Dashboard Log In Sign Up
Home/Documentation/Guides/Security

Security Best Practices

Practical guidance for building secure P2P applications with LiteP2P. Use this alongside your app’s authentication and authorization model.

Start with a threat model

Assume the network is hostile: peers can be malicious, messages can be replayed, and metadata can be spoofed. Security is an application responsibility.

1) Encrypt transport + payload

  • Enable transport encryption via PeerConfig where supported.
  • For high assurance, add application-level payload encryption (end-to-end) on top of transport encryption.

2) Authenticate peers

  • Never treat a peerId as an authenticated identity.
  • Use signed tokens (JWT, mTLS, or signed challenges) and validate them before trusting a peer.
  • Rotate credentials and implement revocation for compromised devices.

3) Authorize every action

  • Gate sensitive actions (file send, admin ops, data reads) behind explicit authorization checks.
  • Use allowlists/denylists for high-risk environments.

4) Validate and bound input

  • Apply size limits per message and per channel.
  • Parse defensively; handle unknown versions gracefully.
  • Use structured message formats with explicit schemas.

5) Abuse prevention

  • Rate limit: connection attempts, message sends, and file offers.
  • Backoff on repeated failures and consider temporary bans.
  • Log with correlation IDs (see SendResult traceId).