Axon Mesh

Tech Stack: Go, HTMX
Link: View Live Project →
Main project screenshot

The Goal

Axon is a strictly Peer-to-Peer (P2P) messaging platform designed to exist exclusively within the Tor network.

Most "decentralized" applications actually rely on centralized "bootstrap" or "seed" servers to help nodes find each other (NAT traversal, IP discovery). If those servers go down, the network halts.

Axon is different. It is the first P2P project I have built that completely removes the need for a bootstrap server. By leveraging Tor Hidden Services, every node becomes a self-contained server with a static, routable identity (the .onion address) that requires no port forwarding and no central directory.

How It Works: Friend-to-Friend (F2F)

Axon operates on a Friend-to-Friend model. Unlike a public blockchain or a global chat room, the graph is built on explicit trust.

Identity: Your identity is your cryptographic key pair, represented by your .onion address.

Connection: You manually exchange addresses with a friend (out-of-band).

Discovery: Once connected, the application uses a gossip protocol to share routing information about

mutual peers, building a "Trust Trail" topology map.

Because the entire network traffic stays inside the Tor Darknet, metadata is obfuscated, and location is hidden by design.

Technical Challenges & Solutions

  1. The "Zero-Config" Bootstrap

The biggest engineering hurdle was removing the seed server. I achieved this by embedding the Tor binary directly into the application (using the cretz/bine library).

On Startup: The app spins up a Tor instance and generates an ephemeral Hidden Service.

The Result: Two friends can connect even if both are behind strict corporate firewalls or CGNAT,

with zero router configuration required.

  1. "Split-Brain" HTTP Architecture

Running a web server on a public onion address presents a massive security risk: if the admin UI is exposed, the node is compromised.

I implemented a strict Dual-Mux system to solve this:

Public Mux (Tor): Exposes only the encrypted API endpoints for receiving messages and gossip

(/api/chat/recv). This is the only thing the world sees.

Private Mux (Localhost): Exposes the HTMX administrative interface and unencrypted local state.

This is bound strictly to 127.0.0.1.

The Result

Axon represents a successful experiment in absolute data ownership. It is an encrypted chat service that exists only between you and your friends, with no third party—not even a bootstrap node—capable of interfering.

Like What You See?

I'm available for similar projects. Let's discuss how I can help you achieve your goals.

View My Services