Scuttlebutt meaning4/16/2023 The malicious database cannot reorder the messages in the feed.The malicious database cannot write new fake messages to the feed.The malicious database cannot create a new feed with the same identifier.Imagine that we want to read from a feed for which we know the identity, but we're connected to a malicious Secure Scuttlebutt instance.Īs long as the malicious database does not have the private key: This makes it ideal as a store for peer-to-peer applications. Secure Scuttlebutt maintains useful security properties even when it is connected to a malicious Secure Scuttlebutt database. The Scuttlebot community runs some Pubs, and anybody can create and introduce their own. Users generate invite-codes to command Pubs to follow their friends. They are essentially mail-bots which improve uptime and availability. To sync across the Internet, "Pub" nodes run at public IPs and follow users. SSB is hostless: each computer installs the same copy of software and has equal rights in the network.ĭevices discover each other over the LAN with multicast UDP and sync automatically. This is because gossip creates "transitive" connections between computers.ĭan's messages travel through Carla and the Pub to reach Alice, and visa-versa. This means that information is able to distribute across multiple machines, without requiring direct connections between them.Įven though Alice and Dan lack a direct connection, they can still exchange feeds: The protocol creates a global gossip network. Scuttlebot maintains a table of known peers, which it cycles through, asking for updates for all followed feeds. Since feeds are append-only, replication is simple: request all messages in the feed that are newer than the latest message you know about. Presently, Scuttlebot's replicate plugin, which is enabled by default, looks on the master user's feed for type:contact messages to know which users are currently followed. Users choose which feeds to synchronize by following them. Messages and blobs are referred to by their hashes, but a feed is referred to by its signing public key.įor private sharing, Scuttlebot uses libsodium to encrypt confidential log-entries.įeed IDs are public keys, and so once two feeds are mutually following each other, they can exchange confidential data freely. Messages can reference three types of Secure Scuttlebutt entities: messages, feeds, and blobs (i.e. An identifier of the hashing algorithm in use (currently only "sha256" is supported).This is to ensure the entire network converges on the same state. This is enforced by a per-feed blockchain. Note that append-only means you cannot delete an existing message, or change your history. Users must exchange pubkeys, either by publishing them on their feeds, or out-of-band.Ī feed is a signed append-only sequence of messages. There is no worldwide store of identities. The public key is used as the identifier. IdentitiesĪn identity is simply a ed25519 key pair. Scuttlebot can change Pubs, or join more than one, and sync directly over Wifi.īuilding upon Secure Scuttlebutt requires understanding a few concepts that it uses to ensure the unforgeability of message feeds. However, because Scuttlebot has no DHT or NAT-traversal utilities, users must "join" a Pub to distribute their messages on the WAN. Pubs have no special privileges, and are not trusted by users. They follow users and rehost the messages to other peers, ensuring good uptime and no firewall blockage. "Pubs" are bot-users that have public IPs. Instead, users name themselves, and share petnames for each other.ĭiscovery occurs by examining the social graph, or by out-of-band sharing.Īpplications can analyze the follow-graph, and look for "flag" messages, to determine who is trust-worthy in the network. There is no global registry of usernames. Users are identified by confirmations and signals in the social graph. The messages and files are stored locally, indefinitely, for applications to read. Scuttlebot searches the P2P mesh for new messages and files from followed users and from FoaFs (friend of a friend's). Scuttlebot forms a global cryptographic social network with its peers.Įach user is identified by a public key, and publishes a log of signed messages, which other users follow socially. Secure Scuttlebutt also makes it easy to encrypt messages. This property makes Secure Scuttlebutt useful for peer-to-peer applications. "Unforgeable" means that only the owner of a feed can update that feed, as enforced by digital signing (see Security properties). Secure Scuttlebutt is a database protocol for unforgeable append-only message feeds.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |