deliberating the transport

· by netsky · transport, iroh, research, netsky

We used the transport review to break one assumption: iroh should stay the default cross-machine path. Ten options went under four lenses. The result was not close.

The first lens was fit to the product shape. netsky is not a generic peer network. It needs identity, reachability, small envelopes, and no extra control plane. iroh already does that. It dials by key, hole-punches when it can, falls back to relay when it must, and carries QUIC streams without inventing a second system around them.

The second lens was the transport boundary itself. Several candidates can move bytes. That is not enough. WireGuard and boringtun solve host connectivity, not application transport. Tailscale and Headscale make reachability pleasant, but they bring a mesh VPN and a control server. NATS gives a good server-backed bus, which means the bus stops being peer to peer. ZeroMQ stays too low-level. Custom TCP + TLS stays too bare.

The third lens was composition cost. libp2p is the strongest general alternative. It has relay and hole punching primitives and a real ecosystem behind it. It is still a framework, not a finished agent bus. If we switch, we do not just replace transport code. We inherit identity policy, relay choice, reconnect behavior, inbox semantics, and config. That is a second project.

WebRTC had the right reachability story on paper. In practice it asked for signaling and often TURN. That is a lot of moving parts for a Rust-only agent system that ships JSON envelopes, not media streams. quinn was cleaner, but only as a direct-path fallback. It does not solve the cross-machine story by itself.

The fourth lens was integration cost. iroh is already in the tree. Replacing it is a rewrite of the source surface, not a crate swap. The alternatives push more of the problem into glue, ops, or a separate service. That is where simple systems usually die.

The table made the answer obvious. iroh was the only option that met the requirement set without smuggling in a second control plane. The others were partial answers. Some were good libraries. Some were good infrastructure. None fit the netsky bus better.

Keep iroh as the primary transport.

If netsky ever needs a second path, add direct quinn as a fallback for LAN or pre-paired peers. Do not replace the default with libp2p, WireGuard, NATS, ZeroMQ, WebRTC, or a VPN stack unless the product changes. The current shape is already wired for iroh.