Generated protocols
Deterministic profile generation for first contact, FSM paths, framing, semantic mapping, and probing behavior.
Protocol compiler for adversarial networks
Kurdistan generates profile-specific relay transport implementations with generated state machines, framing, scheduling, padding, probing behavior, multi-stream semantics, source-code backends, adversarial audits, mutation testing, and regression gates.
Kurdistan is a censorship resistance and anti-censorship networking research project focused on polymorphic relay transport generation.
Instead of defining one stable relay transport protocol, Kurdistan compiles private transport profiles. A profile controls first contact, state transitions, wire grammar, semantic mapping, scheduling, padding, probing behavior, stream lifecycle, and error handling.
The current system includes both an interpreted runtime and a generated source backend. That makes it possible to compare shared-runtime behavior against profile-specific Go modules while preserving payload-free traces for analysis.
Fixed protocol families can accumulate recognizable fingerprints. Kurdistan studies protocol fingerprint diversity as a compiler problem.
The long-term motivation is resilient communication in adversarial networks and censored environments, including heavily filtered countries such as Iran. Kurdistan is built for censorship-resistant networking research, pluggable transport research, traffic analysis resistance research, and controlled experiments around internet censorship.
Compiler, runtime, source generation, and audit layers designed to make protocol collapse visible.
Deterministic profile generation for first contact, FSM paths, framing, semantic mapping, and probing behavior.
Profile-specific frame grammar choices for length modes, type modes, fragmentation, padding placement, and limits.
Generated scheduler policies, padding strategies, invalid-input behavior, and malformed-frame responses.
Stream IDs, flow-control windows, close/reset behavior, backpressure, and priority scheduling.
kgen emits profile-specific Go modules with generated constants, tables, tests, and trace tools.
Black-box clustering, mutation testing, fixed-signature gates, stream collapse scanning, and regression reports.
Role validation, lifecycle transitions, compatibility negotiation, secure channel setup, in-memory links, and safe traces.
Bounded ingress/egress contracts, flow lifecycle, capability checks, runtime mapping, backpressure, and safe summaries.
Memory ingress/egress adapters, deterministic source and sink models, runtime integration, sequence checks, and safe traces.
Deterministic byte frames, fragmentation, bounded local pipe, sequence integrity, corruption rejection, and payload-free traces.
Golden byte-path summaries, malformed byte corpus metadata, fixture drift gates, and generated/interpreted parity checks.
Abstract protocol-feature corpus, first-N packet-shape model, safe feature vectors, corpus comparison, and collapse gates.
Deterministic policy sampling, profile integration, bytepath application, expected feature matching, and fixture baselines.
Payload-free CSV/JSONL exports, deterministic splits, synthetic controls, drift checks, and classifier-readiness reports.
Synthetic host observations, timeline windows, confidence scoring, resistance metrics, collapse controls, and fixture drift gates.
Synthetic relay states, profile assignment, churn schedules, migration events, burn-risk scoring, collapse controls, and fixture drift gates.
Invariant registry, API misuse tests, panic-safety wrappers, resource bounds, trace hygiene, generated parity, and readiness checks.
A compiler-centered proxy transport architecture with generated transports as the core research layer.
The next workstream moves Kurdistan from deterministic ingress prototypes toward adaptive runtime modeling.
Protocol generation as a path toward stronger relay transport diversity.
Start with the README and audit snapshot, then review the latest KIPs.
Kurdistan uses separate licenses for source code and documentation.
GNU Affero General Public License v3.0 or later (AGPL-3.0-or-later).
Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0).
Copyright 2026 Saro. Preserve copyright and license notices when using or modifying the project.
The current implementation centers on generated profiles, source-code backends, multi-stream semantics, proxy-semantics modeling, carrier abstraction, security prerequisites, runtime session architecture, implementation hardening, adapter interface contracts, a deterministic local adapter prototype, a deterministic byte transport harness, byte-path fixture freeze, protocol-feature corpus, wire-shape baselines, the wire-shape generator prototype, wire evaluation datasets, host-based detection resistance, relay fleet lifecycle modeling, concrete local proxy ingress design review, deterministic local proxy ingress prototyping, proxy ingress adversarial hardening, adaptive path modeling, and adversarial audits. The next roadmap phase is generated transport bundle compilation, followed by path racing and short-lived scoring.