Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - AyrA

Pages: [1] 2 3
General Discussion / BinSend: Send and decode binary attachments
« on: June 13, 2018, 05:53:23 PM »
I completely rewrote BinSend from scratch over the last two weeks.
The interface has been massively improved, the client properly handles the SameOrigin attribute and the overall bitmessage API integration is better.
Bonus: The repository is no longer a big mess.


Current Version:

Old Versions:

Note: I've set a tag "Old_Version" into the repository that marks the last version that still uses the old BinSend format. There is no binary download available but the compiled results are included in the repository itself (BinSend/bin/Release)

General Discussion / about:spam
« on: February 26, 2018, 04:10:18 PM »

Because of the massive abuse of this forum lately, I did a few things:

First of all, I removed like 20 spam posts and the associated accounts across all forums.
I then went over the User List (7000+ entries) and removed users according to these conditions:

- Removed Accounts older than 2018-01-01 without a single post.
- Removed accounts older than 24 hours with a website but no posts.

Result: We now have only 727 users on this forum.
About 90% of all accounts were never used or exclusively created for advertising bogus websites.

If your account was accidentally removed, you can create it again.
Be sure to make at least one valid post (topic or reply)

Spam Prevention

Whoever manages this forum (is Atheros still here?) please implement a somewhat working anti-spam mechanic.
Whatever is in place doesn't seems good enough anymore after 5 years.

This post will be removed after 3018-03-31

General Discussion / To the guy preventing me from sleeping with BM spam...
« on: September 04, 2014, 07:53:59 PM »
...could you fucking not? Thanks

We should definitely change PoW so at least it calculates something useful

General Discussion / Bitmessage messages.dat fixing tool
« on: July 07, 2014, 03:10:49 PM »
Message cleaner

Since there were a few issues with bitmessage, I made a little Application to fix the messages.dat file in Windows.

It contains various options you may want to try in case bitmessage no longer runs.
The application tries to find your messages.dat automatically by first looking in the current directory and then in your appdata path. If not found, you can browse manually.
The number next to each button, tells you how many items would be affected by it.
Pressing the "compact database" button will not empty the trash first, and gives a firm report on how much it shrunk.

Download here

Note: Invalidating the inventory or the pubkey table might cause trouble in bitmessage. Use only for debugging purposes!

General Discussion / BitMarket, a confiscation proof, open market system.
« on: January 04, 2014, 04:09:01 PM »
I am currently working on BitMarket, a confiscation proof, open market system.

Code: GitHub
Reddit link: reddit.com
BitText explaining how it works: bittext: 8wApvESl6y
More clean Readme file: bitm.sg: BitMarket

Feel free to make any suggestions or x-post it anywhere you like if you support it.

General Discussion / DML anonymity paradoxa
« on: November 30, 2013, 05:09:47 PM »
This is something, that came up into my mind while answering a question here in the forum.

The anonymity paradoxa is simple: The more people are using a public, well known DML, the less anonymous each individual gets.

Public DML addresses are a nice idea. People share the same address and therefore cannot be traced back, this is actually wrong.
The problem, DML messages are facing is, that the encryption key is trivial to find because the passphrase is listed on the internet or is a simple word ("general" for example).

How to isolate a node
First of all, find the IP you want to monitor and hook into his bitmessage connections (simple MITM).
Wait for the client to be fully synced. From this point on, any message this client sends, originates from him, because you (also synced) do not have it.
Try to decrypt each message with known keys from public DML addresses. if you succeed you know, that this particular message originated from a particular client.

Is this a problem?
Assuming, that bitmessage should prevent this, yes it is.

Can I protect myself from this?
You can using VPN or proxy services, in the hope, that your proxy chain is not monitored either.
Sending messages from a personal address to the DML address will not help you! The message can still be decrypted and (additionally) the signature can be verified, so now they also know, that you own this particular address.

Why is this possible?
DML was not a planned feature and is basically abusing the protocol.

Public DML addresses are not safe to use.

What about mailing lists?
A mailing list does not has this issue, because the private keys of the list are not public.

Does it applies to all DML addresses?
No, only to DML addresses, where the key is known. If the passphrase is only shared among a few people, they are safe to use (assuming a strong passphrase is used).
However, keep in mind, that traffic can be recorded and decryption can also be done offline.

General Discussion / HTTP over bitmessage
« on: November 17, 2013, 09:13:05 AM »
I know, it is ridiculous, but I managed to call websites over bitmessage:

Code: https://github.com/AyrA/BitHTTP
Video: https://www.youtube.com/watch?v=jy1z61VS5U0

You can basically use bitmessage to get content over a secure, trusted connection without a 3rd party verifying any certificates.
It's probably the first step towards a decentralized community, where each user hosts his own profile and has control over it.

To make this of any practical use, we need to lower POW. For this there should probably be a message type, which is discarded after 5 minutes of being sent and is never written to disk anywhere.

General Discussion / Magic bytes not correct
« on: November 11, 2013, 06:46:27 AM »
I just launched bitmessage and got a shitload of the message you see below.

Is somebody seeing this too? I sometimes have it during launch

Code: [Select]
The magic bytes were not correct. First 40 bytes of data: 'Q\xc3\xc7\xb3T\x06\x04:\x1b\xb9*\xc44C\xe
The magic bytes were not correct. First 40 bytes of data: '7\xff\xc1-h\x9c\xb80Q\xa0g$\x178\xbas\xc8
The magic bytes were not correct. First 40 bytes of data: '\x98G\x1bc\xb3\x1c\xa4\xf7\xa7\xf3d\x83j\
The magic bytes were not correct. First 40 bytes of data: '\x15ik/\xb4vP \x0c\xe5\x81\xee6c$\x7f\x87
The magic bytes were not correct. First 40 bytes of data: '\xb0\x1b\x92\x05]\xda6\xbc\xeb\xa6\x19\xe
The magic bytes were not correct. First 40 bytes of data: '\xa3\r"\xc9\x16/el\x94\xa4\xe1\xcb\xb0G\x
The magic bytes were not correct. First 40 bytes of data: '\x1b\x87\xe6S\xb5[:\xb4\xfc\xf8\x85\xba\x
The magic bytes were not correct. First 40 bytes of data: '\x11\x91\xe9\xf6\xc7MZ\xd2\xac\xef\xde\x1
The magic bytes were not correct. First 40 bytes of data: '\x10\x95\x15\x8ab._4\x0b\xdaJp\x8a\xaa\xd
The magic bytes were not correct. First 40 bytes of data: '`\xa4\xe4\xe9Q!\xd6\xee\x12D{\x0b\xba\xbc
The magic bytes were not correct. First 40 bytes of data: '\x0b\xe2Nd\x80\xe5-\xa7\x93V\xa4\xcb\xce{
The magic bytes were not correct. First 40 bytes of data: "\xde\x7f\xa5>\xe6k\xaf\xbcR\xf4W'\x89\xdb
The magic bytes were not correct. First 40 bytes of data: '\xc5w\xe6m\x89\xf6f\xab\x9aS\xff\xa3>\x00
The magic bytes were not correct. First 40 bytes of data: "W\xc3\x8cj0.\xa4\xf5\x0c\xce\x8c.v.\xef\x
The magic bytes were not correct. First 40 bytes of data: '\xac\xdeh28?\xe5N\\\x89\xff\xf6Q\xd6\xcb\
The magic bytes were not correct. First 40 bytes of data: '\xc5t\xe0\x94Z\xea\xab0\xfd\x83S+\x94\xe6
The magic bytes were not correct. First 40 bytes of data: '5\x18\xcc\x8e\x17\x98uw\xb7\x9bZ\xd9F\xb5
The magic bytes were not correct. First 40 bytes of data: '\xc9\xcb\xb6/\x17\x1c\x08@L\xc5\xf7oA\xd3
The magic bytes were not correct. First 40 bytes of data: '\xebe\x12\xd4\xac\x14\xf5\xf5\x1a\xe9\xa3
The magic bytes were not correct. First 40 bytes of data: '\xdf\xf3\x92\x10\x1b\x8b\x8d?<QS\x04fo\xe
au\xa5#y\x8a\xe6+\xfe\xa1\xf7<LB \x80\xbe\xe2`\xf9K\xdc\xb3\\\x96E'
The magic bytes were not correct. First 40 bytes of data: 'L\xf0F\x80!y2<\x024%\x97\xa1X\x06\xab^\x0
The magic bytes were not correct. First 40 bytes of data: "}O(\xbe\xe0\x0f\xa1\xc0\x02\xb9!\x13\xaa#
The magic bytes were not correct. First 40 bytes of data: 'xh\xce\xcc\x02\xbf\xa2\xaa\x118\xca\x86\x
The magic bytes were not correct. First 40 bytes of data: '\xef*$\x11\xa7s\x15V\x17\x97h\xc3\x19\xd4
The magic bytes were not correct. First 40 bytes of data: '\xf9\x10\xac\x1b\x0c\r\xb0\xed[\x1c\xf8yp
The magic bytes were not correct. First 40 bytes of data: '"EBX\xf8k\xe7\xd6\x08\xf2t\xf9\x89\xf5\xf
The magic bytes were not correct. First 40 bytes of data: "'\x1e\x98^Wa\xc0\xcaY\xc5\xc149\xa4\xa9kI
The magic bytes were not correct. First 40 bytes of data: '\x9ba\xb1\x1cv\xce\xba\xab\x1eG\x9d;\xb4\
The magic bytes were not correct. First 40 bytes of data: '\x0bf\xc4\xa1\xcb\\W\xac\x8cV\xc0\xf0p\x1
2\xb8D\xf1\xf8\xc90\xedh`\x14\x12$f9\xc8s\xae\xa60\x0c\x06\xd6\xdd aQ'
The magic bytes were not correct. First 40 bytes of data: '+]\xf8\x1bF\xe0\xb3@\xb2\xde\x86\xde\xf6\
xfd!9\xe11\xa4\xf5/\x9a\xc6\xacB\xc8\x17\x11n\xec\xcc\xaf\x1b\x12{\x82O \xe1O'
The magic bytes were not correct. First 40 bytes of data: '"\'\x9c8;\x06\xacq\x97\xde\x7fP!an\x04\xd
The magic bytes were not correct. First 40 bytes of data: '\xd8|\xae\x81\xac\x81N\xb2\xdf\x9f\xfe\xf
The magic bytes were not correct. First 40 bytes of data: '\xe9T\xf6=cB\xbc\\P\xa5\xa4B\xc4.w+\tX(\x
The magic bytes were not correct. First 40 bytes of data: '\xa4\xab0\xe9j\xef\xfd\x14c:\xc7r6\xf1\xd
The magic bytes were not correct. First 40 bytes of data: '\xe6\xd8\x16f\x12\xc4\xb0\x10\x10\xcb\xf8
The magic bytes were not correct. First 40 bytes of data: 'c\xda\xec\x8f"\xf3\xac8\xec\x9e\xad\xfa\x
The magic bytes were not correct. First 40 bytes of data: "\x03\xa2r\xdb\xb8\xe7\xc9T\x00\xf4R\xae\x
The magic bytes were not correct. First 40 bytes of data: 'I)`bt\x11g\xe0IK\xe0\xb6ca\xd7\x8b\x8aUK\

General Discussion / Binary attachments
« on: October 22, 2013, 06:08:03 PM »
I made a tool, that allows you to send various types of binary attachments in bitmessage and get them back.

If you plan on sending messages bigger than 100 KB, I highly recommend modifying the client for faster POW

You can get it from GitHub
If you download the Zip or clone it, you also get precompiled binaries in the release folder.


Send and decode binary attachments via bitmessage.
This application allows you to send and receive binary attachments and decode them.

  • Encodings: Base64, Hex, Raw, ASCII85
  • Split large files into parts
  • Fool proof even for DML addresses (assuming invalid part 1 is deleted)
  • Can find part chain even if multiple files with same names exist
  • Verifies each part.
  • Templates for sending different content
  • Address book integration
  • Encrypted password storage
  • Custom part size can be set to match the CPU

Planned features
  • Cancel button to abort a running transfer
  • Resending of single parts
  • Resume transfers at a later startup
  • Better main window, the current one is a big fucking mess.
  • Task list for pending tasks
  • Add an image of a dragon somewhere, dragons are awesome
  • Template for images
  • Variable for file extension (to automate image/{X} mime type declarations)

How to use
This chapter gives a brief introduction to the application

Initial setup and first run
Put BinSend.exe, CookComputing.XmlRpcV2.dll and Newtonsoft.Json.dll
into the same directory and just launch the exe file.
During startup it will ask you for your API settings
from the official PyBitmessage client.
You can find instriuctions here: [API Reference](https://bitmessage.org/wiki/API)

Once you have set up the API, you are ready to go.

Sending a file
To send a file, fill in the fields from top to bottom:

  • From address. This is collected via the API once during startup. If you generate a new address, restart BinSend to use it. never use a DML address or others can spoof the first part.
  • To address. This will propose addresses based on the address book. The text after the last space is only used for the address. The rest is assumed to be a label, so you are free to write XYZ BM-Addr3s5... into the field and it will detect the address once you leave it.
  • Subject: All messages share the same subject. Do not only put the file name in it.
  • Content: the big text field serves as content. You can either write one directly, or use the "Template" button to create and manage templates.
  • Encoding: select an encoding you like. Base64 is almost always the best choice, except if your content is pre-encoded. Click the "?" Button for more informations about the various encoding types.
  • Size: Specify the Size in KiloBytes per part. The step size is 100 KB, but you can also insert any valid value manually. Setting this to 0 will send everything in 1 part, this is useful for Images or HTML5 audio/video
  • Click on "Send File" to choose a file and start sending it.

Assembling a file
To assemble a file, click on the "Get Files" button in the main window.
The "part collector" window shows up (depending on your inbox in the client this may take a few seconds) and it displays all files it is able to decode. Click on the file you want and check the part table to the right. If all parts are green, assemble the file, otherwise double click on an entry to view the reason for it being marked as bad.

You can delete a file from the inbox once you do not need it any longer. You also can delete single parts.

Note: You can only assemble files, that are sent in a BinSend format. See below for minimum requirements.

If someone tries to sneak in an invalid first part, you can always delete it from the bitmessage client.
If you have an invalid part, double click it for more details. The issue can probably be resolved with resending. To prevent others from sending fake part-1 messages, always send from an address only you own.

Click on the template button in the main window to bring up the template manager.

With the template manager you can modify templates as you wish. if you start up the application the first time, it will create a few default templates.

Double click on a template to insert it into the main window and close the manager.

BinSend format
Binsend compatible messages are simple. The message can have any content, until a line with the text #BEGIN# is found, at which the parser kicks in. Do not put any other content at the end of the block.
He then expects the folowing Lines and values in each part:

Code: [Select]

  • SameOrigin: Can be Yes or No. Setting this to Yes, forces all parts to come from the same address. Should only be turned off, if you send parts from multiple machines with different addresses.
  • Name: The file name.
  • Part: Value must be in the format X;Y, where X is the current part and Y is the total number of parts.
  • Format: This is the format, in which the content is encoded.
  • Length: Size in bytes of the decoded part.
  • HashList: List of SHA1 hashes. The number of hashes must match the number of parts and they must follow in the same order. Use a comma to seperate them. The hash is taken from the decoded content.
  • Content: The actual content. Can be split over multiple lines.
  • Comments: You can put comments in it. Put a ; at the beginning of the line to mark it as comment. Comments do not work in the middle of a multi-line content field.

Custom Encodings
If you come up with a custom encoding, please try it first with binary content, before asking me to include it in BinSend. It is very simple to mess up an UTF-8 message, this is also the reason, why BinEnc and yEnc are included in the code, but not enabled.

Large files
Bitmessage is not intended to carry large files. Before sening a file, check if a link to the file is not enough instead of attaching it.

General Discussion / Faster POW for windows
« on: October 18, 2013, 09:13:36 AM »
For those using windows, you can achieve up to 40 times faster POW by letting a C++ DLL file calculate the POW, as this allows you to have multi-core support. (time was measured on an i7 8 core machine, your results may differ)

The compiled bitmessage client only uses one core and calculates in python, which is highly inefficient. If you are willing to run the source, you can however make some small modifications to it to increase the speed.
The source can be found here: https://github.com/grant-olson/bitmessage-powfaster/blob/master/fastcpu/bitmsghash.cpp

Installation instructions are provided in the zip file.

General Discussion / AutoUpdater for Bitmessage
« on: October 14, 2013, 05:47:46 PM »
if you run the compiled windows executable (bitmessage.exe)
put the BitUpdate.exe from github in the folder, where bitmessage.exe is and launch it instead.
It automatically updates bitmessage (if an update is available) and runs it.

  • Version check; Checks version before updating, only downloading bitmessage if required.
  • file check; if the version file or bitmessage.exe is missing, it is downloaded anyways.
  • Auto launch; Launches bitmessage after the update check
  • Auto downgrade; In case an update is reverted on the official site, it automatically downgrades your client too
  • Fallback; multiple locations are provided in the executable in case the main server fails

GitHub: https://github.com/AyrA/BitUpdate
Latest release: https://github.com/AyrA/BitUpdate/raw/master/BitUpdate/bin/Release/BitUpdate.exe

Requires: .NET 2.0

General Discussion / Store labels with the public key
« on: October 01, 2013, 07:56:56 AM »
I had this discussion about namecoin, DNS and aliases and came up with this Idea:

store the address label in the PubKey
From the thread:
It would probably better to have the name in an double SHA-1 form in the public key itself so we do not depend on an external tool (which costs money to be used). If we integrate it into the public key, a name disappears from the network if the address becomes inactive. This way, the user name database stays clean without somebody actually cleaning it (I think make this into a proposal ...)

How it works: Publishing/Encrypting
The Pubkey is encrypted already, so adding a name does not affects privacy of the issuer.

How it works: Updating
Updating the label of the key is simply done by rebroadcasting the same key with a new label. Clients who accepted the old label discard the old label and set a new one. If the user has used the label once, the client can store a reference for itself and can inform the user, if a label he used once is about to update and if the user accepts it (or sticks with the old label).

How it works: Replacing
Replacing is almost identical to updating, but the new key which uses the label now is signed with the old key. This way the label of the old key gets removed and transferred to the new key without somebody being able to intercept or alter it.

How it works: Using
If the user enters a label in the address field, the address is taken from the address book.

Since the Pubkey is encrypted, the label is invisible to users who do not know the BM Address.
If a user comes among a different address with the same label, he can decide how to handle it (ignore/rename/replace)

Decaying of labels
Labels vanish with the Pubkeys from the network. No need to clean up. The client can inform a user, that a label is decayed and if he wants to remove it to keep the address book clean.

Opt out feature
Pubkeys can still be published without a label.

General Discussion / Bitmessage DNS integration
« on: September 26, 2013, 05:39:05 AM »
Bitmessage DNS integration and namecoin tunnel.

This tool will allow you to look up bitmessage names, that have been set up according to the current proposal. Additionally it contains an address book so you can store individual addresses or groups for faster lookup.

Why DNS?
DNS is easy to use and is accessible for almost everyone without third party software.
With namecoin, you can pull all registered E-mail or BM addresses from the blockchain with simple commands which is unacceptable for some people.

You just said "no third party", but ...
The Bitmessage client has only namecoin capability built into it. DNS is not natively supported (yet).

How to get it?
Just download the precompiled tool, place it anywhere on your drive and launch it after bitmessage.
Source code is available on GitHub
How to set it up?
  • Start Bitmessage
  • Start BitDNS
  • Open the Bitmessage settings window, go into the namecoin tab
  • Configure Namecoind for localhost and port 8337 (do not use 8336)
  • Enter a username and a password. This is optional, if you do not plan on using namecoin at all and only want to use DNS (see next question)
  • Click "Test" and you should see a message, that namecoin is alive
  • Click OK

I can use namecoin too?
Yes. If you also enter your namecoin API username and password in bitmessage, the BitDNS server will forward all namecoin requests to your namecoind instance and answer all DNS requests too. Namecoind must be running on port 8336 for this to work (this is the default setting).

What if I do not want namecoin?
Just don't install namecoin then. The client will still try to forward requests to your namecoin instance, but if none is available, it will correctly format an error response for bitmessage. The tool will never ever look up DNS names, if your query does not starts with "DNS/".

How to use it?
To get it running after the initial setup, just launch it. It places a context menu icon in the tray. The address book can be opened with a double click If you have set it up correctly in bitmessage, you can see a "Fetch Namecoin ID" button on bitmessage. To fetch a namecoin ID, just enter the name (or id/name) in the field and click the button. To fetch a DNS record, enter "DNS/name", for example "DNS/list.ayra.ch"

Address book
The client has an address book feature. You can add entries with an address and a label. You can use the sdame label multiple times for different addresses to create address groups. If you send update messages to multiple addresses, store all addresses with the same label (for example "update") and then in the client enter ad/update as destination. The address book saves changes instantly.

How do I check a DNS name?
You can use this page to look up bitmessage records and test them if you wish.

How do I get a DNS name?
You can buy a DNS name for cheap (some providers even accept bitcoin) everywhere in the internet. It costs you usually 5$ to 10$ a year.
If you know somebody who owns a domain, he probably even sets up the record for free for you because it does not causes any troubles with existing services.

Screenshot of address book:

The attached screenshot shows the bitmessage example configuration

General Discussion / BitText - anonymous, hidden pastebin alternative
« on: August 29, 2013, 10:35:21 AM »
BitText is a simple service, that stores messages for you!

It works by sending Messages to the Address BM-GtkZoid3xpTUnwxezDfpWtYAfY6vgyHd.
In exchange to a stored text, you receive an ID token, that every user can use to get the message.

Public Web interface: bittext.ch or bittexttizfec375.onion
To read a BitText, call bittext.ch/ID
Example (with vanity ID): http://bittext.ch/IMAGE_JPEG
Makes sense to view as HTML

Users can:
  • HELP: Get the Help text, that is written below
  • ADD: Add new texts to the system
  • GET: Get texts, for which they have an ID
  • COPY: Copy a text to their own address

The address, that created the text additionally can:
  • MOD: Modify a text.
  • VAN: Generate a vanity ID.
  • DEL: Delete a text
  • LIST: List all texts for the address

HELP output:

Code: [Select]
BitText Help System
If you reveiced this message in error, look at the subject.
It was possibly invalid.

You need to store some data?
Want to proof you did something at a specific time?
Need a big message to reach multiple people?
Want a message to stay forever?
Use BitText!
BitText allows you to store any amount of text using simple commands in the subject line.

When you store content, you will get back an ID and can give it out to other people.
The text is associated with your Bitmessage Address

Command Overview
Commands usually use the subject line only.
Commands, that only use the subject line ignore any content in the body,
so it is safe (for example) to reply to this message and change the subject only.

Returns the text with the speicified ID in the subject.

Subject: GET APdM3D+kr8
Body:    None

Text with the specific ID and subject, or an Error message, if not possible.

The subject will have the format:
BitText <ID>: <Subject of the text>

The Message body will be in the format:

Date: <Date and 24h time, when the text was stored. Format: (dd.MM.yyyy HH:mm:ss UTC)>
From: <Address, that created the message>
(empty Line)
<Your content>

Lists all texts, created by yor address. Has no arguments.
You will get a list with ID, Upload time and subject of each
text you stored on the system. You must send this command
from the address you used to create texts.

Subject: LIST
Body:    None

A HTML list that might look like this:

ID          Address               Date                     Subject
XXXXXXXXXX  BM-Address...         DD.MM.YYYY HH.mm.SS UTC  Subject_of_your_message
YYYYYYYYYY  BM-Address...         DD.MM.YYYY HH.mm.SS UTC  Subject_of_your_message

Copies a text to your own Address

The Subject contains the text ID to copy from.

Subject: COPY APdM3D+kr8
Body:    None

The ID of the text

Deletes a text. Must be sent from the address,
that was used to create the text you want to be deleted.

Subject: DEL APdM3D+kr8
Body:    None

A message, that tells you, if your text was deleted.

Adds a text to the system.
The Subhject can be up to 50 chars long.
It is cut if too long.

Subject: ADD <your subject text here>
Body:    <Your text here>

Returns a message with your ID, if storing was successfull,
otherwise an error message.

Modifies an existing text on the system.
Must be used from the address, that created the text.
This will also silently update the Date/Time to the
current value.

Subject: MOD <ID> <your subject text here>
Body:    <Your text here>

Returns a confirmation or error message.

Modifies the ID of a Text.
Allows vanity text IDs to be generated,
that can be easily remembered by users. (I call this process VAN-ing from here)
A vanity ID must also match the ID criteria.
The allowed charset is abcdefghijklmnopqrstuvwxyz_ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
The length must be 10 chars.
IDs are case sensitive.
Must be used from the address, that created the text.

You can specify multiple ID entries in the order, they should be tried.
This gives you a higher chance of finding a valid vanity ID.
The first free ID you specify is taken as your new ID.
You cannot specify more than 100 IDs per message. If more than 100
are present, only the first 100 are checked.
IDs are specified in the body, not the subject and must be separated
with line breaks (LF or CRLF).

Changing the ID will not alter the Message or the date.
Instead of just VAN-ing an ID, you should copy and VAN-ing the copy.
This way, the old ID stays intact, if you already published it somewhere.

Warning! Simple vanity generated ID's like '0123456789' can lead to
a text being found out by pure luck more easily. Do not VAN-ing texts
with critical content.

Subject: VAN <ID>
Body: <Your proposed IDs seperated with a line break here>

Returns a message, confirming the ID, that was set, or an
error Message with the error description in it.

This message.
Also any invalid command will trigger this help

General Discussion / Proposal: Message rate limitation
« on: August 23, 2013, 05:05:50 PM »
It seems almost obvious, we need some sort of POW, that is fair for all to do.

I thought about message rate limitation and here is what came up:

(it does not replaces POW, but it could almost)

General overview
  • Clients can only send a limited amount of messages into the system, no matter how high POW actually is.
  • The number has to be discussed. (for example 10 msg per 1 minute still allows you to send 14'400 msg per day and connection
  • To be still expandable, this limit is not only enforced on a connection, but on a stream base, so if a client is in 2 streams, he can send 20 msg per minute (but only 10 to each stream).
  • This system has the advantage to being able to tell clients, when the network is full, if they nonstop hit their msg/min cap.

How it is implemented
  • if a client starts, he ignores the limit until most of his connected nodes have no more inventory items to share
  • After synchronization, the client engages rate limiting for all his connections
  • Clients have a limit of msg/min that can traverse a connection. This limit is dynamically adjusted to the fixed global limit, so a single connection never triggers a global lockdown.
  • Clients have a global upper limit of msg/min set (over all connections in a stream), if this is reached, he will ask for new messages more slowly, preventing the network from getting overloaded again. It also prevents a spammer from opening 5000 connections to clients just to circumvent the limit because really quickly the message cap is reached by the nodes and they slow down relaying. The number should be constant, not influenced by the number of connections, or nodes with port forwarding get abused. if the message cap is reached too often in a specific time, the network can be called "full"
  • If slowing down does not works (this means, the node that triggered it has way too much messages), clients go into a lockdown mode,where they also stop sending for a few seconds. This will slowly but constantly isolate the flooding nodes for a short time, allowing for the network to catch up.
  • Lockdown can also occur on a connection basis, rather than a global basis, if only one connection makes issues.
  • Messages cannot be pushed, only pulled, so if a node reaches its bandwidth cap, he can pull messages evenly over all his connections. Also it saves bandwidth, because nodes only pull messages, when they are ready for it.
  • Clients make statistics for themselves and try to average out the number of messages transported over a connection. This allows legit messages to be delivered while a possible DDoS is occurring. Statistics should be made on IP basis, so a client cannot reconnect to void his bad stats.
Other nice additions
These are completely optional, but might increase performance or usability
  • Streaming Mode; A client can enter streaming node. He tells this to his connected nodes and tells them a date and time (in form of a range "from-to"). The nodes then send all messages they have from that range. This allows quicker catch up with the current inventory, instead of asking for each message one by one.
  • Inventory size check; A client can ask its connected clients about their inventory size (number of elements in messages.dat). This allows a client to detect, if a connected node is potentially flooding. if the detection is triggered, no more messages will be pulled from the overloaded node until the client is in sync again with it.
  • Lockdown; Instead of not receiving, clients go into lockdown, where they also do not send.
  • Traffic averaging; A client tries to pull messages equally from all connections. If a node falls into lockdown, he will prefer connections that do not send much messages once he starts working again.
  • Message Priority; Messages from connection with only a few messages are relayed first when other clients ask for new messages. This causes flooding to be reduced further
  • connection rotation; A client, that has multiple nodes, gives each one the same chances and pulls messages from connections in a circular order. This can block a flooding node further because he does not gets asked for messages as often as needed to flood.
  • N/A
  • N/A

if you have any ides, add them here, so we can make a big proposal out of this and it can be implemented in one step.

Global and connection limits
I talked about a global and a connection/stream based limit.
  • Connection based; The connection based limit is simple. A client will not pull more than X messages per minute from a connection. This prevents a single client from flooding the network.
  • global limit; A client will not pull more than X messages per minute in total. This prevents flooding from multiple clients with multiple IP addresses and connections.

Pages: [1] 2 3