Advanced Systems
v2.8.2ECHO, PULSE, BEACON & TME
Low-level mesh infrastructure: topology discovery, heartbeats, emergency broadcast, and temporal encoding.
ECHO — Encrypted Coordinate Heuristic Oracle
Privacy-preserving network topology discovery using virtual coordinates.
Virtual Coordinates
Nodes have virtual positions based on latency measurements. Enables route optimization without revealing physical location.
Encrypted Probes
Timing probes are AES-256-GCM encrypted. Only participating nodes can decode measurements.
import { EchoRanging } from 'yakmesh/mesh/echo-ranging';
const echo = new EchoRanging({ nodeId: 'my-node' });
// Measure latency to peer
const measurement = await echo.probe(peerId);
console.log(`RTT: ${measurement.rtt}ms`);
// Get virtual coordinates
const coords = echo.getCoordinates();
console.log(`Position: (${coords.x}, ${coords.y})`);
// Find optimal route
const route = echo.findOptimalPath(targetId);PULSE — Precision Universal Latency Sync Engine
Mesh heartbeat system with cryptographic proofs for liveness detection and partition detection.
ALIVE
Node responding within expected timeframe
SUSPECT
Missed heartbeats, may be experiencing issues
DEAD
Confirmed unreachable, removed from active peers
Partition Detection
When multiple nodes become SUSPECT simultaneously, PULSE detects potential network partition and triggers partition recovery protocols.
import { PulseHeartbeat } from 'yakmesh/mesh/pulse-heartbeat';
const pulse = new PulseHeartbeat({
interval: 5000, // 5 second heartbeats
timeout: 15000, // 15 seconds to SUSPECT
deadAfter: 45000 // 45 seconds to DEAD
});
// Start heartbeating
pulse.start();
// Check peer status
const status = pulse.getPeerStatus(peerId);
// Returns: 'alive' | 'suspect' | 'dead'
// Listen for state changes
pulse.on('peerStateChange', ({ peerId, from, to }) => {
console.log(`${peerId}: ${from} → ${to}`);
});BEACON — Broadcast Emergency Alert Channel Over Network
Priority message propagation for emergency alerts. Flood-based protocol with intelligent deduplication.
| Priority | TTL | Use Case |
|---|---|---|
| CRITICAL | 300s | Security breach, network attack |
| URGENT | 180s | Service degradation, node failures |
| WARNING | 120s | Upcoming maintenance, capacity alerts |
| ROUTINE | 60s | Informational messages |
import { BeaconBroadcast, PRIORITY } from 'yakmesh/mesh/beacon-broadcast';
const beacon = new BeaconBroadcast({ nodeId: 'my-node' });
// Send critical alert
await beacon.broadcast({
priority: PRIORITY.CRITICAL,
message: 'Security incident detected',
payload: { type: 'intrusion', source: '...' }
});
// Listen for beacons
beacon.on('beacon', (alert) => {
if (alert.priority === PRIORITY.CRITICAL) {
// Handle emergency
}
});
// Proof of receipt
const receipt = beacon.getReceipt(beaconId);TME — Temporal Mesh Encoding
Novel packet resilience system that encodes data across TIME, not space.
The Innovation
Traditional erasure coding splits data across multiple spatial paths. TME splits data across multiple temporal slices with cryptographic chaining.
- • Temporal slicing with cryptographic chaining
- • Predictive reconstruction from timing proofs
- • Resistant to timing-based attacks
import { TemporalEncoder } from 'yakmesh/mesh/temporal-encoder';
const encoder = new TemporalEncoder({
slices: 5, // Split into 5 temporal slices
threshold: 3 // Need 3 to reconstruct
});
// Encode data for temporal transmission
const slices = encoder.encode(data);
// Slices are sent at different times
for (const slice of slices) {
await sendWithDelay(slice, slice.timestamp);
}
// Reconstruct from received slices
const reconstructed = encoder.decode(receivedSlices);SLH-DSA Backup Signatures
Defense-in-depth with FIPS 205 hash-based backup signatures. Different cryptographic assumptions from ML-DSA.
Why Dual Signatures?
ML-DSA is lattice-based. SLH-DSA is hash-based. If one cryptographic assumption breaks, the other likely still holds. Critical operations use both.
| Level | Algorithm | Signature Size | Speed |
|---|---|---|---|
| 3 | SLH-DSA-SHA2-192f | ~35 KB | ~100ms |
| 5 | SLH-DSA-SHA2-256f | ~50 KB | ~160ms |
import {
signDual,
verifyDual,
generateDualSignatureKeyPairs
} from 'yakmesh/oracle/dual-signature';
// Generate both ML-DSA and SLH-DSA keypairs
const { mlDsa, slhDsa } = await generateDualSignatureKeyPairs();
// Sign with both algorithms
const dualSig = signDual(message, mlDsa.secretKey, slhDsa.secretKey);
// Verify requires both signatures valid
const valid = verifyDual(
dualSig,
message,
mlDsa.publicKey,
slhDsa.publicKey
);NIST Security Levels
Configurable security levels. Level 3 is default, Level 5 for paranoid mode.
| Level | Signatures | Key Exchange | Classical Security |
|---|---|---|---|
| Level 3 | ML-DSA-65 | ML-KEM-768 | 192-bit |
| Level 5 | ML-DSA-87 | ML-KEM-1024 | 256-bit |
import { setSecurityLevel, SecurityLevel } from 'yakmesh/security/crypto-config';
// Switch to paranoid mode
setSecurityLevel(SecurityLevel.LEVEL_5);
// All subsequent crypto operations use Level 5 algorithms