GitLab Commit is coming up on August 3-4. Learn how to innovate together using GitLab, the DevOps platform. Register for free: gitlabcommitvirtual2021.com

README.md 9.16 KB
Newer Older
1
<p align="center">
Kevin's avatar
Kevin committed
2

3
<img src="./docs/onionr-logo.png" width='250'>
4
5
6

</p>

7
<p align="center">
Kevin's avatar
Kevin committed
8
    Privacy Respecting Communication Network 馃摗
9
</p>
Kevin's avatar
Kevin committed
10
11
12
<p align="center">
    Anonymous social platform, mail, file sharing.
</p>
13

Kevin's avatar
Kevin committed
14
<img src='https://img.shields.io/github/license/beardog108/onionr'> <img src="https://img.shields.io/github/repo-size/beardog108/onionr"> <img src='https://img.shields.io/badge/python%20version%20%F0%9F%90%8D-3.7+-blue'> <img src='https://img.shields.io/github/commit-activity/m/beardog108/onionr'>
Kevin's avatar
Kevin committed
15

Kevin's avatar
Kevin committed
16
<a href='https://www.reddit.com/r/onionr'><img src = 'https://img.shields.io/reddit/subreddit-subscribers/onionr?style=social'></a> <a href='https://twitter.com/onionrnet'><img src='https://img.shields.io/twitter/follow/onionrnet?style=social'></a> - [Discord](https://discord.gg/DVF2bEAzrt) - Matrix: #onionr:amorgan.xyz
Kevin's avatar
Kevin committed
17
18
19
20

|                                      |                            |                            |
| -----------                          | -----------                | -----------                |
| [Install](#install-and-run-on-linux) | [Features](#main-features) | [Screenshots](#screenshots)|
Kevin's avatar
Kevin committed
21
| [Docs](#documentation)/[web copy](https://beardog108.github.io/onionr/)               | [Get involved](#help-out)  | [Onionr.net](https://onionr.net/)/[.onion](http://onionrbak72t5zhbzuey2fdkpczlvhowgcpqc6uoyrd3uxztzxwz5cyd.onion/)                  |
Arinerron's avatar
Arinerron committed
22

Kevin's avatar
Kevin committed
23

Kevin's avatar
Kevin committed
24
---
25

Kevin's avatar
Kevin committed
26
**The main repository for this software is at https://git.VoidNet.tech/kev/onionr/**
Kevin's avatar
Kevin committed
27

Kevin's avatar
Kevin committed
28
Mirrors: [Github](https://github.com/beardog108/onionr), [Gitlab](https://gitlab.com/beardog/onionr)
29

30

Kevin's avatar
Kevin committed
31
Onionr ("Onion Relay") is a decentralized/distributed peer-to-peer communication network, designed to be anonymous and resistant to (meta)data analysis, spam, and corruption.
32

Kevin's avatar
Kevin committed
33
Onionr gives the individual the ability to speak freely, without fear of surveillance and censorship.
34

Kevin's avatar
Kevin committed
35
---
36

Kevin's avatar
Kevin committed
37
38
39
40
41
Onionr stores data in independent packages referred to as 'blocks'. The blocks are distributed to all nodes interested in their data type. Blocks and user IDs cannot be easily proven to have been created by a particular user. Even if there is enough evidence to believe that a specific user created a block, nodes still operate behind Tor and as such cannot be trivially unmasked. Anonymity is achieved by a stateless network, with no given indication of what node a block originates from. In fact, since one is not required to participate in routing or storage to insert a message, blocks often do not originate from any identifiable node.

Onionr works primarily via epidemic/gossip style routing, with message delivery taking roughly log<sub>F</sub>(N) cycles where F is the number of nodes to send a message to each cycle and N is the number of connected nodes. So a network of 100 million nodes can deliver messages in a few minutes even with high packet loss and malfunctioning nodes.

Through message mixing and key privacy, it is intended to be nigh impossible to discover the identity of a message creator or recipient. Via long-term traffic analysis, a well funded adversary may discover the most probable node(s) to be creating a set of related blocks, however doing so would only lead them to a node behind Tor. As the first node that a block appears on is almost always not the creator of the block, there is plausible deniability regarding the true creator of the block.
42

43
Users are identified by ed25519/curve25519 public keys, which can be used to sign blocks or send encrypted data.
44
45

Onionr can be used for mail, as a social network, instant messenger, file sharing software, or for encrypted group discussion.
Kevin's avatar
Kevin committed
46

Kevin's avatar
Kevin committed
47
Due to the nature of anonymity, the graph as implemented in this reference network is dense, undirected, cyclic and can be disconnected. Since Onionr is technically just a data format, any routing scheme can be used to pass messages.
48

Kevin's avatar
Kevin committed
49
The whitepaper is available [here](docs/whitepaper.md).
50

Kevin's avatar
Kevin committed
51
52
---

53
## Main Features
54

Kevin's avatar
Kevin committed
55
56
57
* [X] 馃寪 Fully p2p/decentralized, no trackers or other single points of failure
* [X] 馃敀 End to end encryption of user data
* [X] 馃摙 Optional non-encrypted blocks, useful for blog posts or public file sharing
58
* [X] 馃捇 Easy HTTP API for integration to websites
Kevin's avatar
Kevin committed
59
60
* [X] 馃暤锔 Metadata analysis resistance and anonymity
* [X] 馃摗 Transport agnosticism (no internet required)
61

62
63
64
65
Onionr ships with various application plugins ready for use out of the box:

Currently usable:

Kevin's avatar
Kevin committed
66
67
68
* 馃摠 Mail
* 馃挰 Public anonymous chat/message board
* 馃搩 Simple webpage hosting - Will be greatly extended
69
70
71
72
73
74
* File sharing (Work in progress)

Not yet usable:

* Instant messaging

75

Kevin's avatar
Kevin committed
76
77
78
79
# Screenshots

<img alt='Node statistics page screenshot' src='docs/onionr-1.png' width=600>

Kevin's avatar
Kevin committed
80
Home screen
Kevin's avatar
Kevin committed
81
82
83
84
85
86
87

<img alt='Friend/contact manager screenshot' src='docs/onionr-2.png' width=600>

Friend/contact manager

<img alt='Encrypted, metadata-masking mail application screenshot' src='docs/onionr-3.png' width=600>

Kevin's avatar
Kevin committed
88
Encrypted, metadata-masking mail application. One of the first distributed mail systems to have basic forward secrecy.
Kevin's avatar
Kevin committed
89

90
91
92
93
# Documentation

More docs coming soon.

Kevin's avatar
Kevin committed
94
95
* [Block specification](docs/dev/specs/block-spec.md)
* [HTTP API](docs/dev/http-api.md)
96

97
# Install and Run on Linux
98

99
100
101
The following applies to Ubuntu Bionic. Other distributions may have different package or command names.

Master may be unstable, you should use the latest release tag. (checkout via git: `$ git checkout release-latest`)
102

103
104
`$ sudo apt install python3-pip python3-dev tor`

Kevin's avatar
Kevin committed
105
* Have python3.7+, python3-pip, Tor (daemon, not browser) installed. python3-dev is recommended.
Kevin's avatar
Kevin committed
106
* You may need build-essentials or the equivalent of your platform
Kevin's avatar
Kevin committed
107
* Clone the git repo: `$ git clone https://gitlab.com/beardog/onionr --tags`
108
* cd into install direction: `$ cd onionr/`
109
* Install the Python dependencies ([virtualenv strongly recommended](https://virtualenv.pypa.io/en/stable/userguide/)): `$ pip3 install --require-hashes -r requirements.txt` (on ARM64 devices like Raspberry Pi 4's use requirements-ARM.txt instead.)
110
* (Optional): Install desktop notification dependencies: `$ pip3 install --require-hashes -r requirements-notifications.txt`
111

112
(--require-hashes is intended to prevent exploitation via compromise of PyPi/CA certificates)
Kevin's avatar
Kevin committed
113

Kevin's avatar
Kevin committed
114
115
116
117
118
## Run Onionr

* Run Onionr normally:  `$ ./onionr.sh start`
* Run Onionr in background as daemon: `$ ./start-daemon.sh`
* Open Onionr web interface  `$ ./onionr.sh openhome`
119
* Gracefully stop Onionr from CLI `$ ./onionr.sh stop`
Kevin's avatar
Kevin committed
120

Kevin's avatar
Kevin committed
121

Kevin's avatar
Kevin committed
122
# Contact/Community
Kevin's avatar
Kevin committed
123

Kevin's avatar
Kevin committed
124
125
126
* Email: beardog [ at ] mailbox.org
* Twitter: [@onionrnet](https://twitter.com/onionrnet)
* Onionr Mail: decentralized-fiery-freehearted-skimmer-yodling-topstitch-divorceable-ojibwa-resettlement-infracted-lessor-noninstinctual-leaseholder-counterpoised-couture-skinful
Kevin's avatar
Kevin committed
127
* Matrix: #onionr:amorgan.xyz
Kevin's avatar
Kevin committed
128
* Discord: https://discord.gg/DVF2bEAzrt (Discord is bad for freedom and privacy, this is only provided for convienience)
Kevin's avatar
Kevin committed
129

130
# Help out
Kevin's avatar
Kevin committed
131

132
Everyone is welcome to contribute. Help is wanted for the following:
133
134

* Development (Get in touch first)
Kevin's avatar
Kevin committed
135
    * Creation of a shared lib for use from other languages and faster proof-of-work
136
    * Android and IOS development
Kevin's avatar
Kevin committed
137
    * Mac support (already partially supported, testers needed)
138
    * Bug fixes and development of new features
139
* Testing
Kevin's avatar
Kevin committed
140
* Translations/localizations
Kevin's avatar
Kevin committed
141
* UI/UX design
142
143
* Running stable nodes
* Security review/audit
Kevin's avatar
Kevin committed
144
* I2P support
Kevin's avatar
Kevin committed
145

Kevin's avatar
Kevin committed
146
147
148
149
150
151
## Watch the talk from BSidesPDX 2019

<a href="https://www.youtube.com/watch?v=mrULtmSkKxg">
<img src="docs/talk.png" alt="improving anonymous networking talk link" width="600">
</a>

Kevin's avatar
Kevin committed
152
## Contribute money:
Kevin's avatar
Kevin committed
153

Kevin's avatar
Kevin committed
154
Donating at least $3 gets you cool Onionr stickers. Get in touch if you want them.
Kevin's avatar
Kevin committed
155
156
157

![sticker](docs/sticker.png)

Kevin's avatar
Kevin committed
158

Kevin's avatar
Kevin committed
159
* Bitcoin: [1onion55FXzm6h8KQw3zFw2igpHcV7LPq](bitcoin:1onion55FXzm6h8KQw3zFw2igpHcV7LPq) (Contact us for a unique address or for other coins)
160

Kevin's avatar
Kevin committed
161
* Monero: 4B5BA24d1P3R5aWEpkGY5TP7buJJcn2aSGBVRQCHhpiahxeB4aWsu15XwmuTjC6VF62NApZeJGTS248RMVECP8aW73Uj2ax
Kevin's avatar
Kevin committed
162

Kevin's avatar
Kevin committed
163
* USD (Card/Paypal (no account required)): [Ko-Fi](https://www.ko-fi.com/beardogkf)
Kevin's avatar
Kevin committed
164

Kevin's avatar
Kevin committed
165
* Sign up for [privacy.com (refferal link)](https://privacy.com/join/FNNDF) to protect your personal information when contributing or shopping elsewhere, we both get $5 USD.
Kevin's avatar
Kevin committed
166

Kevin's avatar
Kevin committed
167
168
Note: probably not tax deductible

Kevin's avatar
Kevin committed
169
170
# Security

Kevin's avatar
Kevin committed
171
Onionr is alpha software. This means it is unstable, probably insecure, and experimental.
Kevin's avatar
Kevin committed
172

Kevin's avatar
Kevin committed
173
174
175
No matter how good Onionr and other software gets, there will always be ways for clever or well-funded adversaries to break your security.

Onionr does not protect your identity if you associate your user ID with your name either on Onionr or elsewhere.
Kevin's avatar
Kevin committed
176
177
178
179
180
181

*Do not rely on Onionr or any other software to hold up if your life or liberty are at stake.*

### Licenses and Branding

Onionr is published under the GNU GPL v3 license, except for the logo.
Kevin's avatar
Kevin committed
182

183
184
185
The Tor Project and I2P developers do not own, create, or endorse this project, and are not otherwise involved.

Tor is a trademark for the Tor Project. We do not own it.
Kevin's avatar
Kevin committed
186

Kevin's avatar
Kevin committed
187
## Onionr Logo
Kevin's avatar
Kevin committed
188

189
The Onionr logo was created by [Anhar Ismail](https://github.com/anharismail) under the [Creative Commons Attribution 4.0 International License](https://creativecommons.org/licenses/by/4.0/).
Kevin's avatar
Kevin committed
190

191
If you modify and redistribute our code ("forking"), please use a different logo and project name to avoid confusion. Please do not use the project name or logo in a way that makes it seem like we endorse you without our permission.