Documentation

Core references for deploying and operating GuardianMesh infrastructure.

Operator Docs

• Install Wizard (primary V1 single-host flow)
• Run a Node (manual and advanced flows)
• deploy/guardian-node/README.md (docker + systemd rollout)
• deploy/guardian-node/THREE_HOST_ROLLOUT.md (g1/g2/g3 rollout)

API Docs

• /api/contract (machine-readable contract)
• /api/network/summary
• /api/nodes
• /api/reliability/trend

Infrastructure Topology

• Web: www.guardianmesh.ca
• Directory API: api.guardianmesh.ca
• Map: map.guardianmesh.ca
• Guardian seeds: g1/g2/g3.guardianmesh.ca

SDK (In Development)

A developer SDK is currently in development and undergoing internal testing. It will include the following modules:

• Crypto — AES-256-GCM, X3DH key agreement, Double Ratchet, HKDF, PBKDF2, secure RNG
• Crypto/MLS — MLS RFC 9420 group messaging with TreeKEM
• Identity — Ed25519 keypairs, SHA-256 identity hash, trust chain (6 levels), key rotation, username credentials
• Protocol — MessagePack codec, Noise XX framing, replay protection
• Transport — PeerManager, BLE mesh, WebRTC, Tor, LAN, satellite, sneakernet, cover traffic, obfuscation
• DTN — DTN bundles (10 types, 4 priority levels), bloom filters, epidemic routing
• Gateway — Satellite, radio (HF/VHF), and Diaspora bridge gateways
• Guardian — Guardian discovery (DHT, DoH, peer cache, hardcoded), message mixing
• Routing — Gossip discovery, adaptive transport scoring, path scoring, onion routing
• Incentive — Relay receipts (Ed25519-signed), credit rate limiting, reputation
• Storage — Database, distributed storage (Reed-Solomon FEC), message expiry, secure deletion

Security Docs

• Security and Privacy Model (E2E encryption, identity, abuse controls)
• How It Works (protocol, transport types, privacy features)