← Back to Project List
Iroh is a Rust native, QUIC-based modular P2P network library developed by N0, INC.(n0-computer). it has been released to the official version of **v1.0.0 (June 2026), with GitHub stars nearly 10,000 . The core positioning is "dial with public key, not IP address"-it provides a complete network stack, supporting NAT penetration (Hole Punching), relay Fallback (Relay Fallback), end-to-end encryption (QUIC/TLS 1.3) and multi-protocol combination. Iroh has been used for file transfer (sendme), audio and video calling (callme), LAN gaming (godot-iroh), collaborative note taking (Hubris), and has industry-level cross-language FFI bindings (Swift, Kotlin, Python, JavaScript). Pre-sales Core Selling Points : Lowering the threshold for P2P network development by 90% +, providing built-in NAT penetration/relay/encryption capability, out-of-the-box multi-language SDK, and combinable protocol layers (Blobs, Documents, Gossip) are modern alternatives to standard libp2p.

1. Project/Product Overview

1.1 basic information

DimensionContent
Project nameIroh
OrganizationN0, INC.(n0-computer)
GitHubhttps://github.com/n0-computer/iroh
Official Documentationhttps://iroh.computer/docs
Technical Documentationhttps://docs.rs/iroh
LanguageRust(99.9%)
LicenseApache 2.0 / MIT Dual License
Latest Versionv1.0.1(2026-06-29)
First Release v1.0.0(2026-06-15), after 65 + Release
GitHub Stars~ 10,000 (as of June 2026, increasing Trending ~ 369)
Number of submissions 2,486 +
Merge PR2,561 + (Closed)
Active Branch266
Discord Communitydiscord.gg/B4pzE3usDC

1.2 a sentence positioning

Dial keys. Not IPs. -- Iroh allows you to address and connect to the opposite end through public key instead of IP address, automatically complete NAT penetration, find the fastest path, fall back when relay fails, and always ensure end-to-end encryption.

1.3 Development Team

N0, INC.(n0-computer) is a start-up company focusing on decentralized infrastructure. Its core team has deep accumulation in P2P network, QUIC protocol and Rust system programming. Project core maintainers include:

-dignifiedquire(Friedel Ziegelmayer)-project leader

-matheus23, Frando, rklaehn -- Core Developer

The company also operates Iroh Services(https://services.iroh.computer/) and provides commercial products such as managed relay services.

2. What does it mostly do?

2.1 Core Function Matrix

┌─────────────────────────────────────────────────────────┐
│                    应用层协议                             │
│  iroh-blobs    iroh-docs    iroh-gossip   iroh-willow   │
│  (文件传输)    (协作KV)     (广播/订阅)    (Willow协议)   │
├─────────────────────────────────────────────────────────┤
│              Router(ALPN 多协议路由)                     │
├─────────────────────────────────────────────────────────┤
│              Endpoint(连接管理 / 身份 / NAT穿透)         │
├─────────────────────────────────────────────────────────┤
│              MagicSocket(多路径优化/ICE/延迟探测)         │
├─────────────────────────────────────────────────────────┤
│              QUIC + TLS 1.3(加密/多流/无队头阻塞)        │
├─────────────────────────────────────────────────────────┤
│           Transport 层(UDP / Tor / BLE 可切换)          │
└─────────────────────────────────────────────────────────┘

2.2 nine core competencies

  1. Public key addressing: Each endpoint is identified by a Ed25519 key pair ('EndpointId' = public key hash), and the identity remains unchanged no matter how the IP address changes.
  2. NAT Penetration (Hole Punching): Using QUIC' n0_nat_traversal 'extension, about 90% of the network environment can communicate directly in P2P.
  3. Relay Fallback: When NAT penetration fails, encrypted traffic is automatically transferred through the relay server (the relay cannot be decrypted).
  4. MagicSocket Intelligent Path Selection: Continuously detects multiple available paths (directly connected IPv4/IPv6, Relay), automatically switches to the lowest latency path, and there is no interruption during connection migration.
  5. End-to-end encryption:QUIC + TLS 1.3, all data (including relay traffic) end-to-end encryption.
  • ALPN multi-protocol routing *: A single Endpoint can run multiple protocols at the same time (such as Blobs + Gossip + Docs) and distribute them through ALPN strings.
  1. Composable Protocol Stack:

-iroh-blobs: supports incremental verification and resumable transmission of large files using content addressing in BLAKE3.

-iroh-docs: eventually consistent KV synchronization based on CRDT, which supports multi-author and real-time collaboration.

-iroh-gossip: publish-subscribe to broadcast networks, large-scale peer-to-peer distribution.

-iroh-willow:Willow Protocol implementation (under construction).

  1. Pluggable Transport Layer: supports custom Transport(Tor, BLE, Nym, etc.).

Cross-language/cross-platform: Offers native bindings for Rust, Swift(iOS/macOS), Kotlin(Android/JVM), Python, Node.js via FFI(uniffi).

2.3 Typical Use Scenarios

ScenarioProtocol usedSample project
P2P File Transferiroh-blobssendme
Audio and video callsiroh QUIC datagramscallme
Pipeline Data Forwardingiroh Connection Layerdumbpipe
Collaboration Notes/Documentsiroh-docsHubris
Game Multiplayeriroh Connection Layergodot-iroh
Mobile Code Editoriroh P2P Tunnelzedra
IoT/Raspberry Pi Remote Controliroh Connection Layerpigg
VPN Alternative (LAN Online)iroh Connection Layeriroh-lan

3. Applicable Scenario

3.1 the most suitable scene (strong demand, high ROI)

####🔹Scenario 1: Local-First / Offline-First Application

Iroh's core philosophy is naturally adapted to the Local-First architecture-the data is local and the network connection is "icing on the cake" rather than "necessary".

-Collaborative note/document editor: Realize real-time synchronization of multiple devices through iroh-docs CRDT, combined with iroh-blobs management attachments. Similar to Google Docs but without a central server.

-Customer Value: No need to maintain a synchronization server cluster; data privacy is guaranteed by end-to-end encryption; offline editing is seamlessly synchronized.

####🔹Scenario 2: Decentralized file distribution/download

-Large file P2P distribution: Use iroh-blobs BLAKE3 incremental checksum range requests to achieve BitTorrent-like distribution without tracker servers.

-CDN replacement/supplement: In internal networks or restricted environments, P2P transmission is used to reduce the pressure on the central bandwidth.

-Customer Value: 60-90% reduction in bandwidth costs; verifiable integrity (BLAKE3 hash);KB to TB files can be processed.

####🔹Scenario 3: Real-time communication (IM/audio/video/RPC)

-End-to-end encrypted chat: Based on QUIC's multi-stream capability and Gossip protocol, build an IM system without a central server.

-Audio and Video Calling:QUIC's non-queue blocking feature with datagram support is suitable for low-latency audio/video streaming.

-RPC between microservices: implements secure communication of service discovery through the iroh connection layer, replacing some scenarios of gRPC.

-Customer value: Zero trust security model; no need to deploy STUN/TURN server (Iroh built-in); low latency.

####🔹Scenario 4: Edge Computing/IoT/Embedded Devices

-Raspberry Pi/ESP32 remote control: Through public key addressing, no matter which network the device is on, it can connect securely.

- Smart Home Local Interconnection : No need for cloud transit, LAN direct connection.

-Customer Value: Very low resource consumption (Rust compilation); No need to fix public network IP;NAT automatic penetration.

####🔹Scene 5: Game Multiplayer Online

-Fighting/Strategy Game P2P Online: via Godot's godot-iroh plugin.

-P2P server connection for Minecraft games (discussed in the community).

-Customer Value: Game server cost to zero; Player NAT penetration> 90%; Automatic relay fallback.

3.2 adaptation scenes

-Enterprise internal tool/service communication: Replaces some VPN HTTP communication modes to implement zero-trust service mesh.

-Transport layer for blockchain/Web3 applications: replaces some of the capabilities of libp2p and provides a more concise and high-performance transport layer.

-Remote Desktop/Terminal Sharing: uses dumbpipe mode to realize pipeline data forwarding.

4. Not quite the scene

- Traditional Client-Server Web Application : If your system is essentially a browser request → server response mode, Iroh cannot bring obvious value; It is simpler to use HTTP directly.

-Scenarios that require native browser support:Iroh currently has limited support for browsers and WebAssembly (Wasm troubleshooting is discussed on the Discord) and is not the main target platform.

-Data synchronization with strong consistency:iroh-docs achieve final consistency based on CRDT. If the business requires strong consistency (such as bank transfer), an additional conflict resolution mechanism is required.

-Scenarios requiring deep integration with the existing TCP/HTTP ecosystem:Iroh is based on QUIC/UDP and cannot directly reuse TCP-based middleware (such as HTTP load balancer and TCP proxy). Although there is a custom Transport capability, the access cost is high.

-Ultra-low-power embedded devices: Although the Rust compilation product is small, the encrypted handshake and continuous connection maintenance of the QUIC protocol still have some CPU overhead.

5. Core Competence List

5.1 connection layer capability

CapabilityDescriptionMaturity
Public Key Addressing'EndpointId' is based on Ed25519 as a stable node ID✅v1.0 stable
NAT BreakthroughQUIC n0_nat_traversal extension. ~ 90% scenario success✅industry leading
Relay FallbackRelay server automatically relays encrypted traffic✅Production available
Multi-path probingMagicSocket continuous measurement of RTT of each path, automatic switching is optimal✅v1.0 stable
Connection MigrationConnection is not interrupted during network switch (WiFi → 5G)✅QUIC Native Capabilities
IPv4/IPv6 dual stackConcurrent connection between IPv4 and IPv6, whichever is the fastest✅Happy Eyeballs
Local DiscoveryAutomatically discover peers within the same LAN and directly connect✅Support

5.2 Protocol Layer Capabilities

AgreementCapabilitiesTechnical BasisStatus
iroh-blobsContent Addressed File Storage/TransferBLAKE3 Tree Hash, Incremental CheckStable (less than 1.0)
iroh-docsMulti-Author Collaboration KV StorageCRDT Range-based Set ReconciliationStable (less than 1.0)
iroh-gossippublish-subscribe broadcast networkextensible gossip protocolstable (less than 1.0)
iroh-willowWillow protocol implementationnew P2P data protocolunder construction
iroh-roqVideo/Audio StreamingQUIC StreamingAvailable

5.3 Relay Infrastructure Capability

CapabilityDescription
Public RelayFree to use, with rate limit, suitable for development/testing
Managed Relay(Iroh Services)SLA guarantee, authentication isolation, multi-region deployment
Self-hosted RelayOpen source 'iroh-relay binary', Docker deployment
Bearer Token authenticationAdded in v1.0 to control Relay access without external services
Let's Encrypt TLSRelay Server automatically obtains HTTPS certificate
Rate limitingBuilt-in token bucket algorithm

5.4 cross-language/platform capabilities

Language/PlatformPackage ManagementStatus
Rust'cargo add iroh'✅v1.0 Native
Swift(iOS/macOS)SwiftPM / Cocoapods ('IrohLib')✅v1.0-rc.1
Kotlin(Android/JVM)Maven Central ('computer.iroh:iroh')✅v1.0-rc.1
PythonPyPI ('iroh')✅v1.0-rc.1
Node.jsnpm ('@number0/iroh')✅v1.0-rc.1
C/CVia C FFI header✅Community Support

6. Architecture/deployment/integration approach

Overall 6.1 Architecture

┌──────────────────────────────────────────────────────┐
│                    你的应用程序                        │
│         (Rust / Swift / Kotlin / Python / JS)         │
│                                                       │
│  ┌──────────┐ ┌──────────┐ ┌──────────────┐          │
│  │  Blobs   │ │  Docs    │ │  Gossip      │  ...     │
│  └────┬─────┘ └────┬─────┘ └──────┬───────┘          │
│       │             │              │                   │
│  ┌────┴─────────────┴──────────────┴───────┐          │
│  │             Router                      │          │
│  │  (ALPN → ProtocolHandler 分发)          │          │
│  └──────────────────┬──────────────────────┘          │
│                     │                                 │
│  ┌──────────────────┴──────────────────────┐          │
│  │            Endpoint                      │          │
│  │  - 身份: EndpointId (Ed25519公钥)        │          │
│  │  - 连接: connect() / accept()            │          │
│  │  - NAT穿透: MagicSocket                 │          │
│  │  - 地址查找: DNS / Mainline DHT          │          │
│  └──────────────────┬──────────────────────┘          │
│                     │                                 │
│  ┌──────────────────┴──────────────────────┐          │
│  │       QUIC (noq) + TLS 1.3              │          │
│  └──────────────────┬──────────────────────┘          │
│                     │                                 │
│  ┌──────────────────┴──────────────────────┐          │
│  │           Transport (UDP/Tor/BLE)        │          │
│  └─────────────────────────────────────────┘          │
└──────────────────────────────────────────────────────┘

          ┌──────────────────────┐
          │    Relay 服务器       │
          │  - NAT Traversal 辅助 │
          │  - 中继回退           │
          │  - 无状态/无数据访问  │
          └──────────────────────┘

          ┌──────────────────────┐
          │   DNS 服务器          │
          │  (dns.iroh.link)     │
          │  - EndpointId 地址查找 │
          └──────────────────────┘

6.2 Deployment Model

Scheme A: Use Public Relay (Zero Operation and Maintenance)

# 无需任何配置,使用 N0 预设(内置公开 Relay 和 DNS 查找)
use iroh::{endpoint::presets, Endpoint};

// 一行代码启动,自动使用 N0 公开 Relay 和 DNS 查找
let endpoint = Endpoint::bind(presets::N0).await?;

Applicable: Development testing, prototype validation, small-scale deployment. There is a rate limit, no SLA.

Scenario B:Iroh Services Managed Relay (production recommended)

use iroh_services::preset;

// 使用 Iroh Services API Key,自动连接你的专属 Relay
let endpoint = Endpoint::bind(preset(api_key)).await?;

Cost: Pay-as-you-go, SLA, multi-region deployment, authentication isolation. For more information, see services.iroh.com puter.

Scenario C: Self-hosted Relay

# Docker 部署 iroh-relay
docker run -p 443:443 n0computer/iroh-relay \
  --http-bind-addr 0.0.0.0:443 \
  --tls-cert /etc/certs/fullchain.pem \
  --tls-key /etc/certs/privkey.pem

# 或直接运行二进制
iroh-relay --config /etc/iroh/relay.toml

Relay configuration example('relay.toml'):

[server]
http_bind_addr = "0.0.0.0:443"

[tls]
cert_path = "/etc/letsencrypt/live/relay.example.com/fullchain.pem"
key_path = "/etc/letsencrypt/live/relay.example.com/privkey.pem"

[access_control]
# Bearer token 模式
bearer_tokens = ["your-secret-token-here"]

[rate_limiting]
bytes_per_second = 10485760  # 10 MB/s

Deployment Requirements:

-Require public network reachable server (cloud hosting/VPS)

-2 vCPU / 2 GB RAM recommended to start (depending on concurrency)

-Trunking is stateless and horizontally scalable

-It is recommended to deploy one Relay in each region of the user set

6.3 the way to integrate into the application

Rust Native Integration (Recommended):

// Cargo.toml
// [dependencies]
// iroh = "1.0"
// iroh-blobs = "..."
// iroh-gossip = "..."

use iroh::{endpoint::presets, protocol::Router, Endpoint, EndpointAddr};

#[tokio::main]
async fn main() -> anyhow::Result<()> {
    // 1. 创建 Endpoint
    let endpoint = Endpoint::bind(presets::N0).await?;
    println!("我的 EndpointId: {}", endpoint.id());

    // 2. 连接对端(通过 EndpointAddr ticket)
    // let conn = endpoint.connect(addr, b"my-app/1.0").await?;

    // 3. 通过 Router 注册多个协议
    let router = Router::builder(endpoint)
        .accept(b"my-app/1.0".to_vec(), Arc::new(MyProtocol))
        .spawn()
        .await?;

    // 4. 等待关闭信号...
    router.shutdown().await?;
    Ok(())
}

Non-Rust language integration (using Python as an example):

# pip install iroh
import asyncio
from iroh import Endpoint, Router

async def main():
    endpoint = Endpoint.bind()
    print(f"Endpoint ID: {endpoint.id()}")

    # Router 和协议处理类似 Rust API
    # ...

asyncio.run(main())

6.4 Warehouse Structure

iroh/                          # 主仓库(monorepo)
├── iroh/                      # 核心库:Endpoint, Router, MagicSocket
├── iroh-relay/                # Relay 服务器实现
├── iroh-base/                 # 公共类型:Hash, Key, RelayUrl
├── iroh-dns-server/           # DNS 服务器(为 EndpointId 提供查找)
├── iroh-dns/                  # DNS 客户端
└── iroh-net-report/           # 网络诊断(分析 NAT 类型和网络能力)

Related sub-items (independent warehouse):

-iroh-blobs:Blobs protocol

-iroh-docs:Documents agreement

-iroh-gossip:Gossip Protocol

-iroh-ffi: cross-language FFI binding

-iroh-tor:Tor transport layer (experimental)

How to use #7.

7.1 Quick Start (Rust)

# 创建新项目
cargo new my-iroh-app
cd my-iroh-app
cargo add iroh tokio anyhow

# 运行示例
cargo run

Minimum Echo Example-Connected Party:

use iroh::{endpoint::presets, Endpoint, EndpointAddr};
use tokio::io::AsyncWriteExt;

#[tokio::main]
async fn main() -> anyhow::Result<()> {
    let endpoint = Endpoint::bind(presets::N0).await?;

    // 从 ticket 解析对端地址
    let addr: EndpointAddr = ticket_str.parse()?;

    // 连接到对端
    let conn = endpoint.connect(addr, b"echo/0").await?;

    // 打开双向流
    let (mut send, mut recv) = conn.open_bi().await?;

    // 发送数据
    send.write_all(b"Hello, Iroh!").await?;
    send.finish()?;

    // 接收回显
    let response = recv.read_to_end(1000).await?;
    println!("收到: {}", String::from_utf8_lossy(&response));

    // 关闭连接
    conn.close(0u32.into(), b"bye!");
    endpoint.close().await;
    Ok(())
}

Accepted by:

use iroh::{endpoint::presets, protocol::Router, Endpoint};
use iroh::protocol::{Connection, ProtocolHandler};
use std::sync::Arc;

#[derive(Debug, Clone)]
struct Echo;

impl ProtocolHandler for Echo {
    async fn accept(&self, conn: Connection) -> anyhow::Result<()> {
        let (mut send, mut recv) = conn.accept_bi().await?;
        tokio::io::copy(&mut recv, &mut send).await?;
        send.finish()?;
        conn.closed().await;
        Ok(())
    }
}

#[tokio::main]
async fn main() -> anyhow::Result<()> {
    let endpoint = Endpoint::bind(presets::N0).await?;

    let router = Router::builder(endpoint)
        .accept(b"echo/0".to_vec(), Arc::new(Echo))
        .spawn()
        .await?;

    println!("监听中...");
    tokio::signal::ctrl_c().await?;
    router.shutdown().await?;
    Ok(())
}

7.2 Transfer large files using iroh-blobs

use iroh_blobs::{store::fs::FsStore, BlobsProtocol, BlobTicket};

// 发送方
let store = FsStore::load("./blobs").await?;
let blobs = BlobsProtocol::new(&store, None);
let tag = store.blobs().add_path("/path/to/large-file.mp4").await?;
let ticket = BlobTicket::new(endpoint.id().into(), tag.hash, tag.format);
println!("分享此 Ticket: {ticket}");  // 复制给接收方

// 接收方
let ticket: BlobTicket = ticket_str.parse()?;
let downloader = store.downloader(&endpoint);
downloader.download(ticket.hash(), Some(ticket.endpoint_addr().id)).await?;
store.blobs().export(ticket.hash(), "./downloaded-file.mp4").await?;

7.3 Collaborative editing using iroh-docs

use iroh_docs::{Docs, api::protocol::ShareMode};

// 创建文档
let docs = Docs::memory()
    .spawn(endpoint.clone(), blobs.clone(), gossip.clone())
    .await?;

let author = docs.author_create().await?;
let doc = docs.create().await?;

// 写入条目
doc.set_bytes(author, b"title".to_vec(), "协作笔记".into()).await?;

// 生成分享 Ticket(给对方写权限)
let ticket = doc.share(ShareMode::Write, Default::default()).await?;

// 订阅实时同步事件
let mut events = doc.subscribe().await?;
while let Some(event) = events.next().await {
    match event? {
        LiveEvent::InsertRemote { entry, .. } => {
            println!("对端插入了: {:?}", entry.key());
        }
        _ => {}
    }
}

7.4 Key Design Patterns

  1. Ticket Mode: Encode the EndpointId protocol information into a sharable string Ticket (similar to a magnetic link) and share it through out-of-band channels (QR code/link/text).
  2. Router Mode: A Endpoint can register multiple protocols at the same time and distribute them through ALPN, which is analogous to HTTP virtual host routing.
  3. Protocol Handler Mode: Define the 'ProtocolHandler' trait and register it with the router to implement the protocol logic.

8. What can I say before sales

8.1 Elevator Speech (30-second version)

your application requires P2P communication between devices, but NAT penetration, encryption and relay back-off give you a headache? Iroh is an open source Rust P2P network library, v1.0 official version has been released . All you have to do is dial up with the public key, and the rest-NAT traversal, automatic relay, end-to-end encryption, fastest path selection-it's all done for you. 90% of the scenes can be directly connected and cannot be automatically relayed. Supports Rust, Swift, Kotlin, Python, JavaScript, and one-line command integration.

8.2 Competition Comparison Speech

DimensionIrohlibp2pWebRTCZeroTier/Tailscale
Programming ModelMinimal API(connect by key)Complex Multi-layer AbstractionSignaling + ICE Requires OwnVPN Mode (Network Layer)
NAT penetration success rate~ 90%depends on specific implementation~ 85-90%high (depends on self-built infrastructure)
EncryptionQUIC/TLS 1.3 (Built-in)Noise/ TLS requiredDTLS/SRTP (Built-in)WireGuard (Built-in)
Relay fallbackBuilt-in, automaticRequires configuring a relay nodeRequires deploying a TURN serverSelf-built DERP/Relay
Multi-language supportRust/Swift/Kotlin/Python/JSMulti-language but not unifiedBrowser nativeClient-side binary
Protocol layerBlobs/Docs/Gossip (combinable)You need to implement it yourselfDataChannel onlyNetwork layer pass-through
Self-Hosted Relay✅Open source + Docker❌Self-built TURN❌Commercial License Required

Key Differences:

-vs libp2p:Iroh API minimalist -- libp2p needs to understand a dozen concepts such as Transport, Muxer, Security, PeerStore, and Identify. Iroh just needs 'Endpoint::bind()''connect(addr, alpn)'. At the same time, Iroh provides a higher layer protocol (Blobs/Docs/Gossip), not just the transport layer.

-vs WebRTC:Iroh does not require a signaling server (discovered via DNS/DHT), does not need to deploy STUN/TURN (built-in relay), and does not need to deal with the complexity of ICE. But Iroh does not run in the browser.

-vs ZeroTier/Tailscale:Iroh is a application layer library instead of a VPN. VPNs work at the level of the OS network stack, affecting all traffic; Iroh only works on the connection you specify, which is lighter and more secure (the principle of least privilege).

8.3 Customer Value Proposition

Customer Pain PointsHow Iroh Solved
"P2P development is too complicated, NAT penetration will take several months"a line of' Endpoint::bind()',NAT penetration and relay fallback are all built-in
"We don't want to build STUN/TURN servers"Public Relay is free to use, production can be hosted or self-built
"The user's intranet environment is strange and cannot be connected."~ 90% of the scenes are automatically penetrated, and the penetration failure is automatically relayed back
"Requires iOS/Android/Desktop support"FFI bindings cover all major platforms
"Security compliance requires end-to-end encryption"QUIC/TLS 1.3 default encryption, Relay cannot decrypt
"You need to transfer large files and support resumable transfer"iroh-blobs natively supports incremental checksum range requests
"The team does not have P2P network experts"API shields the underlying complexity, and novices can get started

8.4 Suggest Customer Portrait

-Target Industries: Collaboration Software, File Sync Tools, Game Development, IoT, Edge Computing, Privacy Communications

-Technical team size: small teams of 1-10 people to platform teams of large organizations

-Technology Stack Preference:Rust has the best native experience; Swift/Kotlin is available for mobile teams; Python is available on the back end

-Key decision makers:CTO, technical lead, platform architect

-Pain Threshold: Difficulties in developing P2P solutions or using libp2p/WebRTC

9. Frequently Asked Customer Questions

Q1: What is the difference between Iroh and libp2p? Which one should I choose?

A:Iroh pursues API minimalism and out-of-the-box use, and libp2p pursues maximum flexibility and modularity.

-Select Iroh If: You don't want to spend time understanding how 15 libp2p modules are combined; You need file synchronization/document collaboration capabilities and not just the transport layer; You want a line of code to start a P2P endpoint.

-select libp2p if: you need extremely fine-grained customization (even if it means more code); your ecosystem is already bound to IPFS/libp2p (as Filecoin); you need browser node support.

-Technical comparison:Iroh has now released a stable version of v1.0, and there are no major changes to the API. The Rust implementation of libp2p is still evolving rapidly.

Q2: Can Iroh run independently without relying on N0 cloud services?

A:Totally. Iroh's Relay and DNS servers are open source :

-Open Relay free but limited speed, enough for development testing.

-The production environment can:

-Self-hosted 'iroh-relay (one line of Docker command), full control.

-Or purchase Iroh Services-hosted Relay (with SLA, multi-region, certification).

-DNS lookup can also not use N0's 'dns.iroh.link', but use Mainline DHT (based on Bittorrent DHT) or self-built DNS server (iroh-dns-server open source).

Q3: How effective is NAT penetration in mainland China?

A: This is an issue that needs to be focused on. China-specific multi-layer NAT (carrier-grade NAT / CGNAT) may affect the penetration success rate. Countermeasures:

-Self-hosted domestic Relay: Deploy a Relay server on Alibaba Cloud or Tencent Cloud to ensure low latency of the relay fallback path.

-Iroh's pluggable Transport layer access can be considered to be more suitable for the underlying transmission of the Chinese network environment.

-It is recommended to specifically test the penetration success rate in the PoC phase.

Q4: How does Iroh's QUIC perform in UDP rate-limited/QoS networks?

A:QUIC does rely on UDP (underlying replaceable). Some enterprise networks or mobile operators impose QoS restrictions on UDP traffic. Iroh's countermeasures:

-MagicSocket multipath probes automatically switch to available paths.

-Relay mode uses WebSocket over HTTPS, go TCP 443 port, and will hardly be blocked.

-Pluggable Transport support TCP (via custom Transport) and even Tor.

Q5: Where is Iroh's performance bottleneck? How many concurrent connections can it support?

A:

-Number of concurrent connections per Endpoint:Iroh uses Rust's async I/O(tokio), and a single Endpoint can support thousands of concurrent connections (the theoretical upper limit is limited by file descriptors and memory).

-Relay throughput: The throughput of a single Relay instance is limited by the bound bandwidth. The Noisy Neighbor problem can be solved by the isolation mechanism of the managed Relay.

-Actual test:N0 team operation perf.iroh.com puter, continuously measuring connection establishment speed and throughput.

Q6: How about project activity and long-term maintenance?

A:

-Funding:N0, INC. is a funded start-up company commercialized through Iroh Services.

-Community: Nearly 10,000 GitHub Stars, active Discord Community, over 60 contributors.

- Code Activity :2,486 submissions, still frequently updated in 2026 (weekly average dozens of submissions).

-Version rhythm:v1.0.0 was released on June 15, 2026, followed by v1.0.1 (June 29), indicating that the team is actively maintaining it.

Q7: Is iroh-docs conflict resolution reliable?

A:iroh-docs uses the Range-based Set Reconciliation algorithm (Meyer 2022) to achieve eventual consistency based on the CRDT model. For key-level concurrent writes, the "last-write-wins" policy (by timestamp) is used. If you need fine-grained merging at the field level (such as text editing OT), it is recommended to overlay CRDT libraries such as Automerge or Yrs on top of the iroh-docs.

10. PoC Recommendations

10.1 PoC Target

Verify the performance of the following core competencies in actual customer scenarios:

  1. connectivity rate : in the network environment of the customer's target user group, whether the success rate of NAT penetration reaches the expectation.
  2. Delay/Throughput: Transmission performance in direct connection and relay mode.
  3. Integration complexity: How much work is required to integrate Iroh with the customer's actual technology stack (Rust/Swift/Kotlin/Python).
  4. Operation and maintenance burden: Self-hosted Relay deployment and operation and maintenance experience.

10.2 Recommended PoC Scheme (Progressive by Complexity)

####🔰Level 1:Hello World Connection Test (1-2 days)

-Target: Verify that two devices can discover each other and establish a connection through Iroh.

-Practice:

  1. Run the Echo example (echo.rs) on both devices separately.
  2. Exchange addresses through Ticket and test message round trip.
  3. Test each time in different network environments (home WiFi, mobile network, enterprise network).

-Success Criteria: The message is sent and received successfully, and the connectivity is confirmed.

####🔰Level 2: File Transfer PoC(3-5 days)

-Objective: Verify the performance of the iroh-blobs in large file transfer scenarios.

-Method:

  1. Use the iroh-blobs transfer example (transfer.rs).
  2. Test the time-consuming and integrity of 10MB / 100MB / 1GB file transfer.
  3. Test a cross-NAT scenario (sender and receiver on different networks).
  4. Test breakpoint continuation: interrupt network → resume → verify continuation of transmission.

-Success Criteria: The file passes the complete verification, the resumable transmission is valid, and the throughput meets the business requirements.

####🔰Level 3: Collaborative Sync PoC(1-2 weeks)

-Target: Verify the multi-endpoint data synchronization capability of the iroh-docs.

-Method:

  1. Reproduction tauri-todos example.
  2. More than three devices write to the same document at the same time.
  3. Simulate offline scenario: a device offline → local modification → online again → verify synchronization.
  4. Verify the conflict scenario: two devices modify the same key at the same time.

-Success Criteria: The final status of all devices is consistent, and the conflict resolution policy meets expectations.

####🔰Level 4: Self-hosted Relay Deployment Stress Test (1 week)

-Objective: Verify the self-hosted relay deployment and performance of the production environment.

-Method:

  1. Deploy the iroh-relay Docker container on Alibaba Cloud/Tengxun Cloud/AWS.
  2. Configure the TLS certificate (Let's Encrypt).
  3. The client is configured to use self-built relay.
  4. Use multiple clients to connect at the same time and record the CPU/memory/bandwidth usage of Relay.
  5. Simulate Relay downtime → Verify that the client automatically switches to the standby Relay.

-Success criteria:Relay is stable, failover is successful, and resource consumption is acceptable.

Indicators to be observed when 10.3 PoC

IndicatorMeasurement methodTarget value
NAT penetration success rateTested in different network environments> 85%
Direct connection establishment delayTime from 'connect()'to response< 500ms (first time)
Relay ThroughputThe maximum speed at which files are transferred over Relay.Depends on the bandwidth of Relay. Pay attention to the speed limit.
Direct connection throughputP2P direct connection file transfer speedApproaching the maximum network bandwidth
Connection migration timeTime to resume connection after WiFi → 5G switchover< 2s
Relay CPU/MemoryResource usage of self-hosted RelayDepending on the number of concurrency

10.4 PoC Quick Start Script

#!/bin/bash
# Iroh PoC 快速环境搭建

# 1. 克隆官方示例仓库
git clone https://github.com/n0-computer/iroh-examples.git
cd iroh-examples

# 2. 运行 Echo 示例(设备A)
cargo run --example echo -- --server

# 3. 另一终端或设备运行(设备B)
# cargo run --example echo -- --client 

# 4. 自建 Relay(Docker)
docker run -d --name iroh-relay \
  -p 443:443 \
  -v $(pwd)/certs:/etc/certs \
  n0computer/iroh-relay \
  --http-bind-addr 0.0.0.0:443

11. Risks and Considerations

11.1 Technology Risk

RiskSeverityResponse
UDP is speed limited/blocked (enterprise network/operator)🟡MediumRelay fallback WebSocket(443 TCP), almost non-marshalling; pluggable Transport support TCP
NAT penetration may be low in Mainland China🟡MediumPoC must test China's network environment; Deploy domestic Relay nodes; Evaluate whether additional penetration solutions are needed
Relay single point of failure🟢LowConfigure multiple relays, Iroh automatic failover
The protocol layer (Blobs/Docs/Gossip) has not been 1.0🟡MediumThe core connection layer ('iroh' crate) has been stabilized in v1.0; The upper layer protocol is in a stable but not marked 1.0 state, and the API may change
Limited browser/Wasm support🟡MediumFor browser side, evaluate alternatives or wait for Iroh's Wasm support to mature
Rust Talent Scarce🟡MediumFFI bindings allow development in Swift/Kotlin/Python/JS, but advanced customization may still require Rust knowledge

11.2 Business Risk

RiskSeverityResponse
N0, INC. BUSINESS SUSTAINABILITY🟡MediumIroh is completely open source (MIT/Apache 2.0), even if the company fails, the code can continue to be used; Relay can be self-hosted
Reliance N0 Public Relay🟢LowSelf-hosting or purchasing Iroh Services is highly recommended for production environments
The ecology is relatively new🟡MediumThere are many practical application cases (sendme/callme/Hubris/godot-iroh), but the ecology is smaller than libp2p

11.3 Compliance Risk

-Data Localization: Data transferred by Relay is end-to-end encrypted and cannot be decrypted by Relay. If compliance requires data not to leave the country, you only need to deploy Relay in the country.

-Encryption algorithm: Industry-standard Ed25519, TLS 1.3, and BLAKE3 are used, all of which meet mainstream compliance requirements.

12. My Pre-Sales Judgment

12.1 Overall Assessment

DimensionRating (1-5)Description
Technology Maturity⭐⭐⭐⭐The official version of v1.0 has been released, and the core API is stable. The upper layer protocol is still being improved.
Developer Experience⭐⭐⭐⭐⭐API is very simple, "connect by key" model lowers P2P development threshold by 90% +
Performance⭐⭐⭐⭐Rust implementation, QUIC protocol, excellent performance; continuous performance benchmark testing
Cross Platform⭐⭐⭐⭐⭐Rust/Swift/Kotlin/Python/JS
Ecology/Community⭐⭐⭐~ 10K Stars, active community, but smaller ecological scale than libp2p
Operation and maintenance friendliness⭐⭐⭐⭐Stateless Relay,Docker one-click deployment, automatic failover
BUSINESS SUSTAINABLE⭐⭐⭐Open source + commercial dual mode, but smaller company

Comprehensive recommendation:⭐⭐⭐⭐(Recommended)

When should 12.2 recommend Iroh

Highly recommended:

-Customer needs to build P2P applications but lacks network layer expertise

-Customer's technology stack is Rust / Swift / Kotlin

-Scenarios are file synchronization, collaborative editing, game online, IoT communication

-Customers value development efficiency and API simplicity

🤔Recommended with caution:

-Customer's core scenario on the browser side

-The customer's network environment is mainly in mainland China (PoC verification is required)

-Customers have mature libp2p technology stack and experts

Not recommended:

-Pure traditional Client-Server web application

-Scenarios requiring browser native P2P

12.3 a sentence to judge

Iroh is currently the most "understand the developer" of the P2P network library-it NAT penetration, encryption, relay fallback these P2P areas of the most troublesome problems to do a line of code 」. The release of v1.0 marks its readiness for production. If customers are building applications that require P2P communication (file synchronization, collaboration tools, games, IoT),Iroh is the most cost-effective option available. What needs to be concerned is that the upper layer protocol (Blobs/Docs) is not yet v1.0, and the penetration rate of the mainland Chinese network environment needs PoC verification.

13. REFERENCE

Official Resources

-GitHub repository

-Official Document

-Rust API Documentation

-Iroh Services (Hosted Relay)

-Performance Benchmarking

-Discord Community

Subprojects and Examples

-iroh-blobs -Blobs protocol

-iroh-docs -Documents Agreement

-iroh-gossip -- Gossip Protocol

-iroh-ffi -- cross-language binding

-iroh-examples -- Sample Collection

-sendme -- P2P File Transfer CLI

-callme -- P2P audio and video call

-dumbpipe -- P2P pipeline tool

-hello-iroh-ffi -Cross-platform Hello World

Technical Reference

-QUIC Protocol (RFC 9000)

-BLAKE3 Hash Algorithm

-noq -QUIC implementation of N0 (Iroh underlying dependency)

-Range-based Set Reconciliation (Meyer 2022)

-Willow Protocol

Community Projects

-awesome-iroh -Selected list of community projects

-Hubris -Iroh-based collaborative whiteboard application

-godot-iroh -Iroh multiplayer online plugin for Godot game engine

-iroh-lan -- Virtual LAN with Iroh

-zedra -mobile code editor (Iroh P2P tunnel)

-pigg -- Raspberry Pi GPIO remote control

Video/Speech

-Introducing Iroh (YouTube)

-v1.0.0 Release Announcement-"Dial keys. Not IPs."

  • This report was generated by TRAE IDE on 2026-07-02 and is based on n0-computer/iroh v1.0.1 and the latest documentation. *