onionr/docs/onionr-draft.md

51 lines
2.4 KiB
Markdown
Raw Normal View History

2018-02-16 04:31:30 +00:00
# Onionr Protocol Spec v2
2018-02-16 04:31:30 +00:00
A P2P platform for Tor & I2P
# Overview
Onionr is an encrypted microblogging & mailing system designed in the spirit of Twitter.
There are no central servers and all traffic is peer to peer by default (routed via Tor or I2P).
2018-02-16 04:31:30 +00:00
User IDs are simply Tor onion service/I2P host id + Ed25519 key fingerprint.
Private blocks are only able to be read by the intended peer.
All traffic is over Tor/I2P, connecting only to Tor onion and I2P hidden services.
## Goals:
2018-02-16 04:31:30 +00:00
• Selective sharing of information
• Secure & semi-anonymous direct messaging
• Forward secrecy
• Defense in depth
2018-02-16 04:31:30 +00:00
• Data should be secure for years to come
• Decentralization
* Avoid browser-based exploits that plague similar software
* Avoid timing attacks & unexpected metadata leaks
2018-02-16 04:31:30 +00:00
## Protocol
2018-02-16 04:31:30 +00:00
Onionr nodes use HTTP (over Tor/I2P) to exchange keys, metadata, and blocks. Blocks are identified by their sha3_256 hash. Nodes sync a table of blocks hashes and attempt to download blocks they do not yet have from random peers.
Blocks may be encrypted using Curve25519.
## Connections
2018-02-16 04:31:30 +00:00
When a node first comes online, it attempts to bootstrap using a default list provided by a client.
When two peers connect, they exchange Ed25519 keys (if applicable) then Salsa20 keys.
2018-02-16 04:31:30 +00:00
Salsa20 keys are regenerated either every X many communications with a peer or every X minutes.
2018-02-16 04:31:30 +00:00
Every 100kb or every 2 hours is a recommended default.
2018-02-16 04:31:30 +00:00
All valid requests with HMAC should be recorded until used HMAC's expiry to prevent replay attacks.
Peer Types
* Friends:
* Encrypted friends only posts to one another
* Usually less strict rate & storage limits
* Strangers:
* Used for storage of encrypted or public information
* Can only read public posts
* Usually stricter rate & storage limits
## Spam mitigation
To send or receive data, a node can optionally request that the other node generate a hash that when in hexadecimal representation contains a random string at a random location in the string. Clients will configure what difficulty to request, and what difficulty is acceptable for themselves to perform. Difficulty should correlate with recent network & disk usage and data size. Friends can be configured to have less strict (to non existent) limits, separately from strangers. (proof of work).
2018-02-16 04:31:30 +00:00
Rate limits can be strict, as Onionr is not intended to be an instant messaging application.