Minor grammar fixes
parent
b582377c8c
commit
1dcc82b86c
|
@ -39,11 +39,11 @@ When designing Onionr we had these main goals in mind:
|
|||
|
||||
At its core, Onionr is merely a description for storing data in self-verifying packages ("blocks"). These blocks can be encrypted to a user (or for one's self), encrypted symmetrically, or not at all. Blocks can be signed by their creator, but regardless, they are self-verifying due to being identified by a sha3-256 hash value; once a block is created, it cannot be modified.
|
||||
|
||||
Onionr exchanges a list of blocks between all nodes. By default, all nodes download and share all other blocks, however this is configurable. Blocks do not rely on any particular order of receipt or transport mechanism.
|
||||
Onionr exchanges a list of blocks between all nodes. By default, all nodes download and share all other blocks, however, this is configurable. Blocks do not rely on any particular order of receipt or transport mechanism.
|
||||
|
||||
## User IDs
|
||||
|
||||
User IDs are simply Ed25519 public keys. They are represented in Base32 format, or encoded using the [PGP Word List](https://en.wikipedia.org/wiki/PGP_word_list).
|
||||
User IDs are simply Ed25519 public keys. They are represented in Base32 format or encoded using the [PGP Word List](https://en.wikipedia.org/wiki/PGP_word_list).
|
||||
|
||||
Public keys can be generated deterministically with a password using a key derivation function (Argon2id). This password can be shared between many users in order to share data anonymously among a group, using only 1 password. This is useful in some cases, but is risky, as if one user causes the key to be compromised and does not notify the group or revoke the key, there is no way to know.
|
||||
|
||||
|
@ -53,7 +53,7 @@ Although Onionr is transport agnostic, the only supported transports in the refe
|
|||
|
||||
### Node Profiling
|
||||
|
||||
To mitigate maliciously slow or unreliable nodes, Onionr builds a profile on nodes it connects to. Nodes are assigned a score, which raises based on the amount of successful block transfers, speed, and reliability of a node, and reduces the score based on how unreliable a node is. If a node is unreachable for over 24 hours after contact, it is forgotten. Onionr can also prioritize connection to 'friend' nodes.
|
||||
To mitigate maliciously slow or unreliable nodes, Onionr builds a profile on nodes it connects to. Nodes are assigned a score, which raises based on the number of successful block transfers, speed, and reliability of a node, and reduces the score based on how unreliable a node is. If a node is unreachable for over 24 hours after contact, it is forgotten. Onionr can also prioritize connections to 'friend' nodes.
|
||||
|
||||
## Block Format
|
||||
|
||||
|
@ -65,7 +65,7 @@ Optionally, a random token can be inserted into the metadata for use in Proof of
|
|||
|
||||
### Block Encryption
|
||||
|
||||
For encryption, Onionr uses ephemeral Curve25519 keys for key exchange and XSalsa20-Poly1305 as a symmetric cipher, or optionally using only XSalsa20-Poly1305 with a pre-shared key.
|
||||
For encryption, Onionr uses ephemeral Curve25519 keys for key exchange and XSalsa20-Poly1305 as a symmetric cipher or optionally using only XSalsa20-Poly1305 with a pre-shared key.
|
||||
|
||||
Regardless of encryption, blocks can be signed internally using Ed25519.
|
||||
|
||||
|
@ -91,7 +91,7 @@ In addition, randomness beacons such as the one operated by [NIST](https://beaco
|
|||
|
||||
# Direct Connections
|
||||
|
||||
We propose a method of using Onionr's block sync system to enable direct connections between peers by having one peer request to connect to another using the peer's public key. Since the request is within a standard block, proof of work must be used to request connection. If the requested peer is available and wishes to accept the connection, Onionr will generate a temporary .onion address for the other peer to connect to. Alternatively, a reverse connection may be formed, which is faster to establish but requires a message brokering system instead of a standard socket.
|
||||
We propose a method of using Onionr's block sync system to enable direct connections between peers by having one peer request to connect to another using the peer's public key. Since the request is within a standard block, proof of work must be used to request a connection. If the requested peer is available and wishes to accept the connection, Onionr will generate a temporary .onion address for the other peer to connect to. Alternatively, a reverse connection may be formed, which is faster to establish but requires a message brokering system instead of a standard socket.
|
||||
|
||||
The benefits of such a system are increased privacy, and the ability to anonymously communicate from multiple devices at once. In a traditional onion service, one's online status can be monitored and more easily correlated.
|
||||
|
||||
|
@ -119,7 +119,9 @@ We seek to protect the following information:
|
|||
* Physical location/IP address of nodes on the network
|
||||
* All block data from tampering
|
||||
|
||||
### Data we cannot or do not protect
|
||||
### Unprotected Data
|
||||
|
||||
Onionr does not protect the following:
|
||||
|
||||
* Data specifically inserted as plaintext is available to the public
|
||||
* The public key of signed plaintext blocks
|
||||
|
@ -133,7 +135,7 @@ We assume that Tor onion services (v3) and I2P services cannot be trivially dean
|
|||
|
||||
Once quantum safe algorithms are more mature and have decent high level libraries, they will be deployed.
|
||||
|
||||
# Comparisons to other P2P software
|
||||
# P2P Software Comparison
|
||||
|
||||
Since Onionr is far from the first to implement many of these ideas (on their own), this section compares Onionr to other networks, using points we consider to be the most important.
|
||||
|
||||
|
|
Loading…
Reference in New Issue