Show HN: P2Party – Encrypted WebRTC Room URLs

3 fuzzc0re 1 8/29/2025, 12:38:40 PM github.com ↗

Hi HN,

I’ve been working for the past 10 months on p2party, a TypeScript/C/WASM library which you can find at https://github.com/p2party/p2party-js and demo at https://p2party.com , that lets you spin up an encrypted peer-to-peer mesh with nothing more than a shared URL.

Why I built it: I wanted something between https://file.pizza and “ephemeral Signal chat”, but with my custom cryptographic idea (I know I know... WebRTC is already encrypted and it is easy to go wrong etc.). The project started as a toy for sharing large DAW files with my bandmates (and to flex some applied crypto skills), then grew into a general toolkit. It is also a nice side project to test LLMs as companion coders and to know where the world is at right now regarding this subject (personal opinion - super small and well-defined tasks ok).

The cryptography: The messages, either strings or files, get split and included into isomorphic chunks of 64kb which are stored in IndexedDB until they are sent. Each chunk has some metadata like file hash, name, Merkle proof etc., the actual information and then padding left and right with noisy data. The real info starts at random positions on each chunk. The whole thing is then e2e encrypted with ChaChaPoly1305 with sender ephemeral keys and sent in random order.

Inspiration: To an observer of the message traffic, every chunk is isomorphic and contains a lot of useless info and some real ones. But to analyze it they need to store all the junk. The inspiration came from a principle of counter-surveillance that I learned from the adblock tool https://adnauseam.io .

Caveat: Before sending the message, all the chunks need to be created so that the Merkle proofs can be calculated and the browser can send the chunks in random ordering.

The p2p: I could not find a good example online of how to create a WebRTC mesh network so I built a tool for myself. It works acceptably now so that's why I uploaded it here after 10 months of working on it (on and off) :D

The WASM: I had experience with compiling C to WASM when I developed this project in the past https://github.com/deliberative/crypto and I wanted the same efficiency gains here.

Status: It works, but it is not security-audited yet → don’t trust it with your deepest secrets. API is stable enough to embed in your own apps. Open-source under AGPL-3.0.

Try it here: https://p2party.com (open in two browsers or devices). Code is here: https://github.com/p2party/p2party-js.

I'd love your feedback on everything! Enjoy!

Comments (1)

fillskills · 2h ago

This is really cool! I am building a p2p social games platform and this will be super useful as a base. Would love to connect if you are interested in seeing a prototype.

Ask HN: The government of my country blocked VPN access. What should I use?

Ask HN: What to learn for math for modeling?

Ask HN: Best self-hosted wiki solution in 2025? Mediawiki or something else?

Ask HN: Theory That Economic Growth Stagnates in a Civilization

Ask HN: What options do I have for self-hosted end to end encrypted group chat?

Ask HN: Should we stop worrying that AI will replace developer jobs?

Ask HN: Why hasn't x86 caught up with Apple M series?

Tired of Broken .onion Links? I Built a Real-Time Tor SE That Works

Ask HN: Daily/weekly/monthly technical rituals?

Ask HN: Avoiding AI slop in music services

Ask HN: What to do when you suspect your interview is with a state operative?

Apple App Store Review Mess

Ask HN: How can I recover and run my old mobile game from the 2010s?

Best up-to-date guides on Vibe Coding

Staying up to date on the best AI dev workflow?

Ask HN: Anyone working on bringing software back from US clouds?

Ask HN: How much better can the LLMs become assuming no AGI

Ask HN: Services for Shutting Down a Startup?

Ask HN: Did modern AI's coding abilities make you lose interest in programming?

Ask HN: Where can I see a live octopus in Maine?

Ask HN: What to Do with Old iPads?

CompactifAI Inference API

Ask HN: What are the best Google alternatives in 2025?

Ask HN: GitHub Copilot down?

Anthropick.com Redirects to ChatGPT

Ask HN: How to teach a 4 year old to code?

Ask HN: Best codebases to study to learn software design?

Petition to stop Google from restricting sideloading and FOSS apps

Units of Economics of LLMs. Reply to Ed Zitron's "AI Is a Money Trap"

Ask HN: Is there a temp phone number like temp email?

Ask HN: Does sentience put stress on the brain?

Out of curiosity: what kind of people use this "forum" (I mean Hacker News)?

Ask HN: Why are so many services rejecting Google Voice numbers for signups?

Ask HN: How to Learn to Build Agentic AI Systems (Like Claude Code)

Ask HN: Are AI filters becoming stricter than society itself?

Ask HN: What should I use to run React Native tests on a device?

Ask HN: What measures are you taking to stop AI crawlers?

Ask HN: Is backlink trading still a problem worth solving?

Stop squashing your commits. You're squashing your AI too

Show HN: P2Party – Encrypted WebRTC Room URLs

Comments (1)