nazar-pc
commented
3 weeks ago While it seems that litep2p is here to stay for better or worse, it is at least possible to configure transports with https://github.com/paritytech/litep2p/pull/192 that should ideally be ported over here as well so we can simply not enable protocols we are not interested in downstream.
bkchr
litep2p causes multiple issues downstream for us at Subspace. Older release brought vulnerable ed25519-dalek version that we had to suppress in cargo audit, now I noticed it pulls a large number of extra dependencies, including OpenSSL that I was trying to avoid all this time and was pretty successful at it.
The fact that it it enabled by default and not possible to disable is very undesirable, please consider making it an option just like it is possible to disable RocksDB right now for databases.