# Overview

KayakNet is built as a layered system, with each layer providing specific functionality.

## High-Level Architecture

```
┌─────────────────────────────────────────────────────────────┐
│                    User Applications                         │
│            (Browser, CLI, Android App)                       │
├─────────────────────────────────────────────────────────────┤
│                      HTTP/SOCKS Proxy                        │
├──────────────┬──────────────┬──────────────┬────────────────┤
│     Chat     │  Marketplace │   Domains    │    Escrow      │
├──────────────┴──────────────┴──────────────┴────────────────┤
│                       PubSub Layer                           │
├─────────────────────────────────────────────────────────────┤
│                    Onion Routing Layer                       │
├─────────────────────────────────────────────────────────────┤
│                  DHT & Peer Discovery                        │
├─────────────────────────────────────────────────────────────┤
│                   Security Layer                             │
│        (PoW, Rate Limiting, Peer Scoring)                    │
├─────────────────────────────────────────────────────────────┤
│                   Transport Layer                            │
│              (TCP/QUIC with TLS 1.3)                         │
└─────────────────────────────────────────────────────────────┘
```

## Core Components

### 1. Transport Layer

* Encrypted connections between peers
* Support for TCP and QUIC protocols
* TLS 1.3 with certificate pinning

### 2. Security Layer

* Proof-of-Work for Sybil resistance
* Rate limiting to prevent abuse
* Peer scoring and ban lists
* Nonce tracking for replay protection

### 3. DHT (Distributed Hash Table)

* Kademlia-based peer discovery
* Decentralized data storage
* Self-healing network topology

### 4. Onion Routing

* 3-hop encrypted circuits
* Traffic analysis resistance
* Padding and timing obfuscation

### 5. PubSub Layer

* Topic-based message routing
* Efficient multicast delivery
* Message deduplication

### 6. Application Services

* **Chat:** E2E encrypted messaging
* **Marketplace:** Listings and orders
* **Domains:** .kyk naming system
* **Escrow:** Cryptocurrency payments

## Data Flow

### Sending a Message

```
1. User sends message
         ↓
2. Application encrypts (E2E)
         ↓
3. PubSub wraps message
         ↓
4. Onion router creates circuit
         ↓
5. Message sent through 3 hops
         ↓
6. Recipient's node receives
         ↓
7. Unwrap and decrypt
         ↓
8. Deliver to recipient
```

### Network Discovery

```
1. Node starts
         ↓
2. Connect to bootstrap
         ↓
3. Solve PoW challenge
         ↓
4. Join DHT network
         ↓
5. Discover peers via DHT
         ↓
6. Establish direct connections
         ↓
7. Begin routing traffic
```

## Key Design Decisions

### Why Go?

* Single binary deployment
* Cross-platform compilation
* Excellent concurrency model
* Strong standard library

### Why Not Tor?

* Full control over privacy features
* Integrated services (chat, marketplace)
* Simpler deployment
* Custom traffic analysis resistance

### Why Monero/Zcash?

* Privacy by default
* Shielded transactions
* No blockchain analysis possible
* Community trust

## Component Interaction

```
┌──────────┐     ┌──────────┐     ┌──────────┐
│  Node A  │────▶│  Node B  │────▶│  Node C  │
└──────────┘     └──────────┘     └──────────┘
     │                │                │
     └────────────────┼────────────────┘
                      │
              ┌───────▼───────┐
              │   Bootstrap   │
              │     Node      │
              └───────────────┘
```

## Persistence

All data is persisted locally:

* Identity keys (never leave device)
* Chat history (encrypted)
* Marketplace data
* Escrow records
* Domain registrations

## Scalability

* **Horizontal:** Add more nodes
* **Vertical:** Increase per-node capacity
* **DHT:** Scales logarithmically with nodes
* **PubSub:** Efficient multicast reduces load