Remove encryption public key options (they are now derived from ed25519 key conversion in IW), also bump link version number

cmd/yggdrasil/main.go

@@ -220,11 +220,7 @@ func main() {
 	}
 	// Have we been asked for the node address yet? If so, print it and then stop.
 	getNodeID := func() *crypto.NodeID {
-		if pubkey, err := hex.DecodeString(cfg.EncryptionPublicKey); err == nil {
+		// TODO: curve
-			var box crypto.BoxPubKey
-			copy(box[:], pubkey)
-			return crypto.GetNodeID(&box)
-		}
 		return nil
 	}
 	switch {

src/config/config.go

@@ -68,8 +68,6 @@ type NodeConfig struct {
 	AdminListen                 string                 `comment:"Listen address for admin connections. Default is to listen for local\nconnections either on TCP/9001 or a UNIX socket depending on your\nplatform. Use this value for yggdrasilctl -endpoint=X. To disable\nthe admin socket, use the value \"none\" instead."`
 	MulticastInterfaces         []string               `comment:"Regular expressions for which interfaces multicast peer discovery\nshould be enabled on. If none specified, multicast peer discovery is\ndisabled. The default value is .* which uses all interfaces."`
 	AllowedEncryptionPublicKeys []string               `comment:"List of peer encryption public keys to allow incoming TCP peering\nconnections from. If left empty/undefined then all connections will\nbe allowed by default. This does not affect outgoing peerings, nor\ndoes it affect link-local peers discovered via multicast."`
-	EncryptionPublicKey         string                 `comment:"Your public encryption key. Your peers may ask you for this to put\ninto their AllowedEncryptionPublicKeys configuration."`
-	EncryptionPrivateKey        string                 `comment:"Your private encryption key. DO NOT share this with anyone!"`
 	SigningPublicKey            string                 `comment:"Your public signing key. You should not ordinarily need to share\nthis with anyone."`
 	SigningPrivateKey           string                 `comment:"Your private signing key. DO NOT share this with anyone!"`
 	LinkLocalTCPPort            uint16                 `comment:"The port number to be used for the link-local TCP listeners for the\nconfigured MulticastInterfaces. This option does not affect listeners\nspecified in the Listen option. Unless you plan to firewall link-local\ntraffic, it is best to leave this as the default value of 0. This\noption cannot currently be changed by reloading config during runtime."`
@@ -113,14 +111,11 @@ type SwitchOptions struct {
 // using -autoconf.
 func GenerateConfig() *NodeConfig {
 	// Generate encryption keys.
-	bpub, bpriv := crypto.NewBoxKeys()
 	spub, spriv := crypto.NewSigKeys()
 	// Create a node configuration and populate it.
 	cfg := NodeConfig{}
 	cfg.Listen = []string{}
 	cfg.AdminListen = defaults.GetDefaults().DefaultAdminListen
-	cfg.EncryptionPublicKey = hex.EncodeToString(bpub[:])
-	cfg.EncryptionPrivateKey = hex.EncodeToString(bpriv[:])
 	cfg.SigningPublicKey = hex.EncodeToString(spub[:])
 	cfg.SigningPrivateKey = hex.EncodeToString(spriv[:])
 	cfg.Peers = []string{}
@@ -139,16 +134,6 @@ func GenerateConfig() *NodeConfig {
 	return &cfg
 }
 
-// NewEncryptionKeys replaces the encryption keypair in the NodeConfig with a
-// new encryption keypair. The encryption keys are used by the router to encrypt
-// traffic and to derive the node ID and IPv6 address/subnet of the node, so
-// this is equivalent to discarding the node's identity on the network.
-func (cfg *NodeConfig) NewEncryptionKeys() {
-	bpub, bpriv := crypto.NewBoxKeys()
-	cfg.EncryptionPublicKey = hex.EncodeToString(bpub[:])
-	cfg.EncryptionPrivateKey = hex.EncodeToString(bpriv[:])
-}
-
 // NewSigningKeys replaces the signing keypair in the NodeConfig with a new
 // signing keypair. The signing keys are used by the switch to derive the
 // structure of the spanning tree.

src/tuntap/tun.go

@@ -10,7 +10,6 @@ package tuntap
 
 import (
 	"crypto/ed25519"
-	"encoding/hex"
 	"errors"
 	"fmt"
 	"net"
@@ -23,7 +22,6 @@ import (
 
 	"github.com/yggdrasil-network/yggdrasil-go/src/address"
 	"github.com/yggdrasil-network/yggdrasil-go/src/config"
-	"github.com/yggdrasil-network/yggdrasil-go/src/crypto"
 	"github.com/yggdrasil-network/yggdrasil-go/src/defaults"
 	"github.com/yggdrasil-network/yggdrasil-go/src/types"
 	"github.com/yggdrasil-network/yggdrasil-go/src/yggdrasil"
@@ -118,7 +116,9 @@ func (tun *TunAdapter) Init(core *yggdrasil.Core, config *config.NodeState, log
 	tun.store.init(tun)
 	tun.config = config
 	tun.log = log
-	tun.core.SetOutOfBandHandler(tun.oobHandler)
+	if err := tun.core.SetOutOfBandHandler(tun.oobHandler); err != nil {
+		return fmt.Errorf("tun.core.SetOutOfBandHander: %w", err)
+	}
 
 	return nil
 }
@@ -141,12 +141,6 @@ func (tun *TunAdapter) _start() error {
 	if tun.config == nil {
 		return errors.New("no configuration available to TUN")
 	}
-	var boxPub crypto.BoxPubKey
-	boxPubHex, err := hex.DecodeString(current.EncryptionPublicKey)
-	if err != nil {
-		return err
-	}
-	copy(boxPub[:], boxPubHex)
 	sk := tun.core.PrivateKey()
 	pk := sk.Public().(ed25519.PublicKey)
 	tun.addr = *address.AddrForKey(pk)

src/yggdrasil/core.go

@@ -52,16 +52,10 @@ func (c *Core) _init() error {
 	}
 
 	c.secret = ed25519.PrivateKey(sigPriv)
-	sigPub := c.secret.Public()
+	c.public = c.secret.Public().(ed25519.PublicKey)
-	c.public = sigPub.(ed25519.PublicKey)
 
-	pc, err := iw.NewPacketConn(c.secret)
+	c.PacketConn, err = iw.NewPacketConn(c.secret)
-	if err != nil {
+	return err
-		return err
-	}
-	c.PacketConn = pc
-
-	return nil
 }
 
 // If any static peers were provided in the configuration above then we should

src/yggdrasil/version.go

@@ -22,7 +22,7 @@ func version_getBaseMetadata() version_metadata {
 	return version_metadata{
 		meta:     [4]byte{'m', 'e', 't', 'a'},
 		ver:      0,
-		minorVer: 0,
+		minorVer: 1,
 	}
 }