peer-to-peer toolkit

Share files. Make calls. Send messages. No server required.

One binary. One identity. Everything encrypted, everything direct. Works behind NAT. Works through onion-routed relay chains where no single entity knows both endpoints.

$ git clone https://github.com/quorum-io/quic-node

Rust 2024 edition · Linux, macOS, Windows · view source

What it does

Three things. All encrypted. All direct.

Every transfer uses QUIC with TLS 1.3. Every identity is Ed25519. Every file is BLAKE3-verified. No accounts, no uploads, no third parties.

↗

Share files

Content-addressed file transfer. Files identified by their BLAKE3 hash, verified on receipt, transferred directly between machines.

# serve a file
$ p2p serve movie.mp4
indexing...
4e8015f44eb71c12 movie.mp4
serving on 192.168.1.5:9000

# fetch it
$ p2p get 192.168.1.5:9000 4e8015f4

☎

Voice calls

Real-time voice over QUIC streams. Direct, through a relay, or with a one-time call code. No app, no account, no recording.

# host a call
$ p2p voice --token-only
call code:
p2pt://192.168.1.5:9000/...

# join
$ p2p call p2pt://...

≡

Encrypted messaging

End-to-end encrypted chat over the same transport. X25519 key exchange, ChaCha20-Poly1305 encryption, Ed25519 signed messages. Mutual consent required.

# start a conversation
$ p2p chat 192.168.1.5:9000
key exchange... established
consent: accepted

# or route through a relay
$ p2p chat p2p://relay:9001/...

Layered privacy

Three modes. You choose the tradeoff.

Start simple. Add authentication when you need control. Add onion routing when you need privacy. Same binary, same commands, different flags.

MODE 01

Direct

Peer-to-peer over QUIC. Optional whitelist or token auth. Both parties know each other's address. Simplest, fastest.

You ←QUIC→ Peer

MODE 02

Relay

Single-hop through a relay. Solves NAT. Both sides see the relay, not each other. Relay holds no data — just bridges streams using Doorman token matchmaking.

You ←→ Relay ←→ Peer

MODE 03

Onion chain

Split-path routing through multiple relays. Each relay knows only its neighbors. No single entity knows both endpoints. Forward secrecy via ephemeral X25519.

You → R1 → R2 → RV ← R3 ← R4 ← Peer

Onion routing

Who knows what

In onion mode, every entity in the chain has strictly limited visibility. No one sees the full picture.

Entity	Your IP	Peer's IP	Neighbors	Full path
You	yes	no	first hop only	no
Your relay (R1)	yes	no	you + R2	no
Middle relay (R2)	no	no	R1 + rendezvous	no
Rendezvous (RV)	no	no	R2 + R3	no
Peer's relay (R4)	no	yes	R3 + peer	no
Peer	no	yes	last hop only	no

Under the hood

Protocol stack

Five layers. No framing. No verb dispatch. Raw bytes on QUIC bidirectional streams.

Services (file, voice, chat, ...) Application protocols — add new ones by defining a service_id + stream handler application

Auth Protocol (Ed25519 mutual) Identity verification, whitelist checking, token validation auth

TLS Certificates (Ed25519 + DID) DID embedded in X.509 Common Name for peer verification identity

Onion Capsules (X25519 + XChaCha20) Route privacy — each relay peels one layer, learns only the next hop optional

QUIC (TLS 1.3, multiplexed streams) Encrypted transport via rustls + quinn — handles congestion, ordering, encryption transport

Cryptographic primitives

No custom crypto. Established algorithms, audited implementations.

Ed25519

identity, signatures, mutual auth

X25519

Diffie-Hellman key exchange

XChaCha20-Poly1305

capsule + payload encryption

BLAKE3

content hashing, KDF, DID derivation

TLS 1.3

QUIC transport encryption (rustls)

QUIC

multiplexed streams (quinn)

Open source

Read every line. Run your own.

~3,800 lines of Rust. Single binary. Zero trust required.

The entire protocol is open source. The relay holds no data. Your identity lives in a 32-byte file on your machine. Fork it, audit it, run it yourself.

View on GitHub

Also from Quorum IO

Need governance, not just transport?

quic-node is built for individuals. For organisations, legal bodies, and institutions that need cryptographically verified collective decision-making, there's Node.

Enterprise / Institutional

Node

A peer-to-peer governance protocol for organisations that need real accountability — not just connectivity. Supermajority quorum sensing, post-quantum Dilithium3 signatures, human-in-the-loop audit registries, and federated blacklisting. Built for legal bodies, DAOs, co-operatives, and institutions where decisions need to be tamper-proof and verifiable for decades.

67% supermajority Dilithium3 post-quantum Human-verified audits Portable identity No central server

You are An individual, developer, or small team

You need Files, calls, messages — fast

They are An organisation, legal body, or institution

They need Governance, consensus, verifiable records

Access Node Read the whitepaper