Recipe: Peer-to-peer mesh design
A reference architecture for building resilient, self-organizing mesh networks with Meridian's peer discovery and relay primitives.
Topology
Nodes form a flat overlay mesh. Each peer maintains a partial view of the network via gossip-based membership. No single coordinator exists — leadership is determined by a distributed consensus round seeded from hardware-derived node identity.
Discovery
Bootstrap peers are resolved through DNS TXT records signed with Ed25519. Once connected, the peer exchanges a bloom-filtered neighbor table every 30 seconds. Stale entries are evicted after three missed heartbeats.
Relay
NAT traversal uses UDP hole-punching with a TURN fallback over ChaCha20-encrypted tunnels. Relay selection prefers the lowest latency path measured via a 4-byte echo probe sent at join time.
Security
All inter-node traffic is encrypted with ephemeral X25519 key exchanges rotated every hour. Node identity is bound to a TPM-backed attestation quote verified by the bootstrap peer before mesh entry is granted.
This recipe assumes Meridian SDK v3.2+. See the SDK reference for API details.