License: GNU General Public License v3.0
Go-ssb is an implementation of secure-scuttlebutt in Golang.
# Clone the repo and dependencies into your gopath
go get github.com/andyleap/go-ssb/...
# Build the sbot executable
cd go/src/github.com/andyleap/go-ssb/cmd/sbot
go build
# Run the executable
./sbot
# Point a web browser at localhost:9823 to use the client
# Go to localhost:9823/admin to add a pub invite and connect to the networkJoin us in #scuttlebutt-go on freenode.
Hi,
I'm interested in playing with go-ssb for side-projects and possibly contributing. I'm getting an error when trying to go get the project:
c@nuc:~/go/ssb$ go get github.com/andyleap/go-ssb/...
package github.com/andyleap/go-ssb/cmd/gopub
imports github.com/cryptix/secretstream: code in directory /home/c/go/ssb/src/github.com/cryptix/secretstream expects import "cryptoscope.co/go/secretstream"
I know some go but not enough to really bootstrap this project on my own. Maybe some simple instructions for people to be able to set this up where they can start to contribute?
go get github.com/andyleap/go-ssb/...
# cryptoscope.co/go/secretstream
../../../../../../cryptoscope.co/go/secretstream/client.go:46:66: undefined: netwrap.ConnWrapper
../../../../../../cryptoscope.co/go/secretstream/server.go:42:36: undefined: netwrap.ListenerWrapper
../../../../../../cryptoscope.co/go/secretstream/server.go:43:9: undefined: netwrap.NewListenerWrapper
../../../../../../cryptoscope.co/go/secretstream/server.go:47:32: undefined: netwrap.ConnWrapper
# github.com/andyleap/go-ssb/dns
../../../../../../github.com/andyleap/go-ssb/dns/dns.go:25:30: cannot use func literal (type func() interface {}) as type func(ssb.MessageBody) interface {} in assignment
../../../../../../github.com/andyleap/go-ssb/dns/dns.go:28:2: missing return at end of function
../../../../../../github.com/andyleap/go-ssb/dns/dns.go:37:30: cannot convert m.Key() (type ssb.Ref) to type []byte
make: *** [dep] Error 2
Every now and then sbot will attempt to connect to itself — and succeed:
$ sudo netstat -anp | grep 'fcbb:16a3:2050'
tcp6 4122579 2487632 fcbb:16a3:2050:a06:8008 fcbb:16a3:2050:a0:57170 ESTABLISHED 15011/./sbotSbot should probably learn all of its own IP addresses and then ignore all $theaddress:$myport:$mypubkey triplets (incoming and outgoing). It will not be sufficient to ignore the pubkey or the IP addresses, since people may run several instances of sbot with the same key — either on separate device or on the same devices with another port.
I often see this backtrace:
*panic: runtime error: slice bounds out of range
goroutine 14 [running]:
github.com/cryptix/secretstream/secrethandshake.(*State).verifyClientAuth(0x1420ba40, 0x360f5e30, 0x70, 0x70, 0x70)
/var/local/src/go/src/github.com/cryptix/secretstream/secrethandshake/state.go:177 +0x458
github.com/cryptix/secretstream/secrethandshake.Server(0x1420ba40, 0x592618, 0x2741b8a0, 0x592618, 0x2741b8a0)
/var/local/src/go/src/github.com/cryptix/secretstream/secrethandshake/conn.go:124 +0x23c
github.com/cryptix/secretstream.ServerOnce(0x594d80, 0x2741b8a0, 0x983efd48, 0x93f844d9, 0xe562cf18, 0xce78189a, 0xa668c6b8, 0xc0313c1d, 0xa319f876, 0x19658a6a, ...)
/var/local/src/go/src/github.com/cryptix/secretstream/server.go:59 +0xcc
github.com/cryptix/secretstream.Listener.Accept(0x593278, 0x1096f088, 0x10977ab0, 0x593278, 0x1096f088, 0x10a44980, 0x10977ab0)
/var/local/src/go/src/github.com/cryptix/secretstream/net.go:55 +0xb8
github.com/cryptix/secretstream.(*Listener).Accept(0x10a44980, 0x93f844d9, 0xe562cf18, 0xce78189a, 0xa668c6b8)
<autogenerated>:18 +0x5c
github.com/andyleap/go-ssb/gossip.Replicate.func1(0x10a10dc0)
/var/local/src/go/src/github.com/andyleap/go-ssb/gossip/gossip.go:215 +0x11c
created by github.com/andyleap/go-ssb/gossip.Replicate
/var/local/src/go/src/github.com/andyleap/go-ssb/gossip/gossip.go:224 +0x2c
go version go1.8.1 linux/arm on armv7 (but also seen on x86_64).
With commit 70:
unrecognized import path "cryptoscope.co/go/secretstream/secrethandshake"
I reverted the imports but the build still fails because
package github.com/andyleap/go-ssb/cmd/gopub
imports github.com/cryptix/secretstream: code in directory /Users/mrx/go/src/github.com/cryptix/secretstream expects import "cryptoscope.co/go/secretstream"
If sbot is already running, launching a second instance will cause a SIGSEGV:
$ ./sbot
2017/05/16 15:12:29 ; defined templates are: "avatar.tpl", "channel.tpl", "contact.tpl", "post.tpl", "vote-simple.tpl", "vote.tpl", "about.tpl", "git-repo.tpl", "git-update.tpl", "message.tpl"
2017/05/16 15:12:29 ; defined templates are: "blob.tpl", "feed.tpl", "index.tpl", "profile.tpl", "upload.tpl", "admin.tpl", "channel.tpl", "header.tpl", "navbar.tpl", "post.tpl", "search.tpl", "thread.tpl"
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x789709]
goroutine 1 [running]:
net/rpc.(*Server).Accept(0xc420019b00, 0x0, 0x0)
/usr/lib/go/src/net/rpc/server.go:623 +0x29
net/rpc.Accept(0x0, 0x0)
/usr/lib/go/src/net/rpc/server.go:681 +0x41
main.main()
/var/local/src/g/go/src/github.com/andyleap/go-ssb/cmd/sbot/main.go:65 +0x181
$ cat -n main.go | sed -n '63,67p'
63 l, _ := net.Listen("tcp", ":9822")
64
65 r.Accept(l)
66
67 select {}The fixed order in which the fields of a message are parsed and verified does not work. This is also explained in the protocol guide.
It leads to invalid signatures (false negative) and changed hashes of messages. This means replying to other threads and posting of messages that JS clients can't respond to.
I wrote more about it and a saner approach to this problem on this thread on ssb: %M/qtHwvL1qgbQNZUowOnggGXAtgKuagjQMHGgreuETE=.sha256 (gateway viewer link)
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.