every-channel/every.channel
1
0
Fork 0
Code Releases Activity Actions 2
every.channel/evolution/proposals/ECP-0032-split-source-moq-mesh.md
every.channel 897e556bea
every.channel: sanitized baseline
2026-02-15 16:17:27 -05:00

56 lines
2.3 KiB
Markdown
Raw Blame History

# ECP-0032: Split-Source MoQ Mesh (Manifests vs Objects)
## Goal
Prove that an every.channel stream can be served by multiple uncoordinated nodes without turning the system into a single dump-pipe.
Minimum useful split:
- One node acts as a leader/signer: publishes signed manifests (and optionally nothing else).
- One or more nodes act as availability relays: publish chunk objects only.
- A subscriber can fetch manifests from one peer and objects from another, enforcing manifest verification before accepting data.
This is a stepping stone to broader swarming and anti-junk mechanics (ECP-0022).
## Non-Goals
- Full multi-source reconciliation between two independently captured live antennas.
- DHT routing, relay selection, or peer scoring.
- Byzantine consensus on manifests.
## Design
### CLI surface
`ec-node moq-publish` gains:
- `--publish-chunks=[true|false]` (default `true`): allow “manifests-only” publishers.
- `--startup-delay-ms <ms>` (optional): test helper to delay ingest until subscribers connect.
`ec-node moq-subscribe` gains:
- `--remote-manifests <EndpointAddr>` (optional): fetch manifests from a different peer than objects.
### Semantics
- The subscriber enforces `--require-manifest` as before, but manifest lookup comes from `--remote-manifests` when provided.
- Manifests remain the authority for object acceptance (hash match and/or Merkle proof).
- Objects remain encrypted per stream id (no change).
### E2E Test
Add an ignored integration test that:
1. Captures a short TS recording from a real HDHomeRun (duration query).
2. Starts two publishers over the same broadcast:
- publisher A: `--publish-manifests --publish-chunks=false` (leader/signer)
- publisher B: `--publish-chunks=true` (objects only)
3. Starts one subscriber using:
- `--remote` pointing at publisher B
- `--remote-manifests` pointing at publisher A
- `--subscribe-manifests --require-manifest`
4. Asserts that HLS output is produced and the process exits via `--stop-after`.
This verifies split-source compatibility and the “no manifests, no data” invariant in a multi-peer setting.
## Rollout
- Land CLI flags and the ignored E2E test.
- Document running the E2E in `docs/USAGE.md`.
- Future: extend to true multi-source live capture by aligning epochs and negotiating canonical chunk boundaries.
View git blame Copy permalink