ScriptsJul 4, 2026·3 min read

Iroh — Peer-to-Peer Networking Library in Rust

A Rust library for building peer-to-peer applications with reliable data transfer, NAT traversal, and content-addressed blob synchronization over QUIC.

Agent ready

Ready-to-run agent install

This asset can be installed after the agent chooses its runtime, checks the plan, and runs the matching command.

Native · 98/100Policy: allow
Agent surface
Any MCP/CLI agent
Kind
Skill
Install
Single
Trust
Trust: Established
Entrypoint
Iroh Overview
Direct install command
npx -y tokrepo@latest install 16add030-77c6-11f1-9bc6-00163e2b0d79 --target codex

Run after dry-run confirms the install plan.

Introduction

Iroh is a Rust library from n0 (Number Zero) for building peer-to-peer applications. It handles NAT traversal, connection establishment, and reliable data transfer over QUIC, letting developers focus on application logic instead of networking plumbing.

What Iroh Does

  • Establishes direct peer-to-peer connections with automatic NAT hole-punching
  • Transfers data reliably over the QUIC protocol with built-in encryption
  • Provides content-addressed blob storage and synchronization between peers
  • Discovers peers via configurable discovery mechanisms including DNS and DHT
  • Runs on desktop, server, mobile, and WebAssembly targets

Architecture Overview

Iroh is built on top of the quinn QUIC implementation and uses Ed25519 key pairs as node identities. The endpoint layer handles connection establishment and NAT traversal using STUN, relay servers for fallback, and direct hole punching. Above the transport sits a blob layer that syncs content-addressed data using BLAKE3 hashes and a range-based transfer protocol for efficient partial downloads.

Self-Hosting & Configuration

  • Add iroh as a Cargo dependency to any Rust project
  • Build an Endpoint with the builder pattern, choosing discovery and relay options
  • Generate or load a persistent SecretKey for stable node identity across restarts
  • Configure custom relay servers or use the default n0 relay infrastructure
  • Use the iroh CLI tool for testing connectivity and blob transfers during development

Key Features

  • Automatic NAT traversal with hole punching and relay fallback
  • QUIC-based transport with built-in TLS 1.3 encryption using node keys
  • Content-addressed blob sync with BLAKE3 hashing and verified streaming
  • Cross-platform support including Linux, macOS, Windows, iOS, Android, and WASM
  • Composable protocol system for layering custom application protocols

Comparison with Similar Tools

  • libp2p — larger modular networking stack with many transports; more complex setup and Rust API surface
  • ZeroTier — creates virtual L2 networks; operates at a lower level than application-layer P2P
  • WireGuard — VPN tunnel protocol; not designed for application-level peer discovery or data sync
  • WebRTC (via webrtc-rs) — browser-oriented real-time communication; heavier and more complex for pure data transfer

FAQ

Q: Does Iroh work without a central server? A: Yes, once peers discover each other they connect directly. Relay servers are optional fallback for restrictive NATs.

Q: Can I use Iroh from languages other than Rust? A: FFI bindings and a Python SDK are available, and the WASM target enables browser use.

Q: How does Iroh handle peer discovery? A: Through pluggable discovery services including DNS-based discovery and a distributed hash table.

Q: Is Iroh production-ready? A: Iroh is under active development with breaking API changes possible. Several production applications already use it.

Sources

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.

Related Assets