wg-dark: a tiny toy darknet

Jake McGinty me at jake.su
Tue Sep 4 01:08:48 CEST 2018

I thought I'd share a toy darknet to the list. It's p2p, but with a
coordinating server to deal with addressing and NAT holepunching.

The client is 134 lines of cross-platform bash. The coordinating server
is an additional ~175 lines of node.

repo: https://github.com/wg-dark/wg-dark

# How it works

A coordinating server is at an external address (ex. cool.dark.net) and
a fixed internal wg address ( It handles 1) invites,
2) address assignment, and 3) peer announcements / NAT holepunching.

1) Any existing darknet peer GETs, and
receives something like
"cool.dark.net:1337:6e435b7a2541b7443adebec9754fae9d". They give it to
an Invitee.

1) Invitee POSTs https://cool.dark.net:1337/join and sends its invite
code and a generated wg pubkey.

2) Server sends back an assigned address (ex. and the
server's pubkey.

3) Invitee adds the server as a peer to a new wg interface.

4) Invitee GETs and receives a wireguard
configuration list of all peers with their latest endpoints.

5) Peers periodically repeats the status request to update their peer lists.

That's about it. It's incredibly feature-limited, quick, dirty, and has
infinite room for improvement.

<< Not for use for anything other than funsies. >>

More information about the WireGuard mailing list