p>Packages available:</p> <ul> <li><p>Debian/Ubuntu: <code>.deb</code> package</p></li> <li><p>Systemd tarball: <code>fips-0.2.0-linux-x86_64.tar.gz</code></p></li> <li><p>OpenWrt: opkg <code>.ipk</code> package</p></li> <li><p>Source: <a href="https://github.com/jmcorgan/fips">https://github.com/jmcorgan/fips</a></p></li> </ul> <h2 id="contributors-2">Contributors</h2> <p>@jmcorgan, @v0l, @alopatindev, @Origami74</p> <p>Full changelog: <a href="https://github.com/jmcorgan/fips/blob/master/CHANGELOG.md">https://github.com/jmcorgan/fips/blob/master/CHANGELOG.md</a></p> </blockquote> 2026-03-22T21:43:13Z