(Hyper)Golix: end-to-end encryption for the internet of things via /r/netsec

I’ve been incredibly frustrated with how much of an absolute catastrophe IoT and home automation is when it comes to security and privacy. It’s also a huge pain in the ass to do at all — imagine trying to get your laptop, in a coffee shop, to talk directly to your desktop at home, without using an always-on intermediary like remote desktop. Even something as simple as LAN fallback when your internet connection goes down is ridiculously hard, and totally out of the question if you’re using most of the existing commercial IoT platforms. I started working on a solution to that several months ago and I’m finally at a point where I can publicly demo it.

The project has two parts:

1. The Golix protocol, which handles all of the crypto, at something approximating OSI layer 5
2. The Hypergolix service, which exposes a heavily automated API to the Golix protocol for app development.

I’d love to hear feedback from /r/netsec on this project. It’s not yet meant to be production-ready, and I’m initially only targeting hobbyist communities (like the Raspberry Pi), until we have a more robust security audit.

Some more links:

• OpenCollective for monetary support (also backers will have access to a private pre-alpha)
• Security whitepaper within the doc-golix repo linked above
• Extremely early Python protocol implementation
• Mailing list and website
• Full Hypergolix source code