Merge branch 'master' into master

core/crypto/ecdsa_test.go

@@ -25,7 +25,7 @@ func TestECDSABasicSignAndVerify(t *testing.T) {
 	}
 
 	if !ok {
-		t.Fatal("signature didnt match")
+		t.Fatal("signature didn't match")
 	}
 
 	// change data

core/crypto/rsa_test.go

@@ -24,7 +24,7 @@ func TestRSABasicSignAndVerify(t *testing.T) {
 	}
 
 	if !ok {
-		t.Fatal("signature didnt match")
+		t.Fatal("signature didn't match")
 	}
 
 	// change data

core/crypto/secp256k1_test.go

@@ -24,7 +24,7 @@ func TestSecp256k1BasicSignAndVerify(t *testing.T) {
 	}
 
 	if !ok {
-		t.Fatal("signature didnt match")
+		t.Fatal("signature didn't match")
 	}
 
 	// change data

core/routing/routing.go

@@ -76,7 +76,7 @@ type Routing interface {
 	ValueStore
 
 	// Bootstrap allows callers to hint to the routing system to get into a
-	// Boostrapped state and remain there. It is not a synchronous call.
+	// Bootstrapped state and remain there. It is not a synchronous call.
 	Bootstrap(context.Context) error
 
 	// TODO expose io.Closer or plain-old Close error

defaults.go

@@ -27,8 +27,8 @@ import (
 // Useful when you want to extend, but not replace, the supported transport
 // security protocols.
 var DefaultSecurity = ChainOptions(
-	Security(noise.ID, noise.New),
 	Security(tls.ID, tls.New),
+	Security(noise.ID, noise.New),
 )
 
 // DefaultMuxers configures libp2p to use the stream connection multiplexers.

examples/multipro/pb/p2p.proto

@@ -16,7 +16,7 @@ message MessageData {
 
 //// ping protocol
 
-// a protocol define a set of reuqest and responses
+// A protocol defines a set of requests and responses.
 message PingRequest {
     MessageData messageData = 1;
 
@@ -36,7 +36,7 @@ message PingResponse {
 
 //// echo protocol
 
-// a protocol define a set of reuqest and responses
+// A protocol defines a set of requests and responses.
 message EchoRequest {
     MessageData messageData = 1;
 

p2p/host/autorelay/metrics.go

@@ -59,7 +59,7 @@ var (
 		prometheus.CounterOpts{
 			Namespace: metricNamespace,
 			Name:      "candidates_circuit_v2_support_total",
-			Help:      "Candidiates supporting circuit v2",
+			Help:      "Candidates supporting circuit v2",
 		},
 		[]string{"support"},
 	)
@@ -167,7 +167,7 @@ func NewMetricsTracer(opts ...MetricsTracerOption) MetricsTracer {
 	metricshelper.RegisterCollectors(setting.reg, collectors...)
 
 	// Initialise these counters to 0 otherwise the first reservation requests aren't handled
-	// correctly when using promql increse function
+	// correctly when using promql increase function
 	reservationRequestsOutcomeTotal.WithLabelValues("refresh", "success")
 	reservationRequestsOutcomeTotal.WithLabelValues("new", "success")
 	candidatesCircuitV2SupportTotal.WithLabelValues("yes")

p2p/host/autorelay/relay_finder.go

@@ -63,7 +63,7 @@ type relayFinder struct {
 	candidates                 map[peer.ID]*candidate
 	backoff                    map[peer.ID]time.Time
 	maybeConnectToRelayTrigger chan struct{} // cap: 1
-	// Any time _something_ hapens that might cause us to need new candidates.
+	// Any time _something_ happens that might cause us to need new candidates.
 	// This could be
 	// * the disconnection of a relay
 	// * the failed attempt to obtain a reservation with a current candidate

p2p/security/tls/transport.go

@@ -113,7 +113,7 @@ func (t *Transport) SecureOutbound(ctx context.Context, insecure net.Conn, p pee
 	for _, muxer := range t.muxers {
 		muxers = append(muxers, (string)(muxer))
 	}
-	// Prepend the prefered muxers list to TLS config.
+	// Prepend the preferred muxers list to TLS config.
 	config.NextProtos = append(muxers, config.NextProtos...)
 	cs, err := t.handshake(ctx, tls.Client(insecure, config), keyCh)
 	if err != nil {

p2p/test/security/bench_test.go

@@ -0,0 +1,130 @@
+package benchmark
+
+import (
+	"context"
+	crand "crypto/rand"
+	"io"
+	"net"
+	"sync"
+	"testing"
+
+	"github.com/libp2p/go-libp2p/core/crypto"
+	"github.com/libp2p/go-libp2p/core/peer"
+	"github.com/libp2p/go-libp2p/core/sec"
+	"github.com/libp2p/go-libp2p/p2p/security/noise"
+	tls "github.com/libp2p/go-libp2p/p2p/security/tls"
+	"github.com/stretchr/testify/assert"
+)
+
+type Factory func(*testing.B, crypto.PrivKey) sec.SecureTransport
+
+func benchmarkThroughput(b *testing.B, size int, factory Factory) {
+	privA, pubA, err := crypto.GenerateEd25519Key(crand.Reader)
+	assert.NoError(b, err)
+	idA, err := peer.IDFromPublicKey(pubA)
+	assert.NoError(b, err)
+	tptA := factory(b, privA)
+
+	privB, pubB, err := crypto.GenerateEd25519Key(crand.Reader)
+	assert.NoError(b, err)
+	idB, err := peer.IDFromPublicKey(pubB)
+	assert.NoError(b, err)
+	tptB := factory(b, privB)
+
+	// pipe here serialize the decryption and encryption, we might want both parallelised to reduce context switching impact on the benchmark.
+	// https://github.com/golang/go/issues/34502 would be ideal for the parallel usecase.
+	p1, p2 := net.Pipe()
+	var ready sync.Mutex    // wait for completed handshake
+	var finished sync.Mutex // wait until all data has been received
+	ready.Lock()
+	finished.Lock()
+	go func() {
+		defer finished.Unlock()
+		conn, err := tptB.SecureInbound(context.Background(), p2, idA)
+		assert.NoError(b, err)
+		ready.Unlock()
+
+		_, err = io.Copy(io.Discard, conn)
+		assert.NoError(b, err)
+	}()
+
+	conn, err := tptA.SecureOutbound(context.Background(), p1, idB)
+	assert.NoError(b, err)
+	ready.Lock()
+
+	buf := make([]byte, size)
+	b.SetBytes(int64(len(buf)))
+	b.ResetTimer()
+
+	for i := b.N; i != 0; i-- {
+		_, err = conn.Write(buf[:])
+		assert.NoError(b, err)
+	}
+	conn.Close()
+
+	finished.Lock()
+}
+func benchmarkHandshakes(b *testing.B, factory Factory) {
+	privA, pubA, err := crypto.GenerateEd25519Key(crand.Reader)
+	assert.NoError(b, err)
+	idA, err := peer.IDFromPublicKey(pubA)
+	assert.NoError(b, err)
+	tptA := factory(b, privA)
+
+	privB, pubB, err := crypto.GenerateEd25519Key(crand.Reader)
+	assert.NoError(b, err)
+	idB, err := peer.IDFromPublicKey(pubB)
+	assert.NoError(b, err)
+	tptB := factory(b, privB)
+
+	pipes := make(chan net.Conn, 1)
+
+	var finished sync.Mutex // wait until all data has been transferred
+	finished.Lock()
+	go func() {
+		defer finished.Unlock()
+		var throwAway [1]byte
+		for p := range pipes {
+			conn, err := tptB.SecureInbound(context.Background(), p, idA)
+			assert.NoError(b, err)
+			_, err = conn.Read(throwAway[:]) // read because currently the tls transport handshake when calling Read.
+			assert.ErrorIs(b, err, io.EOF)
+		}
+	}()
+	b.ResetTimer()
+
+	for i := b.N; i != 0; i-- {
+		p1, p2 := net.Pipe()
+		pipes <- p2
+		conn, err := tptA.SecureOutbound(context.Background(), p1, idB)
+		assert.NoError(b, err)
+		assert.NoError(b, conn.Close())
+	}
+	close(pipes)
+
+	finished.Lock()
+}
+
+func bench(b *testing.B, factory Factory) {
+	b.Run("throughput", func(b *testing.B) {
+		b.Run("32KiB", func(b *testing.B) { benchmarkThroughput(b, 32*1024, factory) })
+		b.Run("1MiB", func(b *testing.B) { benchmarkThroughput(b, 1024*1024, factory) })
+	})
+	b.Run("handshakes", func(b *testing.B) { benchmarkHandshakes(b, factory) })
+}
+
+func BenchmarkNoise(b *testing.B) {
+	bench(b, func(b *testing.B, priv crypto.PrivKey) sec.SecureTransport {
+		tpt, err := noise.New("", priv, nil)
+		assert.NoError(b, err)
+		return tpt
+	})
+}
+
+func BenchmarkTLS(b *testing.B) {
+	bench(b, func(b *testing.B, priv crypto.PrivKey) sec.SecureTransport {
+		tpt, err := tls.New("", priv, nil)
+		assert.NoError(b, err)
+		return tpt
+	})
+}