Onionr/docs/onionr-draft.md

# Onionr Protocol Spec v2

A P2P platform for Tor & I2P

# Overview

Onionr is an encrypted microblogging & mailing system designed in the spirit of Twitter.
There are no central servers and all traffic is peer to peer by default (routed via Tor or I2P).
User IDs are simply Tor onion service/I2P host id + Ed25519 key fingerprint.
Private blocks are only able to be read by the intended peer.
All traffic is over Tor/I2P, connecting only to Tor onion and I2P hidden services.

## Goals:
    • Selective sharing of information
    • Secure & semi-anonymous direct messaging
    • Forward secrecy
    • Defense in depth
    • Data should be secure for years to come
    • Decentralization
    * Avoid browser-based exploits that plague similar software
    * Avoid timing attacks & unexpected metadata leaks

## Protocol

Onionr nodes use HTTP (over Tor/I2P) to exchange keys, metadata, and blocks. Blocks are identified by their sha3_256 hash. Nodes sync a table of blocks hashes and attempt to download blocks they do not yet have from random peers.

Blocks may be encrypted using Curve25519.

## Connections

When a node first comes online, it attempts to bootstrap using a default list provided by a client.
When two peers connect, they exchange Ed25519 keys (if applicable) then Salsa20 keys.

Salsa20 keys are regenerated either every X many communications with a peer or every X minutes. 

Every 100kb or every 2 hours is a recommended default.

All valid requests with HMAC should be recorded until used HMAC's expiry to prevent replay attacks.
Peer Types
    * Friends:
        * Encrypted ‘friends only’ posts to one another
        * Usually less strict rate & storage limits
    * Strangers:
        * Used for storage of encrypted or public information
        * Can only read public posts
        * Usually stricter rate & storage limits

## Spam mitigation

To send or receive data, a node can optionally request that the other node generate a hash that when in hexadecimal representation contains a random string at a random location in the string. Clients will configure what difficulty to request, and what difficulty is acceptable for themselves to perform. Difficulty should correlate with recent network & disk usage and data size. Friends can be configured to have less strict (to non existent) limits, separately from strangers. (proof of work).
Rate limits can be strict, as Onionr is not intended to be an instant messaging application.
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								# Onionr Protocol Spec v2
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								A P2P platform for Tor & I2P
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
 								# Overview
 								Onionr is an encrypted microblogging & mailing system designed in the spirit of Twitter.
 								There are no central servers and all traffic is peer to peer by default (routed via Tor or I2P).
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								User IDs are simply Tor onion service/I2P host id + Ed25519 key fingerprint.
 								Private blocks are only able to be read by the intended peer.
 								All traffic is over Tor/I2P, connecting only to Tor onion and I2P hidden services.
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
+								## Goals:
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								    • Selective sharing of information
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
+								    • Secure & semi-anonymous direct messaging
 								    • Forward secrecy
 								    • Defense in depth
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								    • Data should be secure for years to come
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
+								    • Decentralization
 								    * Avoid browser-based exploits that plague similar software
 								    * Avoid timing attacks & unexpected metadata leaks
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
+								## Protocol
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
 								Onionr nodes use HTTP (over Tor/I2P) to exchange keys, metadata, and blocks. Blocks are identified by their sha3_256 hash. Nodes sync a table of blocks hashes and attempt to download blocks they do not yet have from random peers.
-												fixed message spam, rewrote draft, work on crypto

											
										
										
											2018-02-21 02:44:56 +00:00
+								Blocks may be encrypted using Curve25519.
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
+								## Connections
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								When a node first comes online, it attempts to bootstrap using a default list provided by a client.
 								When two peers connect, they exchange Ed25519 keys (if applicable) then Salsa20 keys.
-												edited spec, added hmac generation function + test

											
										
										
											2018-01-17 23:37:53 +00:00
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								Salsa20 keys are regenerated either every X many communications with a peer or every X minutes.
-												edited spec, added hmac generation function + test

											
										
										
											2018-01-17 23:37:53 +00:00
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								Every 100kb or every 2 hours is a recommended default.
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								All valid requests with HMAC should be recorded until used HMAC's expiry to prevent replay attacks.
 								Peer Types
 								    * Friends:
 								        * Encrypted ‘friends only’ posts to one another
 								        * Usually less strict rate & storage limits
 								    * Strangers:
 								        * Used for storage of encrypted or public information
 								        * Can only read public posts
 								        * Usually stricter rate & storage limits
-												edited spec, added hmac generation function + test

											
										
										
											2018-01-17 23:37:53 +00:00
-												work on adding peers, improving docs, and minor bug fixes

											
										
										
											2018-01-14 00:07:13 +00:00
+								## Spam mitigation
 								To send or receive data, a node can optionally request that the other node generate a hash that when in hexadecimal representation contains a random string at a random location in the string. Clients will configure what difficulty to request, and what difficulty is acceptable for themselves to perform. Difficulty should correlate with recent network & disk usage and data size. Friends can be configured to have less strict (to non existent) limits, separately from strangers. (proof of work).
-												removed PGP

											
										
										
											2018-02-16 04:31:30 +00:00
+								Rate limits can be strict, as Onionr is not intended to be an instant messaging application.