Update 'README.md'

added papers list dev doc
update runtime result
--- a/.dockerignore
+++ b/.dockerignore
@ -1,4 +1,6 @@
 onionr/data/**/*
 onionr/data
 RUN-WINDOWS.bat
 MY-RUN.sh
 Dockerfile
 .dockerignore
 .git
--- a/.env
+++ b/.env
@ -1 +1 @@
 PYTHONPATH=./venv/bin/python3.8
 PYTHONPATH=./venv/bin/python
--- a/.gitignore
+++ b/.gitignore
@ -13,11 +13,11 @@ src/data/*
 src/data-backup/*
 run.sh
 src/.onionr-lock

 daemon-true.txt
 .vscode/tags
 .vscode/settings.json

 venv/*
 venv*
 src/fs*
 src/tmp/*
 testdata/*
@ -40,3 +40,5 @@ src/data/*.log
 onionr-*.pkg.tar.gz
 pkg/
 spawnnodes.py

 static-data/tor-node-list.dat
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -5,9 +5,44 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

 ## [Unreleased]
 ## [8.0.1] - 2020-12-22

 * Fix subprocess in 3.9x with dumb hack
 * Dependency bumps

 ## [8.0.0] - 2020-12-04

 * Decrease PoW until better implementation is made


 ## [7.2.0] - 2020-12-03

 * Purge blocks not meeting current pow on startup
 * Check block POW before LAN sync
 * WSL fixes

 ## [7.1.0] - 2020-11-23

 * Check for ownership of existing dirs in createdirs, this prevents the rare edge case where a user might use a home directory in a location an attacker could write (allowing arbitrary code execution via plugins). This was already partially mitigated by the chmod of the home directory in any case, but this further fixes the issue.

 ## [7.0.0] - 2020-11-22

 * Removed communicator timers
 * Removed direct connections and chat (these will be either plugins or separate programs/processes in the future)


 ## [5.1.0] - 2020-09-07

 * Moved plugin web files to be in the plugin folder to reduce staticfiles blueprint coupling
 * Added basic sidebar on index page
 * Many bug fixes


 ## [5.0.1] - 2020-08-08

 * bumped deadsimplekv to 0.3.2
 * bumped urllib3 to 1.25.10

 ## [5.0.0] - 2020-07-23

 - Removed single-process POW support (was only needed on Windows)

--- a/+ 19
+++ b/+ 19
@ -1,28 +1,31 @@
 FROM python
 FROM python:3.7
 EXPOSE 8080

 USER root

 RUN mkdir /app
 WORKDIR /app

 #Base settings
 ENV HOME /root
 ENV ONIONR_DOCKER=true

 #Install needed packages
 RUN apt update && apt install -y  tor locales
 RUN apt-get update && apt-get install -y tor locales

 RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
    locale-gen
 ENV LANG en_US.UTF-8  
 ENV LANGUAGE en_US:en  
 ENV LC_ALL en_US.UTF-8  
 ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8

 WORKDIR /srv/
 ADD ./requirements.txt /srv/requirements.txt
 ADD ./requirements.txt /app/requirements.txt
 RUN pip3 install --require-hashes -r requirements.txt

 WORKDIR /root/
 #Add Onionr source
 COPY . /root/
 VOLUME /root/data/
 COPY . /app/

 #Set upstart command
 CMD bash
 VOLUME /app/data/

 #Expose ports
 EXPOSE 8080
 #Default to running as nonprivileged user
 RUN chmod g=u -R /app
 USER 1000
 ENV HOME=/app

 CMD ["bash", "./run-onionr-node.sh"]
--- a/ISSUE_TEMPLATE.md
+++ b/ISSUE_TEMPLATE.md
@ -5,8 +5,9 @@
 # Steps to Reproduce

 # Version Information
 Onionr: 
 OS: 
 Python: 
 Tor: 
 I2P: 

 * Onionr: 
 * OS: 
 * Python: 
 * Tor: 
 * CPU:
--- a/README.md
+++ b/README.md
@ -11,9 +11,9 @@
    Anonymous social platform, mail, file sharing.
 </p>

 <img src='https://img.shields.io/github/license/beardog108/onionr'> <img src='https://gitlab.com/beardog/Onionr/badges/master/build.svg'> <img src='https://img.shields.io/badge/python%20version%20%F0%9F%90%8D-3.7+-blue'> <img src='https://img.shields.io/github/commit-activity/m/beardog108/onionr'>
 <img src='https://img.shields.io/github/license/beardog108/onionr'> <img src="https://img.shields.io/github/repo-size/beardog108/onionr"> <img src='https://img.shields.io/badge/python%20version%20%F0%9F%90%8D-3.7+-blue'> <img src='https://img.shields.io/github/commit-activity/m/beardog108/onionr'>

 <a href='https://www.reddit.com/r/onionr'><img src = 'https://img.shields.io/reddit/subreddit-subscribers/onionr?style=social'></a> <a href='https://twitter.com/onionrnet'><img src='https://img.shields.io/twitter/follow/onionrnet?style=social'></a>
 <a href='https://www.reddit.com/r/onionr'><img src = 'https://img.shields.io/reddit/subreddit-subscribers/onionr?style=social'></a> <a href='https://twitter.com/onionrnet'><img src='https://img.shields.io/twitter/follow/onionrnet?style=social'></a> - [Discord](https://discord.gg/DVF2bEAzrt) - Matrix: #onionr:amorgan.xyz

 |                                      |                            |                            |
 | -----------                          | -----------                | -----------                |
@ -21,7 +21,7 @@
 | [Docs](#documentation)/[web copy](https://beardog108.github.io/onionr/)               | [Get involved](#help-out)  | [Onionr.net](https://onionr.net/)/[.onion](http://onionrbak72t5zhbzuey2fdkpczlvhowgcpqc6uoyrd3uxztzxwz5cyd.onion/)                  |


 <hr>
 ---

 **The main repository for this software is at https://git.VoidNet.tech/kev/onionr/**

@ -30,19 +30,25 @@ Mirrors: [Github](https://github.com/beardog108/onionr), [Gitlab](https://gitlab

 Onionr ("Onion Relay") is a decentralized/distributed peer-to-peer communication network, designed to be anonymous and resistant to (meta)data analysis, spam, and corruption.

 Onionr stores data in independent packages referred to as 'blocks'. The blocks are distributed to all interested nodes. Blocks and user IDs cannot be easily proven to have been created by a particular user. Even if there is enough evidence to believe that a specific user created a block, nodes still operate behind Tor and as such cannot be trivially unmasked. Anonymity is achieved by a stateless network, with no given indication of what node a block originates from. Through message mixing and key privacy, it is intended to be nigh impossible to discover the identity of a message creator or recipient.
 Onionr gives the individual the ability to speak freely, without fear of surveillance and censorship.

 Via long-term traffic analysis, a well funded adversary may discover the most probable node(s) to be creating a set of related blocks, however doing so would only lead them to a node behind Tor. As the first node that a block appears on is almost always not the creator of the block, there is plausible deniability regarding the true creator of the block.
 ---

 Onionr gives the individual the ability to speak freely, without fear of surveillance and censorship.
 Onionr stores data in independent packages referred to as 'blocks'. The blocks are distributed to all nodes interested in their data type. Blocks and user IDs cannot be easily proven to have been created by a particular user. Even if there is enough evidence to believe that a specific user created a block, nodes still operate behind Tor and as such cannot be trivially unmasked. Anonymity is achieved by a stateless network, with no given indication of what node a block originates from. In fact, since one is not required to participate in routing or storage to insert a message, blocks often do not originate from any identifiable node.

 Onionr works primarily via epidemic/gossip style routing, with message delivery taking roughly log<sub>F</sub>(N) cycles where F is the number of nodes to send a message to each cycle and N is the number of connected nodes. So a network of 100 million nodes can deliver messages in a few minutes even with high packet loss and malfunctioning nodes.

 Through message mixing and key privacy, it is intended to be nigh impossible to discover the identity of a message creator or recipient. Via long-term traffic analysis, a well funded adversary may discover the most probable node(s) to be creating a set of related blocks, however doing so would only lead them to a node behind Tor. As the first node that a block appears on is almost always not the creator of the block, there is plausible deniability regarding the true creator of the block.

 Users are identified by ed25519/curve25519 public keys, which can be used to sign blocks or send encrypted data.

 Onionr can be used for mail, as a social network, instant messenger, file sharing software, or for encrypted group discussion.

 Due to the nature of anonymity, the graph as implemented in this reference network is dense, undirected, cyclic and can be disconnected. Since Onionr is technically just a data format, any routing scheme can be used to pass messages.

 The whitepaper is available [here](docs/whitepaper.md).

 ![Tor stinks slide image](docs/tor-stinks-02.png)
 ---

 ## Main Features

@ -57,9 +63,9 @@ Onionr ships with various application plugins ready for use out of the box:

 Currently usable:

 * Mail
 * Public anonymous chat/message board
 * Simple webpage hosting - Will be greatly extended
 * 📨 Mail
 * 💬 Public anonymous chat/message board
 * 📃 Simple webpage hosting - Will be greatly extended
 * File sharing (Work in progress)

 Not yet usable:
@ -67,13 +73,6 @@ Not yet usable:
 * Instant messaging



 ## Watch the talk from BSidesPDX 2019

 <a href="https://invidio.us/watch?v=mrULtmSkKxg">
 <img src="docs/talk.png" alt="improving anonymous networking talk link" width="600">
 </a>

 # Screenshots

 <img alt='Node statistics page screenshot' src='docs/onionr-1.png' width=600>
@ -92,19 +91,22 @@ Encrypted, metadata-masking mail application. One of the first distributed mail

 More docs coming soon.

 * [Block specification](docs/specs/block-spec.md)
 * [HTTP API](docs/http-api.md)
 * [Block specification](docs/dev/specs/block-spec.md)
 * [HTTP API](docs/dev/http-api.md)

 # Install and Run on Linux

 The following applies to Ubuntu Bionic. Other distros may have different package or command names.
 The following applies to Ubuntu Bionic. Other distributions may have different package or command names.

 Master may be unstable, you should use the latest release tag. (checkout via git: `$ git checkout release-latest`)

 `$ sudo apt install python3-pip python3-dev tor`

 * Have python3.7+, python3-pip, Tor (daemon, not browser) installed. python3-dev is recommended.
 * Clone the git repo: `$ git clone https://gitlab.com/beardog/onionr`
 * You may need build-essentials or the equivalent of your platform
 * Clone the git repo: `$ git clone https://gitlab.com/beardog/onionr --tags`
 * cd into install direction: `$ cd onionr/`
 * Install the Python dependencies ([virtualenv strongly recommended](https://virtualenv.pypa.io/en/stable/userguide/)): `$ pip3 install --require-hashes -r requirements.txt`
 * Install the Python dependencies ([virtualenv strongly recommended](https://virtualenv.pypa.io/en/stable/userguide/)): `$ pip3 install --require-hashes -r requirements.txt` (on ARM64 devices like Raspberry Pi 4's use requirements-ARM.txt instead.)
 * (Optional): Install desktop notification dependencies: `$ pip3 install --require-hashes -r requirements-notifications.txt`

 (--require-hashes is intended to prevent exploitation via compromise of PyPi/CA certificates)
@ -117,11 +119,13 @@ The following applies to Ubuntu Bionic. Other distros may have different package
 * Gracefully stop Onionr from CLI `$ ./onionr.sh stop`


 # Contact

 Email: beardog [ at ] mailbox.org
 # Contact/Community

 Onionr Mail: `particularizing-zabaione-defuze-iodizer-saucepan-patientest-sell-waken-chifforobe-embonpoint-aquanaut-chambermaid-barky-fumer-jolt-biotic`
 * Email: beardog [ at ] mailbox.org
 * Twitter: [@onionrnet](https://twitter.com/onionrnet)
 * Onionr Mail: decentralized-fiery-freehearted-skimmer-yodling-topstitch-divorceable-ojibwa-resettlement-infracted-lessor-noninstinctual-leaseholder-counterpoised-couture-skinful
 * Matrix: #onionr:amorgan.xyz
 * Discord: https://discord.gg/DVF2bEAzrt (Discord is bad for freedom and privacy, this is only provided for convienience)

 # Help out

@ -130,7 +134,7 @@ Everyone is welcome to contribute. Help is wanted for the following:
 * Development (Get in touch first)
    * Creation of a shared lib for use from other languages and faster proof-of-work
    * Android and IOS development
    * Windows and Mac support (already partially supported, testers needed)
    * Mac support (already partially supported, testers needed)
    * Bug fixes and development of new features
 * Testing
 * Translations/localizations
@ -139,6 +143,12 @@ Everyone is welcome to contribute. Help is wanted for the following:
 * Security review/audit
 * I2P support

 ## Watch the talk from BSidesPDX 2019

 <a href="https://www.youtube.com/watch?v=mrULtmSkKxg">
 <img src="docs/talk.png" alt="improving anonymous networking talk link" width="600">
 </a>

 ## Contribute money:

 Donating at least $3 gets you cool Onionr stickers. Get in touch if you want them.
@ -146,11 +156,13 @@ Donating at least $3 gets you cool Onionr stickers. Get in touch if you want the
 ![sticker](docs/sticker.png)


 Bitcoin: [1onion55FXzm6h8KQw3zFw2igpHcV7LPq](bitcoin:1onion55FXzm6h8KQw3zFw2igpHcV7LPq) (Contact us for a unique address or for other coins)
 * Bitcoin: [1onion55FXzm6h8KQw3zFw2igpHcV7LPq](bitcoin:1onion55FXzm6h8KQw3zFw2igpHcV7LPq) (Contact us for a unique address or for other coins)

 * Monero: 4B5BA24d1P3R5aWEpkGY5TP7buJJcn2aSGBVRQCHhpiahxeB4aWsu15XwmuTjC6VF62NApZeJGTS248RMVECP8aW73Uj2ax

 Monero: 4B5BA24d1P3R5aWEpkGY5TP7buJJcn2aSGBVRQCHhpiahxeB4aWsu15XwmuTjC6VF62NApZeJGTS248RMVECP8aW73Uj2ax
 * USD (Card/Paypal (no account required)): [Ko-Fi](https://www.ko-fi.com/beardogkf)

 USD (Card/Paypal): [Ko-Fi](https://www.ko-fi.com/beardogkf)
 * Sign up for [privacy.com (refferal link)](https://privacy.com/join/FNNDF) to protect your personal information when contributing or shopping elsewhere, we both get $5 USD.

 Note: probably not tax deductible

--- a/docs/TODO.txt
+++ b/docs/TODO.txt
@ -15,5 +15,4 @@
 * add BCC support to mail


 * prevent local insertion success of duplicate block content
 * truncate last N blocks when sharing list
--- a/docs/basic-onionr-user-guide.pdf
+++ b/docs/basic-onionr-user-guide.pdf
--- a/docs/dev/generating-requirements.txt.md
+++ b/docs/dev/generating-requirements.txt.md
@ -0,0 +1,19 @@
 # Generating requirements.txt

 To generate a requirements.txt file, install pip-tools from pip

 Onionr requirements files should have hashes to prevent backdooring by the pypi server.

 Put your package versions in requirements.in like normal. Child dependencies are usually not necessary:

 ```
 requests==0.1.1
 flask==0.1.1
 ```

 Then generate the requirements.txt:

 `$ pip-compile requirements.in --generate-hashes -o requirements.txt`


 Your requirements.txt will have hash-pinned requirements of all dependencies and child dependencies.
--- a/docs/dev/running-tests.md
+++ b/docs/dev/running-tests.md
@ -0,0 +1,44 @@
 # Running Onionr tests

 Onionr has four types of tests:

 * unittests
 * integration tests
 * selenium tests (web tests)
 * runtime-tests


 ## unittests

 Onionr uses Python's built in unittest module. These tests are located in tests/ (top level)

 Run all tests with `$ make test`, which will also run integration tests.

 Please note that one unittest tests if runtime-tests have passed recently. This is simply a forceful reminder to run those tests as well.

 You can also run a single unittest in a loop by using the script scripts/run-unit-test-by-name.py

 ## integration tests

 These tests are pretty basic and test on stdout of Onionr commands.

 They are also run from `$ make test`

 The runtime-tests do most of the actual integration testing.

 ## selenium tests

 These are browser automation tests to test if the UI is working as how it should for a user.

 There's only a couple and they're incomplete, so they can be ignored for now (test manually)

 ## runtime-tests

 These are important. They look into the Onionr client Flask app when Onionr daemon is running and test a bunch of things.

 If you do it a lot you should make your own Onionr network (disable official bootstrap)

 You run this while the daemon is running (probably should make sure onboarding is done), with `$ onionr.sh runtime-test`

 It's necessary to do this before running `$ make test` for unittesting

--- a/docs/dev/security-mechanisms.md
+++ b/docs/dev/security-mechanisms.md
@ -0,0 +1,43 @@
 # Onionr Security Mechanisms


 ## bigbrother 👁️

 Bigbrother is a cheeky module that uses Python3.8+ sys auditing events to log and/or block certain sensitive events.

 It has a little overhead, so one can disable it in config in general.security_auditing

 [ChaosWebs.net/blog/preventing-arbitrary-code-execution-in-python38-with-auditing.html](https://chaoswebs.net/blog/preventing-arbitrary-code-execution-in-python38-with-auditing.html)

 ### Threat model

 It is intended to log bugs leaking private file system information, block+log network leaks, and block+log eval-like arbitrary code execution. It is not intended to block malicious browser scripts or malicious Python plugins. It cannot work with subprocesses that do not activate the module.

 It's not intended to be bulletproof by any means, but it helps.

 ### What big brother does

 * Disk access checks for disk access outside. Only logs, does not block
 * Network leaks. (Non Tor/LAN) Blocks and logs
 * Arbitrary code execution: logs and blocks non-whitelisted bytecode importing/compiling and subprocesses.


 ## Sybil attacks

 As with any decentralized network, sybil nodes could collude to spy or cause mayhem. Due to the gossip nature of Onionr, sybil nodes would have a hard time fully stopping the network. In terms of spying, they could not conclusively prove the origin of messages due to the multiple transport nature of the network and layering behind Tor/etc.

 ## Tor configuration

 When managed by Onionr, Tor has a control port password that gets stored in Onionr config.

 Tor is also configured to reject requests to non-onion services, which helps to stop redirect based denial of service attacks.

 ## Web security

 Onionr secures both it's main web APIs with anti-dns-rebinding logic, which validates the host header used in connections to it. This is to prevent exfiltration of data and side channel deanonymization.

 Onionr secures the client API with a token that must be passed in most requests, with the exception of static API files. This is to prevent CSRF and side channel deanonymization.

 Onionr binds most services to random loopback addresses to reduce all cross-site web attacks, including discovery of Onionr on a computer from a normal website. This is not supported on Mac because Mac does not support non 'typical' loopback addresses.

 Onionr has a strict content-security-policy, rejecting all non-localhost requests and denying inline scripts and similar insecure sources.
--- a/docs/dev/selected-papers.md
+++ b/docs/dev/selected-papers.md
@ -0,0 +1,9 @@
 # Interesting papers related to Onionr development

 A paper being listed here is not end-all-be-all endorsement of every detail inside.

 * [Epidemic Routing for Partially-Connected Ad Hoc Networks](https://web.archive.org/web/20200208074703/http://issg.cs.duke.edu/epidemic/epidemic.pdf)
 * [Freenet: A distibuted decentralized information storage and retrieval system](https://freenetproject.org/assets/papers/ddisrs.pdf)
 * [Protecting Free Expression Online with Freenet](https://freenetproject.org/assets/papers/ddisrs.pdf)
 * [Bitmessage: A Peer‐to‐Peer Message Authentication and Delivery System](https://archive.org/details/BitmessageWhitepaper/)
 * [MuON: Epidemic based Mutual Anonymity](https://web.archive.org/web/20060901153544/http://www.csl.mtu.edu/cs6461/www/Reading/MuON_ICNP2005.pdf)
--- a/docs/dev/setup.md
+++ b/docs/dev/setup.md
@ -1,13 +1,72 @@
 <h1 align="center">Onionr Developer Guide</h1>

 This page assumes that Onionr is already installed and normal user requirements are setup.

 The Onionr development environment is simple. All one really needs is a supported Python version (currently 3.7-3.8 as of writing).

 There are additional requirements specified in requirements-dev.txt

 Intended to be used from VSCode, there are scripts in scripts/ named enable/disable-dev-config.py.
 **Developers agree to the [CoC](../../CODE_OF_CONDUCT.md) and to contribute new code under GPLv3 or later**. Developers should stick to PEP8 in most cases, and write unittests or integration tests where possible.

 ## Developer Scripts

 run-onionr-node.py can be used to start a node with specific parameters

 Intended to be used from VSCode (but could work otherwise), there are scripts in scripts/ named enable/disable-dev-config.py.
 These make modifications to the default config for the purpose of making testing Onionr nodes easier.
 Be sure to disable it again before pushing work.

 Generally, one should disable bootstrap list usage when making non trivial changes. This is a config option: general.use_bootstrap_list.
 There are also scripts to generate new tests.

 *When adjusting PoW, it will make your node not compatible with the existing network*

 Generally, one should disable bootstrap list usage when testing non trivial changes. This is a config option: general.use_bootstrap_list. and can be configured through enable-dev-config.py and run-onionr-node.py


 # Current state of Onionr [2021-01-14]

 Onionr in it's current form is functional, albeit buggy.


 ## Current major components

 Onionr runs via two main HTTP gevent servers serving Flask apps.

 Dir: apiservers

 * 1 Parent app hosts all public API endpoints for the Tor transport.
 * 1 Parent app hosts all UI-related files and endpoints. Some commands and internal modules interact with this API as well
 * The HTTP servers have strict anti-dns-rebinding and CSRF countermeasures, so there is a script to craft requests to the UI-related API in scripts/
 * Block storage is currently handled via metadata in sqlite (mostly defunct now), and block data storage in a different database. This is in blocks/ in running Onionr daemon data directory
 * cryptography is currently handled in onionrcrypto/ except for ephemeral messages which are handled by onionr
 * Transport clients run from looping threads mostly created in communicator/__init__.py, this includes block lookups and uploading on the Tor transport

 ## Road map

 There are several big ways Onionr will be improved in the next major version:

 * Migration to the [new modular block system](https://git.voidnet.tech/kev/onionrblocks)
    * Probability proof of work -> verifiable delay function
    * Friend system built on top of signing proofs (Private networks?)
 * Gossip transport improvements such as with neighbor improvements. See streamfill/ and [simple gossip](https://github.com/onion-sudo/simplegossip) for incomplete experiments

 * Finish removing "communicator"
 * I2P transports
    * Gossip
    * Torrents (patch for sha1?)
 * Modular transports
    * Currently transports are just threads coupled together.
    * It would be better if there was a generic way to tell any loaded transport what blocks are wanted and feed back received blocks to the database
 * Migrate to SafeDB for peers and blocks
    * SafeDB wrapper that contacts http endpoint to store if it is running, otherwise directly open DB
 * Separate UI logic from daemon. Refactor code to
 * Improve cryptography
    * Restore phrases or deterministic keys (generate key from password, be very careful)
    * Change identities to be dual keys (ed25519+curve25519)
    * Finish treasurechest
        * Interact via [named pipes](https://en.wikipedia.org/wiki/Named_pipe)
        * Ephemeral key management
        * Encrypt/decrypt/sign/verify functions to keep key out of main memory
        * PGP-like symmetric messages


--- a/docs/docker.md
+++ b/docs/docker.md
@ -0,0 +1,28 @@
 # Running Onionr in Docker

 A Dockerfile is included in the root directory of Onionr.

 In Docker version 20.10 (and probably others), there is a strange bug where Onionr must be run with -it or stdout will be garbled and it may hang.

 ## Clone and build the image

 `$ git clone https://git.voidnet.tech/kev/onionr/`
 `$ cd onionr`
 `$ sudo docker build -t onionr .`


 ## Run Onionr

 `$ sudo docker run -it -p 8080:8080 onionr`

 Onionr will be accessible over any network interface by default, so make sure to either change the entry point bind-address argument or set a firewall rule.

 That said, Onionr does protect it's interface by default with a web token, which will be shown in stdout.

 **However, anyone who can access the port may be able to see what Onionr sites you have saved and potentially deanonymize your node**

 ## View the UI

 Visit the address and port for the machine Onionr is running on, for example: http://192.168.1.5:8080/#<long-token-taken-from-stdout>

 If you want a secure connection to the interface, either use a proxy such as nginx or caddy, or use [SSH tunneling](./vps-cloud-guide.md).
--- a/docs/faq.md
+++ b/docs/faq.md
@ -0,0 +1,24 @@
 <h1 align="center">Onionr FAQ</h1>

 (Most of the FAQ answers apply to planned features and do not reflect in the demo network)

 * How does Onionr route messages?

 Onionr creates a message with an anti-spam proof (usually). It is then forwarded between nodes using binomial tree broadcast.

 The network is structured based on the particular transport being used, for Tor, .onion addresses are used to determine closeness between nodes.

 Churn due to connectivity changes or issues, membership changes or malicious activity means nodes need to sometimes look far away for missed messages.

 To help with scale, messages can be intelligently deleted or forwarded, for example a mail message can be marked by its recipient at a given point for deletion, or forum posts can be set to expire after a short period or after lack of activity.


 * Why do you use Python instead of [language]?

 I'm very comfortable in Python, and I believe it is a maintainable language if you use it correctly with modern features, also it has many quality libraries useful to the project, like pyncal and stem. Most places in the project are IO bound.


 * What do you think of bad actors who might use Onionr?

 Users should be able to exclude viewing, processing, and hosting content they do not want to. To this end, I want to enable user-configurable filtering based on lists provided by friends, fuzzy hashing, and voting.

--- a/docs/html/index.html
+++ b/docs/html/index.html
@ -1 +0,0 @@
 <meta http-equiv="refresh" content="0;URL='src/index.html'">
--- a/docs/html/src/apiservers/index.html
+++ b/docs/html/src/apiservers/index.html
@ -1,88 +0,0 @@
 <!doctype html>
 <html lang="en">
 <head>
 <meta charset="utf-8">
 <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1" />
 <meta name="generator" content="pdoc 0.7.4" />
 <title>src.apiservers API documentation</title>
 <meta name="description" content="Flask WSGI apps for the public and private API servers …" />
 <link href='https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css' rel='stylesheet'>
 <link href='https://cdnjs.cloudflare.com/ajax/libs/10up-sanitize.css/8.0.0/sanitize.min.css' rel='stylesheet'>
 <link href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/github.min.css" rel="stylesheet">
 <style>.flex{display:flex !important}body{line-height:1.5em}#content{padding:20px}#sidebar{padding:30px;overflow:hidden}.http-server-breadcrumbs{font-size:130%;margin:0 0 15px 0}#footer{font-size:.75em;padding:5px 30px;border-top:1px solid #ddd;text-align:right}#footer p{margin:0 0 0 1em;display:inline-block}#footer p:last-child{margin-right:30px}h1,h2,h3,h4,h5{font-weight:300}h1{font-size:2.5em;line-height:1.1em}h2{font-size:1.75em;margin:1em 0 .50em 0}h3{font-size:1.4em;margin:25px 0 10px 0}h4{margin:0;font-size:105%}a{color:#058;text-decoration:none;transition:color .3s ease-in-out}a:hover{color:#e82}.title code{font-weight:bold}h2[id^="header-"]{margin-top:2em}.ident{color:#900}pre code{background:#f8f8f8;font-size:.8em;line-height:1.4em}code{background:#f2f2f1;padding:1px 4px;overflow-wrap:break-word}h1 code{background:transparent}pre{background:#f8f8f8;border:0;border-top:1px solid #ccc;border-bottom:1px solid #ccc;margin:1em 0;padding:1ex}#http-server-module-list{display:flex;flex-flow:column}#http-server-module-list div{display:flex}#http-server-module-list dt{min-width:10%}#http-server-module-list p{margin-top:0}.toc ul,#index{list-style-type:none;margin:0;padding:0}#index code{background:transparent}#index h3{border-bottom:1px solid #ddd}#index ul{padding:0}#index h4{font-weight:bold}#index h4 + ul{margin-bottom:.6em}@media (min-width:200ex){#index .two-column{column-count:2}}@media (min-width:300ex){#index .two-column{column-count:3}}dl{margin-bottom:2em}dl dl:last-child{margin-bottom:4em}dd{margin:0 0 1em 3em}#header-classes + dl > dd{margin-bottom:3em}dd dd{margin-left:2em}dd p{margin:10px 0}.name{background:#eee;font-weight:bold;font-size:.85em;padding:5px 10px;display:inline-block;min-width:40%}.name:hover{background:#e0e0e0}.name > span:first-child{white-space:nowrap}.name.class > span:nth-child(2){margin-left:.4em}.inherited{color:#999;border-left:5px solid #eee;padding-left:1em}.inheritance em{font-style:normal;font-weight:bold}.desc h2{font-weight:400;font-size:1.25em}.desc h3{font-size:1em}.desc dt code{background:inherit}.source summary,.git-link-div{color:#666;text-align:right;font-weight:400;font-size:.8em;text-transform:uppercase}.source summary > *{white-space:nowrap;cursor:pointer}.git-link{color:inherit;margin-left:1em}.source pre{max-height:500px;overflow:auto;margin:0}.source pre code{font-size:12px;overflow:visible}.hlist{list-style:none}.hlist li{display:inline}.hlist li:after{content:',\2002'}.hlist li:last-child:after{content:none}.hlist .hlist{display:inline;padding-left:1em}img{max-width:100%}.admonition{padding:.1em .5em;margin-bottom:1em}.admonition-title{font-weight:bold}.admonition.note,.admonition.info,.admonition.important{background:#aef}.admonition.todo,.admonition.versionadded,.admonition.tip,.admonition.hint{background:#dfd}.admonition.warning,.admonition.versionchanged,.admonition.deprecated{background:#fd4}.admonition.error,.admonition.danger,.admonition.caution{background:lightpink}</style>
 <style media="screen and (min-width: 700px)">@media screen and (min-width:700px){#sidebar{width:30%}#content{width:70%;max-width:100ch;padding:3em 4em;border-left:1px solid #ddd}pre code{font-size:1em}.item .name{font-size:1em}main{display:flex;flex-direction:row-reverse;justify-content:flex-end}.toc ul ul,#index ul{padding-left:1.5em}.toc > ul > li{margin-top:.5em}}</style>
 <style media="print">@media print{#sidebar h1{page-break-before:always}.source{display:none}}@media print{*{background:transparent !important;color:#000 !important;box-shadow:none !important;text-shadow:none !important}a[href]:after{content:" (" attr(href) ")";font-size:90%}a[href][title]:after{content:none}abbr[title]:after{content:" (" attr(title) ")"}.ir a:after,a[href^="javascript:"]:after,a[href^="#"]:after{content:""}pre,blockquote{border:1px solid #999;page-break-inside:avoid}thead{display:table-header-group}tr,img{page-break-inside:avoid}img{max-width:100% !important}@page{margin:0.5cm}p,h2,h3{orphans:3;widows:3}h1,h2,h3,h4,h5,h6{page-break-after:avoid}}</style>
 </head>
 <body>
 <main>
 <article id="content">
 <header>
 <h1 class="title">Module <code>src.apiservers</code></h1>
 </header>
 <section id="section-intro">
 <p>Flask WSGI apps for the public and private API servers.</p>
 <p>Public is net-facing server meant for other nodes
 Private is meant for controlling and accessing this node</p>
 <details class="source">
 <summary>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">&#34;&#34;&#34;Flask WSGI apps for the public and private API servers.

 Public is net-facing server meant for other nodes
 Private is meant for controlling and accessing this node
 &#34;&#34;&#34;

 from . import public, private

 PublicAPI = public.PublicAPI
 ClientAPI = private.PrivateAPI</code></pre>
 </details>
 </section>
 <section>
 <h2 class="section-title" id="header-submodules">Sub-modules</h2>
 <dl>
 <dt><code class="name"><a title="src.apiservers.private" href="private/index.html">src.apiservers.private</a></code></dt>
 <dd>
 <section class="desc"><p>Onionr - Private P2P Communication …</p></section>
 </dd>
 <dt><code class="name"><a title="src.apiservers.public" href="public/index.html">src.apiservers.public</a></code></dt>
 <dd>
 <section class="desc"><p>Onionr - Private P2P Communication …</p></section>
 </dd>
 </dl>
 </section>
 <section>
 </section>
 <section>
 </section>
 <section>
 </section>
 </article>
 <nav id="sidebar">
 <h1>Index</h1>
 <div class="toc">
 <ul></ul>
 </div>
 <ul id="index">
 <li><h3>Super-module</h3>
 <ul>
 <li><code><a title="src" href="../index.html">src</a></code></li>
 </ul>
 </li>
 <li><h3><a href="#header-submodules">Sub-modules</a></h3>
 <ul>
 <li><code><a title="src.apiservers.private" href="private/index.html">src.apiservers.private</a></code></li>
 <li><code><a title="src.apiservers.public" href="public/index.html">src.apiservers.public</a></code></li>
 </ul>
 </li>
 </ul>
 </nav>
 </main>
 <footer id="footer">
 <p>Generated by <a href="https://pdoc3.github.io/pdoc"><cite>pdoc</cite> 0.7.4</a>.</p>
 </footer>
 <script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js"></script>
 <script>hljs.initHighlightingOnLoad()</script>
 </body>
 </html>
--- a/docs/html/src/apiservers/private/index.html
+++ b/docs/html/src/apiservers/private/index.html
@ -1,411 +0,0 @@
 <!doctype html>
 <html lang="en">
 <head>
 <meta charset="utf-8">
 <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1" />
 <meta name="generator" content="pdoc 0.7.4" />
 <title>src.apiservers.private API documentation</title>
 <meta name="description" content="Onionr - Private P2P Communication …" />
 <link href='https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css' rel='stylesheet'>
 <link href='https://cdnjs.cloudflare.com/ajax/libs/10up-sanitize.css/8.0.0/sanitize.min.css' rel='stylesheet'>
 <link href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/github.min.css" rel="stylesheet">
 <style>.flex{display:flex !important}body{line-height:1.5em}#content{padding:20px}#sidebar{padding:30px;overflow:hidden}.http-server-breadcrumbs{font-size:130%;margin:0 0 15px 0}#footer{font-size:.75em;padding:5px 30px;border-top:1px solid #ddd;text-align:right}#footer p{margin:0 0 0 1em;display:inline-block}#footer p:last-child{margin-right:30px}h1,h2,h3,h4,h5{font-weight:300}h1{font-size:2.5em;line-height:1.1em}h2{font-size:1.75em;margin:1em 0 .50em 0}h3{font-size:1.4em;margin:25px 0 10px 0}h4{margin:0;font-size:105%}a{color:#058;text-decoration:none;transition:color .3s ease-in-out}a:hover{color:#e82}.title code{font-weight:bold}h2[id^="header-"]{margin-top:2em}.ident{color:#900}pre code{background:#f8f8f8;font-size:.8em;line-height:1.4em}code{background:#f2f2f1;padding:1px 4px;overflow-wrap:break-word}h1 code{background:transparent}pre{background:#f8f8f8;border:0;border-top:1px solid #ccc;border-bottom:1px solid #ccc;margin:1em 0;padding:1ex}#http-server-module-list{display:flex;flex-flow:column}#http-server-module-list div{display:flex}#http-server-module-list dt{min-width:10%}#http-server-module-list p{margin-top:0}.toc ul,#index{list-style-type:none;margin:0;padding:0}#index code{background:transparent}#index h3{border-bottom:1px solid #ddd}#index ul{padding:0}#index h4{font-weight:bold}#index h4 + ul{margin-bottom:.6em}@media (min-width:200ex){#index .two-column{column-count:2}}@media (min-width:300ex){#index .two-column{column-count:3}}dl{margin-bottom:2em}dl dl:last-child{margin-bottom:4em}dd{margin:0 0 1em 3em}#header-classes + dl > dd{margin-bottom:3em}dd dd{margin-left:2em}dd p{margin:10px 0}.name{background:#eee;font-weight:bold;font-size:.85em;padding:5px 10px;display:inline-block;min-width:40%}.name:hover{background:#e0e0e0}.name > span:first-child{white-space:nowrap}.name.class > span:nth-child(2){margin-left:.4em}.inherited{color:#999;border-left:5px solid #eee;padding-left:1em}.inheritance em{font-style:normal;font-weight:bold}.desc h2{font-weight:400;font-size:1.25em}.desc h3{font-size:1em}.desc dt code{background:inherit}.source summary,.git-link-div{color:#666;text-align:right;font-weight:400;font-size:.8em;text-transform:uppercase}.source summary > *{white-space:nowrap;cursor:pointer}.git-link{color:inherit;margin-left:1em}.source pre{max-height:500px;overflow:auto;margin:0}.source pre code{font-size:12px;overflow:visible}.hlist{list-style:none}.hlist li{display:inline}.hlist li:after{content:',\2002'}.hlist li:last-child:after{content:none}.hlist .hlist{display:inline;padding-left:1em}img{max-width:100%}.admonition{padding:.1em .5em;margin-bottom:1em}.admonition-title{font-weight:bold}.admonition.note,.admonition.info,.admonition.important{background:#aef}.admonition.todo,.admonition.versionadded,.admonition.tip,.admonition.hint{background:#dfd}.admonition.warning,.admonition.versionchanged,.admonition.deprecated{background:#fd4}.admonition.error,.admonition.danger,.admonition.caution{background:lightpink}</style>
 <style media="screen and (min-width: 700px)">@media screen and (min-width:700px){#sidebar{width:30%}#content{width:70%;max-width:100ch;padding:3em 4em;border-left:1px solid #ddd}pre code{font-size:1em}.item .name{font-size:1em}main{display:flex;flex-direction:row-reverse;justify-content:flex-end}.toc ul ul,#index ul{padding-left:1.5em}.toc > ul > li{margin-top:.5em}}</style>
 <style media="print">@media print{#sidebar h1{page-break-before:always}.source{display:none}}@media print{*{background:transparent !important;color:#000 !important;box-shadow:none !important;text-shadow:none !important}a[href]:after{content:" (" attr(href) ")";font-size:90%}a[href][title]:after{content:none}abbr[title]:after{content:" (" attr(title) ")"}.ir a:after,a[href^="javascript:"]:after,a[href^="#"]:after{content:""}pre,blockquote{border:1px solid #999;page-break-inside:avoid}thead{display:table-header-group}tr,img{page-break-inside:avoid}img{max-width:100% !important}@page{margin:0.5cm}p,h2,h3{orphans:3;widows:3}h1,h2,h3,h4,h5,h6{page-break-after:avoid}}</style>
 </head>
 <body>
 <main>
 <article id="content">
 <header>
 <h1 class="title">Module <code>src.apiservers.private</code></h1>
 </header>
 <section id="section-intro">
 <p>Onionr - Private P2P Communication.</p>
 <p>This file handles all incoming http requests to the client, using Flask</p>
 <details class="source">
 <summary>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">&#34;&#34;&#34;Onionr - Private P2P Communication.

 This file handles all incoming http requests to the client, using Flask
 &#34;&#34;&#34;
 from typing import Dict
 import hmac

 import flask
 from gevent.pywsgi import WSGIServer

 from onionrutils import epoch
 import httpapi
 from filepaths import private_API_host_file
 import logger

 from etc import waitforsetvar
 from . import register_private_blueprints
 import config
 from .. import public
 &#34;&#34;&#34;
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see &lt;https://www.gnu.org/licenses/&gt;.
 &#34;&#34;&#34;


 class PrivateAPI:
    &#34;&#34;&#34;Client HTTP api for controlling onionr and using UI.&#34;&#34;&#34;

    callbacks: Dict[str, Dict] = {&#39;public&#39;: {}, &#39;private&#39;: {}}

    def __init__(self):
        &#34;&#34;&#34;Initialize the api server, preping variables for later use.

        This initialization defines all of the API entry points
        and handlers for the endpoints and errors
        This also saves the used host (random localhost IP address)
        to the data folder in host.txt
        &#34;&#34;&#34;
        self.config = config

        self.startTime = epoch.get_epoch()
        app = flask.Flask(__name__)
        bind_port = int(config.get(&#39;client.client.port&#39;, 59496))
        self.bindPort = bind_port

        self.clientToken = config.get(&#39;client.webpassword&#39;)

        self.host = httpapi.apiutils.setbindip.set_bind_IP(
            private_API_host_file)
        logger.info(&#39;Running api on %s:%s&#39; % (self.host, self.bindPort))
        self.httpServer = &#39;&#39;

        self.queueResponse = {}
        self.get_block_data = httpapi.apiutils.GetBlockData(self)
        register_private_blueprints.register_private_blueprints(self, app)
        httpapi.load_plugin_blueprints(app)
        self.app = app

    def start(self):
        &#34;&#34;&#34;Start client gevent API web server with flask client app.&#34;&#34;&#34;
        waitforsetvar.wait_for_set_var(self, &#34;_too_many&#34;)
        fd_handler = httpapi.fdsafehandler.FDSafeHandler
        self.publicAPI = self._too_many.get(  # pylint: disable=E1101
            public.PublicAPI)
        self.httpServer = WSGIServer((self.host, self.bindPort),
                                     self.app, log=None,
                                     handler_class=fd_handler)
        self.httpServer.serve_forever()

    def setPublicAPIInstance(self, inst):
        &#34;&#34;&#34;Dynamically set public API instance.&#34;&#34;&#34;
        self.publicAPI = inst

    def validateToken(self, token):
        &#34;&#34;&#34;Validate that the client token matches the given token.

        Used to prevent CSRF and other attacks.
        &#34;&#34;&#34;
        if not self.clientToken:
            logger.error(&#34;client password needs to be set&#34;)
            return False
        try:
            return hmac.compare_digest(self.clientToken, token)
        except TypeError:
            return False

    def getUptime(self) -&gt; int:
        &#34;&#34;&#34;Safely wait for uptime to be set and return it.&#34;&#34;&#34;
        while True:
            try:
                return epoch.get_epoch() - self.startTime
            except (AttributeError, NameError):
                # Don&#39;t error on race condition with startup
                pass

    def getBlockData(self, bHash, decrypt=False, raw=False,
                     headerOnly=False) -&gt; bytes:
        &#34;&#34;&#34;Returns block data bytes.&#34;&#34;&#34;
        return self.get_block_data.get_block_data(bHash,
                                                  decrypt=decrypt,
                                                  raw=raw,
                                                  headerOnly=headerOnly)</code></pre>
 </details>
 </section>
 <section>
 <h2 class="section-title" id="header-submodules">Sub-modules</h2>
 <dl>
 <dt><code class="name"><a title="src.apiservers.private.register_private_blueprints" href="register_private_blueprints.html">src.apiservers.private.register_private_blueprints</a></code></dt>
 <dd>
 <section class="desc"><p>Onionr - Private P2P Communication …</p></section>
 </dd>
 </dl>
 </section>
 <section>
 </section>
 <section>
 </section>
 <section>
 <h2 class="section-title" id="header-classes">Classes</h2>
 <dl>
 <dt id="src.apiservers.private.PrivateAPI"><code class="flex name class">
 <span>class <span class="ident">PrivateAPI</span></span>
 </code></dt>
 <dd>
 <section class="desc"><p>Client HTTP api for controlling onionr and using UI.</p>
 <p>Initialize the api server, preping variables for later use.</p>
 <p>This initialization defines all of the API entry points
 and handlers for the endpoints and errors
 This also saves the used host (random localhost IP address)
 to the data folder in host.txt</p></section>
 <details class="source">
 <summary>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">class PrivateAPI:
    &#34;&#34;&#34;Client HTTP api for controlling onionr and using UI.&#34;&#34;&#34;

    callbacks: Dict[str, Dict] = {&#39;public&#39;: {}, &#39;private&#39;: {}}

    def __init__(self):
        &#34;&#34;&#34;Initialize the api server, preping variables for later use.

        This initialization defines all of the API entry points
        and handlers for the endpoints and errors
        This also saves the used host (random localhost IP address)
        to the data folder in host.txt
        &#34;&#34;&#34;
        self.config = config

        self.startTime = epoch.get_epoch()
        app = flask.Flask(__name__)
        bind_port = int(config.get(&#39;client.client.port&#39;, 59496))
        self.bindPort = bind_port

        self.clientToken = config.get(&#39;client.webpassword&#39;)

        self.host = httpapi.apiutils.setbindip.set_bind_IP(
            private_API_host_file)
        logger.info(&#39;Running api on %s:%s&#39; % (self.host, self.bindPort))
        self.httpServer = &#39;&#39;

        self.queueResponse = {}
        self.get_block_data = httpapi.apiutils.GetBlockData(self)
        register_private_blueprints.register_private_blueprints(self, app)
        httpapi.load_plugin_blueprints(app)
        self.app = app

    def start(self):
        &#34;&#34;&#34;Start client gevent API web server with flask client app.&#34;&#34;&#34;
        waitforsetvar.wait_for_set_var(self, &#34;_too_many&#34;)
        fd_handler = httpapi.fdsafehandler.FDSafeHandler
        self.publicAPI = self._too_many.get(  # pylint: disable=E1101
            public.PublicAPI)
        self.httpServer = WSGIServer((self.host, self.bindPort),
                                     self.app, log=None,
                                     handler_class=fd_handler)
        self.httpServer.serve_forever()

    def setPublicAPIInstance(self, inst):
        &#34;&#34;&#34;Dynamically set public API instance.&#34;&#34;&#34;
        self.publicAPI = inst

    def validateToken(self, token):
        &#34;&#34;&#34;Validate that the client token matches the given token.

        Used to prevent CSRF and other attacks.
        &#34;&#34;&#34;
        if not self.clientToken:
            logger.error(&#34;client password needs to be set&#34;)
            return False
        try:
            return hmac.compare_digest(self.clientToken, token)
        except TypeError:
            return False

    def getUptime(self) -&gt; int:
        &#34;&#34;&#34;Safely wait for uptime to be set and return it.&#34;&#34;&#34;
        while True:
            try:
                return epoch.get_epoch() - self.startTime
            except (AttributeError, NameError):
                # Don&#39;t error on race condition with startup
                pass

    def getBlockData(self, bHash, decrypt=False, raw=False,
                     headerOnly=False) -&gt; bytes:
        &#34;&#34;&#34;Returns block data bytes.&#34;&#34;&#34;
        return self.get_block_data.get_block_data(bHash,
                                                  decrypt=decrypt,
                                                  raw=raw,
                                                  headerOnly=headerOnly)</code></pre>
 </details>
 <h3>Class variables</h3>
 <dl>
 <dt id="src.apiservers.private.PrivateAPI.callbacks"><code class="name">var <span class="ident">callbacks</span></code></dt>
 <dd>
 <section class="desc"><p>dict() -&gt; new empty dictionary
 dict(mapping) -&gt; new dictionary initialized from a mapping object's
 (key, value) pairs
 dict(iterable) -&gt; new dictionary initialized as if via:
 d = {}
 for k, v in iterable:
 d[k] = v
 dict(**kwargs) -&gt; new dictionary initialized with the name=value pairs
 in the keyword argument list.
 For example:
 dict(one=1, two=2)</p></section>
 </dd>
 </dl>
 <h3>Methods</h3>
 <dl>
 <dt id="src.apiservers.private.PrivateAPI.getBlockData"><code class="name flex">
 <span>def <span class="ident">getBlockData</span></span>(<span>self, bHash, decrypt=False, raw=False, headerOnly=False)</span>
 </code></dt>
 <dd>
 <section class="desc"><p>Returns block data bytes.</p></section>
 <details class="source">
 <summary>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">def getBlockData(self, bHash, decrypt=False, raw=False,
                 headerOnly=False) -&gt; bytes:
    &#34;&#34;&#34;Returns block data bytes.&#34;&#34;&#34;
    return self.get_block_data.get_block_data(bHash,
                                              decrypt=decrypt,
                                              raw=raw,
                                              headerOnly=headerOnly)</code></pre>
 </details>
 </dd>
 <dt id="src.apiservers.private.PrivateAPI.getUptime"><code class="name flex">
 <span>def <span class="ident">getUptime</span></span>(<span>self)</span>
 </code></dt>
 <dd>
 <section class="desc"><p>Safely wait for uptime to be set and return it.</p></section>
 <details class="source">
 <summary>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">def getUptime(self) -&gt; int:
    &#34;&#34;&#34;Safely wait for uptime to be set and return it.&#34;&#34;&#34;
    while True:
        try:
            return epoch.get_epoch() - self.startTime
        except (AttributeError, NameError):
            # Don&#39;t error on race condition with startup
            pass</code></pre>
 </details>
 </dd>
 <dt id="src.apiservers.private.PrivateAPI.setPublicAPIInstance"><code class="name flex">
 <span>def <span class="ident">setPublicAPIInstance</span></span>(<span>self, inst)</span>
 </code></dt>
 <dd>
 <section class="desc"><p>Dynamically set public API instance.</p></section>
 <details class="source">
 <summary>
 <span>Expand source code</span>
 </summary>
 <pre><code class="python">def setPublicAPIInstance(self, inst):
    &#34;&#34;&#34;Dynamically set public API instance.&#34;&#34;&#34;
    self.publicAPI = inst</code></pre>
 </details>
 </dd>
 <dt id="src.apiservers.private.PrivateAPI.start"><code class="name flex">