One security model
Identity, discovery, transport, stream admission, and L7 authorization are not glued together by each application. They share protocol-edge checks.
Self-certifying peers. Local proof. No ambient trust.
A Rust cryptographic network fabric where discovery, routing, streams, pub-sub, tunneling, and authorization all converge on the same local verifier.
Korium is valuable because it refuses to let connectivity become authority. Identity, discovery, routing, streams, pub-sub, tunneling, and authorization share one local-verifier trust model instead of being glued together by every application.
Identity, discovery, transport, stream admission, and L7 authorization are not glued together by each application. They share protocol-edge checks.
Every peer is named by a did:korium URI derived from
the public key. The pubkey travels in band, then BLAKE3-binds to
the URI before signature verification.
Verification does not depend on a DID document fetch, CA, SPIRE server, key registry, or online root. The destination checks the evidence it received.
mTLS proves key possession only. A Biscuit grant still has to match caller DID, service URN, resource, action, issuer policy, and expiry.
Quinn runs over a Korium UDP substrate that routes by identity, observes addresses, signs probes, and forwards only bounded encrypted QUIC traffic.
PING, PONG, PUNCH, RTT tiering, observed addresses, DHT hints, and QUIC attempts feed the same identity-indexed routing state.
Direct QUIC, forwarded QUIC, adjacent NAT traversal, GossipSub, raw streams, request-response, and TCP tunneling are all carried by authenticated fabric paths.
TCP tunnel entry tries native TLS 1.3 mTLS/TCP to the destination before falling back to encrypted QUIC TUNNEL streams over the mesh.
DHT values, liveness records, RPC bodies, GossipSub messages, grants, lookup expansion, tunnel concurrency, and caches all have explicit caps.
Verified grants return issuer, audience, service URN, action, resource, expiry, token digest, and app claims. Every decision can become a signed line.
IDs are BLAKE3-384 hashes, not raw public keys, so routing keys, logs, grants, and audit records stay compact if signature keys become much larger.
Identity, authority, authz, naming, DHT, transport, fabric, GossipSub, tunnel, and node composition each own distinct invariants.
A Korium peer is named by a compact did:korium URI, but
the verifier never treats the URI as the key. The raw public key is
carried as evidence, BLAKE3-bound to the DID, then checked before
any signature or transport claim is trusted.
did:korium gives routing, grants, logs, and audits a stable peer name.
The certificate carries the public key; the verifier hashes and compares it locally.
Ed25519 authenticates current identities while BLAKE3-384 keeps identifiers compact.
Hybrid confidentiality is supported, while identity signatures remain classical and explicit.
Korium uses QUIC and TLS 1.3 mTLS for encrypted peer sessions, then carries those sessions over an identity-aware UDP substrate. Direct traffic, forwarded traffic, raw streams, pub-sub, and TCP tunnels all keep encryption separate from authority.
Node-to-node encrypted sessions with mTLS identity and service-scoped admission.
Relay paths forward bounded ciphertext after relay-token, TTL, and route checks.
Direct mTLS/TCP is tried first, then encrypted QUIC TUNNEL streams over the fabric.
GossipSub, raw streams, and request-response keep signatures, replay windows, and size caps.