d6596ff81b
windows-drivers / probe-and-proto (push) Successful in 24s
windows-drivers / driver-build (push) Successful in 1m18s
apple / swift (push) Successful in 1m5s
android / android (push) Successful in 4m21s
ci / rust (push) Successful in 5m3s
ci / web (push) Successful in 54s
ci / docs-site (push) Successful in 1m2s
deb / build-publish (push) Successful in 2m48s
windows-host / package (push) Successful in 7m10s
decky / build-publish (push) Successful in 24s
docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Successful in 5s
docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 6s
docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Successful in 4s
ci / bench (push) Successful in 4m38s
release / apple (push) Successful in 9m1s
windows-msix / package (arm64, C:\Users\Public\ffmpeg-arm64, aarch64-pc-windows-msvc, C:\t-a64) (push) Successful in 1m13s
docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 51s
windows-msix / package (x64, C:\Users\Public\ffmpeg, x86_64-pc-windows-msvc, C:\t) (push) Successful in 1m10s
docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 2m42s
windows / build (aarch64-pc-windows-msvc) (push) Successful in 1m0s
windows / build (x86_64-pc-windows-msvc) (push) Successful in 1m0s
apple / screenshots (push) Successful in 5m32s
flatpak / build-publish (push) Successful in 4m59s
rpm / build-publish (bazzite, punktfunk-fedora-rpm) (push) Successful in 9m7s
docker / deploy-docs (push) Successful in 25s
rpm / build-publish (fedora-44, punktfunk-fedora44-rpm) (push) Successful in 8m49s
Rework the client READMEs to be accurate and inviting to first-time
visitors, and fill in the gaps where crates and tools had none.
- Rewrite clients/{apple,android,decky} READMEs (features-first, trim
dense internal narrative; drop the stale "one session at a time" /
"renegotiation not implemented" section from the Apple README).
- Add READMEs for clients/{linux,windows,probe}, which had none.
- Add crate READMEs for punktfunk-host, punktfunk-core, pf-driver-proto.
- Add brief READMEs for tools/{loss-harness,latency-probe}.
- Fix packaging/README duplicate "Option B" heading (bootc -> Option C).
- Fix docs-site/README stale docs/ -> design/ reference.
- De-stale packaging/windows/drivers/pf-dualsense README (drop "M0 spike"
/ external-checkout framing; reflect in-tree workspace + shipped +
installer-bundled + multi-pad), keeping the driver-authoring lore.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
62 lines
3.3 KiB
Markdown
62 lines
3.3 KiB
Markdown
# punktfunk-core
|
||
|
||
The **shared protocol core** — the one place where punktfunk's transport, forward error correction,
|
||
and crypto live. It's linked into the [host](../punktfunk-host/README.md) and every native client, so
|
||
there's exactly one implementation of the wire format everywhere.
|
||
|
||
Written in Rust with **no async on the per-frame path** (native threads only). It exposes both a
|
||
normal Rust API and a **stable, versioned C ABI**, so the Swift and Kotlin clients — and any C
|
||
embedder — link the same code as the Rust ones.
|
||
|
||
## What's in here
|
||
|
||
- **Transport & session** (`session.rs`, `transport/`, `packet.rs`) — the `punktfunk/1` data plane
|
||
over raw UDP: packetization, reassembly (with attacker-bounded limits), pacing, and socket tuning.
|
||
- **FEC** (`fec/`) — the wall-breaker. Two codes:
|
||
- **GF(2⁸)** classic Reed–Solomon with the *Cauchy* generator matrix — byte-identical to the
|
||
`nanors` library Moonlight uses, so our parity is decodable by a stock Moonlight client.
|
||
- **GF(2¹⁶) Leopard-RS** (SIMD, O(n log n)) — up to 65535 shards/block, which removes the ~1 Gbps
|
||
FEC ceiling. `punktfunk/1` negotiates this one.
|
||
- **Crypto** (`crypto.rs`) — AES-128-GCM session encryption with per-direction nonce salts and
|
||
sequence-as-AAD; SPAKE2 PIN pairing lives behind the `quic` feature.
|
||
- **QUIC control plane** (`quic.rs`, `client.rs`, feature `quic`) — the Hello/Welcome/Start handshake,
|
||
cert pinning/TOFU, reverse audio, and the embeddable `NativeClient` connector. This is the **only**
|
||
place `tokio`/`quinn` are allowed; the feature is **off by default** so the core stays runtime-free.
|
||
- **C ABI** (`abi.rs`) — the versioned surface (`punktfunk_abi_version()`, `PunktfunkConfig` carrying
|
||
its own `struct_size`) that generates [`include/punktfunk_core.h`](../../include/punktfunk_core.h)
|
||
via cbindgen at build time.
|
||
|
||
## Build outputs
|
||
|
||
The crate builds three ways at once (`crate-type = ["lib", "cdylib", "staticlib"]`):
|
||
|
||
| Output | Used by |
|
||
|--------|---------|
|
||
| `lib` (rlib) | the host, probe, and tools link it as a normal Rust crate |
|
||
| `cdylib` (`.so`/`.dylib`) | the Swift / Kotlin clients via the C ABI |
|
||
| `staticlib` (`.a`) | the C test harness and static embedding |
|
||
|
||
## Test
|
||
|
||
```sh
|
||
cargo test -p punktfunk-core # unit + proptest + loopback
|
||
cargo run -p loss-harness # FEC loss-resilience sweep (no network needed)
|
||
bash crates/punktfunk-core/tests/c/run.sh # standalone C-ABI link + round-trip proof
|
||
```
|
||
|
||
## Design invariants (do not regress)
|
||
|
||
- **One core, linked everywhere** — protocol/FEC/crypto live only here, behind the stable C ABI.
|
||
- **No async on the hot path** — the per-frame pipeline is native threads only; `quic` (tokio/quinn)
|
||
is control-plane only, feature-gated, off by default.
|
||
- **Security hardening stays intact** — the reassembler bounds attacker-controlled fields before
|
||
allocating; AES-GCM keeps per-direction nonce salts + seq-as-AAD; the ABI checks `struct_size`.
|
||
Regression tests exist — keep them green.
|
||
|
||
## Related
|
||
|
||
- **[`punktfunk-host`](../punktfunk-host/README.md)** — the streaming host built on this core
|
||
- **[Clients](../../clients/)** — the apps that link this core over the C ABI (or directly, in Rust)
|
||
- **[`design/implementation-plan.md`](../../design/implementation-plan.md)** — why GF(2¹⁶) FEC, the
|
||
latency budget, and the architecture thesis
|