every-channel/every.channel
1
0
Fork 0
Code Releases Activity Actions 2
every.channel/evolution/proposals/ECP-0032-split-source-moq-mesh.md
every.channel 897e556bea
every.channel: sanitized baseline
2026-02-15 16:17:27 -05:00

2.3 KiB
Raw Blame History

ECP-0032: Split-Source MoQ Mesh (Manifests vs Objects)

Goal

Prove that an every.channel stream can be served by multiple uncoordinated nodes without turning the system into a single dump-pipe.

Minimum useful split:

  • One node acts as a leader/signer: publishes signed manifests (and optionally nothing else).
  • One or more nodes act as availability relays: publish chunk objects only.
  • A subscriber can fetch manifests from one peer and objects from another, enforcing manifest verification before accepting data.

This is a stepping stone to broader swarming and anti-junk mechanics (ECP-0022).

Non-Goals

  • Full multi-source reconciliation between two independently captured live antennas.
  • DHT routing, relay selection, or peer scoring.
  • Byzantine consensus on manifests.

Design

CLI surface

ec-node moq-publish gains:

  • --publish-chunks=[true|false] (default true): allow “manifests-only” publishers.
  • --startup-delay-ms <ms> (optional): test helper to delay ingest until subscribers connect.

ec-node moq-subscribe gains:

  • --remote-manifests <EndpointAddr> (optional): fetch manifests from a different peer than objects.

Semantics

  • The subscriber enforces --require-manifest as before, but manifest lookup comes from --remote-manifests when provided.
  • Manifests remain the authority for object acceptance (hash match and/or Merkle proof).
  • Objects remain encrypted per stream id (no change).

E2E Test

Add an ignored integration test that:

  1. Captures a short TS recording from a real HDHomeRun (duration query).
  2. Starts two publishers over the same broadcast:
    • publisher A: --publish-manifests --publish-chunks=false (leader/signer)
    • publisher B: --publish-chunks=true (objects only)
  3. Starts one subscriber using:
    • --remote pointing at publisher B
    • --remote-manifests pointing at publisher A
    • --subscribe-manifests --require-manifest
  4. Asserts that HLS output is produced and the process exits via --stop-after.

This verifies split-source compatibility and the “no manifests, no data” invariant in a multi-peer setting.

Rollout

  • Land CLI flags and the ignored E2E test.
  • Document running the E2E in docs/USAGE.md.
  • Future: extend to true multi-source live capture by aligning epochs and negotiating canonical chunk boundaries.