The TL;DR is that iroh is a library and an architectural pattern to establish peer-to-peer QUIC connections between machines, even if they are behind routers (NAT gateways). It's not a replacement for WireGuard, HTTPS or BitTorrent, instead, it's a building block that you can use to build applications on top of it, but you need to bring your own application protocol and business logic. It's just a very dumb, very reliable pipe between 2 machines anywhere in the world.

Instead of building over UDP, the project builds over QUIC (that is over UDP).

Concepts:

• Endpoint: base unit of iroh. Two endpoints can establish a connection.
• Address: instead of IP addresses, endpoints have addresses that are Ed25519 signing keys.
• Connection: a QUIC connection between 2 endpoints. The connection use QUIC multipath extension, so the connection can flow through multiple pyssical paths.
• Relays: help endpoints punch holes through NATs and relay traffic when it's not possible. They allow to be internet-reachable. The default is the public relays provided by the N0 company, but a relay can be hosted and use privately.
• Discovery / Lookup: through DNS and pkarr signed packets to map an Ed25519 key to IP addresses.
• Transport: over UDP and QUIC handles the reliability and encryption. The transport can be carried over Bluetooth, Tor, radio or serial.
• protocol: application level communication (advertised in TLS' ALPN field of QUIC). A few are provided by iroh's team such as Blobs, RPC, HTTP/3

A perfect timing because:

• there is a growing sentiment against big tech and the US era of cooperation's end. Thus some are turning to build open and decentralized solutions.
• the invasion of Ukraine and industrial advances in China have revealed to the world the incredible leverage offered by cheap drones and robots. There is an area of semi-autonomous machines that need to communicate over heterogenous physical networks (radio, satellite, Wifi, ...) which is completely different that the traditional everything-over-internet (IP) model.

Current limitations of Iroh:

• rebrand to "P2P made easy" instead of "IP addresses break, dial keys instead"
• less bloated public API
• easier integration with application-layer protocols (plug-and-play HTTP/3)
• advanced routing and relay-to-relay communication.