Architecture Check: Custom PQC Provider in Quinn + Handshake TLD Routing
โ Rust ๐ 2026-07-12 ๐ค surdeus ๐๏ธ 1Hey, I'm Q4CHIN. Made this account today to post this anonymously. I know fresh accounts look sketchy, so I'll skip the intro.
I'm designing a federated network where node ops own Handshake TLDs and run open nodes (MIT). Access is gated by a central license check to ban DDOS/crime nodes instantly.
Stack: Quinn for QUIC/UDP, Handshake for TLDs, and Post-Quantum (FIPS 203/204 - Kyber/Dilithium) for the handshakes. The browser client will be source-available (audit-only) so people can verify no logging, but the license forbids compiling derivatives. Only the signed binary joins the network.
My main blocker: I need to swap Quinn's default rustls provider for a custom PQC implementation.
-
Has anyone plugged a custom crypto provider (specifically Kyber/Dilithium) into Quinn without forking the whole crate? Docs on CryptoProvider are thin. Is this even feasible in stable Rust right now?
-
Any pitfalls resolving Handshake TLDs during the QUIC handshake? Or should that be a pre-step? Worried about latency spikes blocking connection setup.
Full spec is here: GitHub - Q4CHIN/Better-Tor: The Scary dark web ยท GitHub
Just need to know if this arch is fundamentally broken or if I'm missing a limitation in Quinn/Rust. If you think it's impossible, tell me why. Rather know now than waste months.
Thanks.
1 post - 1 participant
๐ท๏ธ Rust_feed