Running the first nostr relay on FIPS. If your have your fips node set up already you can try it out.
🧬 FIPS address: ws://npub1spxdug4m3y24hpx5crm0el4zhkk0wafs8kp6m0xu0wecygqej2xqq8gyhx.fips
🌐 Clearnet address:
wss://npub1spxdug4m3y24hpx5crm0el4zhkk0wafs8kp6m0xu0wecygqej2xqq8gyhx.fips.network
Get started guide here:
quoting
naddr1qv…r2fmWe're happy to announce the first tagged release of FIPS, the Free Internetworking Peering System.
FIPS is a self-organizing mesh network that lets nodes discover each other and route traffic without any central authority. It works natively over local area networks, the internet as an overlay, and is designed for Bluetooth, serial links, and radio. Nodes use Nostr keypairs as their identity — no registration, no servers, just generate a key and join.
This release marks the point where the core protocol works end-to-end and is ready for broader testing. It is alpha software: the wire format is not yet stable and will have breaking changes.
Where to Find Us
Repository: The codebase lives at two official locations:
- GitHub: https://github.com/jmcorgan/fips
- ngit: https://gitworkshop.dev/npub1y0gja7r4re0wyelmvdqa03qmjs62rwvcd8szzt4nf4t2hd43969qj000ly/relay.ngit.dev/fips
(The fips-network GitHub organization was flagged by GitHub and is under review. We've restored the original jmcorgan/fips URL in the meantime. So, if you starred or forked the original repository, you'll need to do so again.)
Website: https://fips.network
Nostr: Follow the FIPS project account for updates and discussion.
What's in v0.1.0
This release targets Linux (x86_64, aarch64) and OpenWrt (aarch64, x86_64). Other platforms are not yet supported.
Multi-Transport Mesh
FIPS nodes connect over UDP, TCP, or raw Ethernet/WiFi. Ethernet transport includes automatic peer discovery — plug into a LAN and nodes find each other without configuration. The transport layer is designed to be extended to Bluetooth, Tor, serial, and radio.
Dual-Layer Noise Encryption
All traffic is encrypted twice: hop-by-hop between mesh peers (Noise IK) and independently end-to-end between communicating nodes (Noise XK). Both layers perform periodic rekeying with fresh Diffie-Hellman exchanges for forward secrecy.
IPv6 Adaptation
Each node gets a deterministic fd00::/8 IPv6 address derived from its npub. A TUN interface and built-in DNS resolver let unmodified IP applications reach any mesh node:
ping6 npub1abc...def.fips ssh npub1abc...def.fipsStatic hostname mappings (
/etc/fips/hosts) let you assign friendly names likemyserver.fips.Operator Tooling
fipsctlprovides runtime inspection of peers, links, sessions, tree state, routing, and transport statistics.fipstopis an interactive TUI dashboard with live-updating views of the entire node state.Packaging
Multiple installation paths are ready for testing:
- Debian/Ubuntu:
.debpackage via cargo-deb with systemd integration- Generic Linux: systemd tarball installer
- OpenWrt:
.ipkpackages for aarch64 and x86_64- Docker: sidecar deployment for containerized services
Quick Start
# Build from source (Rust 1.85+, Linux) git clone https://github.com/jmcorgan/fips.git cd fips cargo build --release # Install (Debian/Ubuntu) cargo install cargo-deb cargo deb sudo dpkg -i target/debian/fips_*.deb # Or use the systemd tarball ./packaging/systemd/build-tarball.sh tar xzf deploy/fips-*-linux-*.tar.gz cd fips-*-linux-*/ sudo ./install.shEdit
/etc/fips/fips.yamlto add a bootstrap peer and start the daemon:peers: - npub: "npub1qmc3cvfz0yu2hx96nq3gp55zdan2qclealn7xshgr448d3nh6lks7zel98" alias: "fips-test-node" addresses: - transport: udp addr: "217.77.8.91:2121" connect_policy: auto_connectsudo systemctl start fips fipsctl show status fipstopTo run
fipsctlandfipstopwithout sudo, add your user to thefipsgroup:sudo usermod -aG fips $USER(log out and back in to take effect).Call for Testing
This is an alpha release — we want people to try it, break it, and tell us what happens. Here's how you can help:
- Join the mesh: Build and run a node. The test node listed above is a good bootstrap peer.
- Try the installers: We're particularly interested in feedback on the
.deb, systemd tarball, and OpenWrt.ipkpackages. Do they install cleanly? Does the systemd service start correctly?- Report issues: File bugs on GitHub or ngit.
- Read the design docs: The full protocol specification is at
docs/design/in the repository, starting withfips-intro.md.Work in Progress
- Additional transports (native Bluetooth, Tor overlay)
- Native FIPS API access (no IPv6 shim) via in-process library interface
- Peer discovery via Nostr relays
- Security audit of the cryptographic protocols
- Binary release packages
The full changelog is in the repository at CHANGELOG.md.
