TLS-Secured UDP P2P Network
The DERO Project has built a blockchain network that can be used by millions of users around the globe. This makes the security of the network highly important. Unencrypted network communication poses a risk for privacy, security and data integrity. DERO is the first blockchain project to use self signed TLS encryption for its network communication, which protects the network participants from eavesdropping and tampering of network data.
| Aspect | DERO Network |
|---|---|
| Privacy | TLS encryption ensures privacy |
| Security | Protection from eavesdropping |
| Data Integrity | Prevention of data tampering |
| Communication | Uses UDP for reduced exposure, TLS for secure communication |
| Network Overhead | Lower network overhead due to UDP |
| Future Scalability | Continuous enhancements for large-scale applications |
| Handshakes / sec | Optimized key generation for higher handshakes per second |
DERO also utilizes UDP for peer to peer communication instead of TCP. This allows node software to run and listen to network events while reducing exposure to the operating system's kernel and also lowers network overhead.
| Aspect | UDP | TCP |
|---|---|---|
| Network Overhead | Generally exhibits lower network overhead, leading to reduced latency. | Has more overhead due to its reliability mechanisms and error checking. |
| Exposure to OS Kernel | Minimizes exposure to the OS kernel due to reduced overhead. | Typically interacts more closely with the OS kernel, potentially increasing exposure. |
| Listening to Events | Allows node software to listen to network events with lower latency. | Involves more overhead due to its connection-oriented nature. |
| Blockchain Suitability | Suitable for blockchain operations requiring rapid event broadcasting among nodes, e.g., real-time transaction notifications. | Less commonly used in blockchain where reliability and ordered data transmission are essential, such as in consensus mechanisms or critical data sharing. |
The DERO team also keeps future large scale applications in mind, e.g. enterprise services which handle thousands of clients per second. They are continuously improving the network in order to accomplish this goal. For example, with the encrypted network, after performing benchmarks they chose ECDSA instead of RSA as method for key generation as it allows for a higher number of handshakes per second.