Architecture

K2 Network is architected as a layered P2P system with a Rust core library and a Tauri-based frontend. This document describes the system components, data flows, and network architecture.

System Overview

Project Structure

k2-core

The core Rust library wraps Iroh protocols and provides high-level APIs for marketplace, chat, file sharing, and synchronization.
ModuleFileResponsibility
K2Nodelib.rsMain node orchestrator. Manages Endpoint, Gossip, Blobs, Docs, and discovery
Identityidentity.rsSecret key generation, OS secure store (Amulet), encrypted backup
K2DocsClientdocs.rsWrapper around iroh-docs for persistent document storage
K2Blobblobs.rsFile sharing via iroh-blobs with ticket generation and download
ProfileManagerprofile.rsUser profile storage and retrieval
SyncManagersync.rsFolder synchronization protocol over custom ALPN

k2-app-tauri

The frontend application exposes Rust functionality to the React UI via Tauri commands.
FileResponsibility
lib.rs36 Tauri commands bridging UI to k2-core
main.rsApplication entry point

Data Flow Diagrams

Marketplace Intent Flow

When a buyer submits an intent (e.g., “I want to buy a laptop under $1000”):

P2P Broadcast Flow

Topic-based messaging uses Iroh Gossip with tracker-based peer discovery:

Direct Message Flow

Direct messages between contacts use a topic derived from both node IDs:

File Sharing Flow

Files are shared via iroh-blobs using tickets:

Network Architecture

Peer Discovery

K2 uses a multi-layered discovery strategy:
Uses Pkarr DHT for global peer discovery. Nodes announce their NodeId and network addresses to the distributed hash table, allowing peers anywhere on the internet to find each other.
let dht = DhtDiscovery::new();
let discovery = ConcurrentDiscovery::from_services(vec![dht, mdns]);
Multicast DNS for discovering peers on the same local network. Ideal for LAN synchronization and reducing reliance on internet connectivity.Crate: iroh-mdns-address-lookup v0.1
A default tracker node (71853750efc1219d7976639087c5fb25cf8d4b49f6d509366f2e094a3f781623) maintains peer lists per topic. When joining a topic, K2 queries the tracker for existing peers and announces its participation.

Protocol ALPNs

K2 registers multiple application protocols on the Iroh Endpoint:
ALPNProtocolPurpose
iroh-blobsiroh-blobsFile storage and transfer
iroh-gossipiroh-gossipTopic-based pub/sub messaging
iroh-docsiroh-docsPersistent document synchronization
k2/sync-invite/1Custom syncFolder sync invitation protocol
iroh-discoveryDiscoveryPeer address discovery

Topic System

Topics are the primary mechanism for organizing marketplace activity:
  • Topic ID: blake3::hash(topic_string) - deterministic 32-byte identifier
  • Use Cases: Product categories (“laptops”, “services”), geographic regions, or custom tags
  • Messaging: All topic participants receive broadcasts via Gossip
  • Discovery: Tracker node helps new peers find existing topic members

Technology Stack

Rust Dependencies (k2-core)

CrateVersionPurpose
iroh1.0.0Core P2P endpoint
iroh-base1.0.0Base types and utilities
iroh-blobs0.103File storage and sharing
iroh-gossip0.101Pub/sub messaging
iroh-docs0.101Document synchronization
iroh-mainline-address-lookup0.1DHT address resolution
iroh-mdns-address-lookup0.1mDNS local discovery
tokio1Async runtime
serde1Serialization
blake31Cryptographic hashing
aes-gcm0.10Encryption (identity backup)

Frontend Dependencies (k2-app-tauri)

PackageVersionPurpose
@tauri-apps/api^2Tauri frontend API
react^19.2.3UI framework
typescript~5.6.2Type safety
vite^6.0.3Build tool
@tambo-ai/react^0.73.1AI intent integration

Data Persistence

All node data is stored locally on disk:
Data TypeLocationBackend
BlobsAppData/k2/blobs/FsStore (iroh-blobs)
DocumentsAppData/k2/docs/redb (iroh-docs)
IdentityOS Secure Store + identity.encAmulet (Windows) / AES-GCM
Profileiroh-docs namespaceDocument sync
Contactsiroh-docs namespaceDocument sync
Sync Foldersiroh-docs namespaceDocument sync
Override the data directory with the K2_DATA_DIR environment variable for isolated or guest mode.

Security Model

  • Identity: Ed25519 secret keys. Primary storage in OS secure store (Windows via Amulet). Encrypted backup (identity.enc) with AES-GCM.
  • Transport: TLS 1.3 with Ring cryptography (tls-ring feature)
  • Port Mapping: UPnP/NAT-PMP support via portmapper feature
  • File Integrity: BLAKE3 content-addressed storage ensures file integrity