NebulaFS is a decentralized, encrypted, peer-to-peer file storage system written in Go. It splits files into encrypted chunks, distributes them across a network of nodes using a Kademlia-based Distributed Hash Table (DHT), and allows for secure retrieval.
- Decentralized: No central server; nodes form a mesh network.
- Encrypted: All data is encrypted with AES-256 before leaving your machine.
- Content Addressed: Files and chunks are identified by their SHA-1 hash.
- Distributed: File chunks are replicated to the closest peers in the network.
- Resilient: Automatic peer discovery and routing via Kademlia DHT.
- Simple CLI: Easy-to-use command line interface.
Requirements: Go 1.25+
# Clone the repository
git clone https://github.com/tanmaydeobhankar/nebulafs.git
cd nebulafs
# Build the binary
go build -o nebulafs ./cmd/nebulafsStart the first node in your network (the "lighthouse").
./nebulafs start --port 3000Start other nodes by bootstrapping to the first one.
./nebulafs start --port 4000 --bootstrap :3000Upload a file to the network. This will split, encrypt, and distribute chunks to peers.
# Upload a file using a temporary node on port 5001
./nebulafs upload --file ./my-secret-doc.pdf --bootstrap :3000 --port 5001Output will save a .meta.json file and provide an Encryption Key.
Retrieve a file using its metadata and key.
./nebulafs download \
--meta my-secret-doc.pdf.meta.json \
--key <YOUR_ENCRYPTION_KEY> \
--out recovered-doc.pdf \
--bootstrap :3000- Identity: Authenticated encryption keys & Node IDs.
- DHT: Kademlia implementation for peer discovery and routing (
XORmetric). - Storage: Content-Addressable Storage (CAS) with local disk persistence.
- Transport: Custom P2P protocol over WebSockets.
- Files:
- Chunking: Fixed-size 1MB chunks.
- Encryption: AES-256-GCM.
- Reassembly: Verifies hash integrity on download.