Package `go-libp2p-secio` is a libp2p [stream security transport](https://github.com/libp2p/go-stream-security). Connections wrapped by `secio` use secure sessions provided by this package to encrypt all traffic. A TLS-like handshake is used to setup the communication channel.
`go-libp2p-secio` is a component of the [libp2p project](https://libp2p.io), a
modular networking stack for developing peer-to-peer applications. It provides a
secure transport channel for [`go-libp2p`][go-libp2p]. Following an initial
plaintext handshake, all data exchanged between peers using `go-libp2p-secio` is
encrypted and protected from eavesdropping.
libp2p supports multiple [transport protocols][docs-transport], many of which
lack native channel security. `go-libp2p-secio` is designed to work with
go-libp2p's ["transport upgrader"][transport-upgrader], which applies security
modules (like `go-libp2p-secio`) to an insecure channel. `go-libp2p-secio`
implements the [`SecureTransport` interface][godoc-securetransport], which
allows the upgrader to secure any underlying connection.
More detail on the handshake protocol and wire format used is available in the
[SECIO spec][secio-spec].
## Install
`go-libp2p-secio` is a standard Go module which can be installed with:
Most people building applications with libp2p will have no need to install
`go-libp2p-secio` directly. It is included as a dependency of the main
[`go-libp2p`][go-libp2p] "entry point" module and is enabled by default.
For users who do not depend on `go-libp2p` and are managing their libp2p module
dependencies in a more manual fashion, `go-libp2p-secio` is a standard Go module
which can be installed with:
```sh
go get github.com/libp2p/go-libp2p-secio
...
...
@@ -26,17 +47,27 @@ or by editing your `go.mod` file as [described by the gomod documentation](https
## Usage
For more information about how `go-libp2p-secio` is used in the libp2p context, you can see the [go-libp2p-conn](https://github.com/libp2p/go-libp2p-conn) module.
`go-libp2p-secio` is enabled by default when constructing a new libp2p
[Host][godoc-host], and it will be used to secure connections if both peers
support it and [agree to use it][conn-spec] when establishing the connection.
You can disable SECIO by using the [`Security` option][godoc-security-option]
when constructing a libp2p `Host` and passing in a different `SecureTransport`