Configure dig-node
Configure a dig-node: listen ports and listeners, the cache cap, and the upstream the node blind-fetches from — via config and DIGNODE_* environment variables.
Configure a dig-node: listen ports and listeners, the cache cap, and the upstream the node blind-fetches from — via config and DIGNODE_* environment variables.
Ouvrez du contenu chia:// que votre propre navigateur vérifie par rapport à la blockchain — aucun hébergeur ne peut l'altérer ou le falsifier, le contenu privé reste privé vis-à-vis de l'hébergeur, et c'est permanent et ré-hébergeable partout, donc personne ne peut le faire tomber ou vous enfermer.
The cross-platform dig-node installer for Windows, macOS, and any Linux: one curl | sh (or a direct download), installs the service and the digstore CLI, and registers dig.local.
Install dig-node and the digstore CLI on Ubuntu/Debian from the apt.dig.net repository, and run dig-node as a managed systemd service.
The normative node↔node protocol: mTLS peer identity (peer_id = SHA-256(TLS SPKI DER)), the two RPC tiers (mTLS-authenticated PEER/CONTROL vs anonymous PUBLIC-READ so browsers can retrieve content), the ordered NAT-traversal ladder (direct → UPnP → NAT-PMP → PCP → relay-coordinated hole-punch (signalling only) → relayed/TURN transport), the relay's four roles (STUN, introducer, hole-punch signalling, relayed transport), STUN reflexive-address discovery, introducer + gossip peer discovery, PEX peer-exchange (node↔node stream + the RLY-008 relay introducer binding), the Kademlia DHT with provider records that locate which peers hold content (find_node/find_providers/add_provider/ping over a framed dig-nat mTLS stream; content-key = SHA-256(domain-tag ‖ store_id[‖root[‖retrieval_key]])), the relay RelayMessage wire (RLY-001..RLY-008), the peer RPC methods (dig.getPeers/dig.announce/dig.getNetworkInfo/dig.getAvailability/dig.listInventory/dig.fetchRange), and the relay-last-fallback invariant (prefer hole-punch signalling over full relaying).
The normative privacy-mode content-retrieval protocol: the per-request speed-vs-privacy toggle on the dig RPC surface, how a private read is onion-routed end-to-end (requester → guard/entry → middle → exit → providers → back) with a who-knows-what table, telescoping circuit construction over dig-nat mTLS (ntor X25519 + HKDF-SHA256 handshake, fixed-size 512-byte ChaCha20-Poly1305 layered cells, the RELAY command set), the onion-relay directory (dig-dht tag 0x04) and relay advertisement, guard nodes, the exit reusing the ordinary merkle-verified content read, and the honest threat model (partial-adversary unlinkability, stronger than Tor on exit integrity, weaker on anonymity-set size and Sybil cost).
Operate a running dig-node: the control.* admin RPCs (status, cache, peers) and the DIG Browser's My Node UI that drives them.
Make the DIG Browser or extension read from your local dig-node first (dig.local → localhost), falling back to rpc.dig.net — local-first reads that share one .dig cache.
Ce qu'est un dig-node, pourquoi en faire tourner un, et comment l'installer — le dépôt apt pour Ubuntu/Debian ou l'installateur universel multiplateforme.
How a DIG node stays reachable behind NAT through a relay, the relay.dig.net default, and how to run your own relay.