README
¶
Indranet
Lightning powered distributed virtual private network for anonymising traffic on decentralised protocol networks.
About
The ubiquitous use of encryption on the internet took some time to happen, there was a time when the US government defined them as munitions and claimed export restrictions, and famously the PGP project broke this via the First Amendment, by literally printing the source code on paper and then posting it, it became recognised that code, and encryption, are protected speech.
With ubiquitous 128 and 256-bit AES encryption now in use by default, the content of messages is secure. However, the volume of messages and endpoints of signals are still useful intelligence data, enabling state level actors to attack internet users and violate their privacy and threaten their safety.
Protecting against this high level attack the main network currently doing this work is the Tor network. However, this system has many flaws, and in recent times its centralised relay registry has come under sustained attack by DDoS (distributed denial of service) attacks.
More specifically, the protocol has a severe bottleneck in its rendezvous model for linking two outbound 3 hop connections, attackers flood these with requests, and legitimate users cannot get a word in edgewise. Ironically they built a proof of work protocol to give users a way to get ahead of the spammers.
Indra eliminates this problem by using a constantly changing set of introducers and the actual bidirectional anonymity is done by the parties themselves via the source routing headers plus pairs of hops added in front of the recipient's routing header.
One of the big problems of the Tor network is its weak network effect. There is no incentive for anyone to run nodes on the network, and worse, the most common use case is tunneling back out of the network to anonymize location, is largely abused and led to a lot of automated block systems arising on many internet services to prevent this abuse.
Indra makes it possible for anyone to offer this kind of outbound relaying service if they want to, but with compensation for doing so, which covers the risk they take as being the visible origin point of shady traffic from time to time.
Indra uses source routing, similar to the Lightning Network and an early but not really quite viable mixnet design called HORNET. The problem with source routed mixnets is that they are very vulnerable to spam. Indra eliminates this problem by no traffic being relayed without first paying a small forward payment to relays for this traffic, thus creating an economic disincentive for spam if the profit is below the routing fees.
fin
notes:
([a-zA-z0-9\_\-\.][a-zA-z0-9\/\_\-\.]+)\:([0-9]+) is a regex that matches the
relative file paths in the log output. $1 and $2 from this are the relative path
and the line number.
Documentation
¶
Overview ¶
Package indra is the root of the repository for the Indra distributed VPN, containing mainly the version information for included executables to use for information and identification on the network.
See pkg/github.com/indra-labs/indra/cmd/indra for the main server executable.
Put invocations to run all the generators in here check pkg/github.com/indra-labs/indra/cmd/bumper to add them, and they will automatically run with:
$ go generate .
which will run all these generators below and finish with a go install.
Index ¶
Constants ¶
View Source
const ( // URL is the git URL for the repository. URL = "github.com/indra-labs/indra" // GitRef is the gitref, as in refs/heads/branchname. GitRef = "refs/heads/master" // ParentGitCommit is the commit hash of the parent HEAD. ParentGitCommit = "2e01ddf6d2e5b6e66ca0454902ae58cc38980792" // BuildTime stores the time when the current binary was built. BuildTime = "2023-07-06T09:28:11+01:00" // SemVer lists the (latest) git tag on the release. SemVer = "v0.1.19" // Major is the major number from the tag. Major = 0 // Minor is the minor number from the tag. Minor = 1 // Patch is the patch version number from the tag. Patch = 19 )
Variables ¶
View Source
var CI = "false"
Functions ¶
Types ¶
This section is empty.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
bumper
Bumper is a tool for creating version information to be placed at the repository root of a project.
|
Bumper is a tool for creating version information to be placed at the repository root of a project. |
|
docker
Package docker contains tools for Docker deployments of Indra and components.
|
Package docker contains tools for Docker deployments of Indra and components. |
|
docker/release
Package release is a tool to create and publish docker images.
|
Package release is a tool to create and publish docker images. |
|
indra
Indra is a low latency, source routed mixnet distributed virtual private network protocol.
|
Indra is a low latency, source routed mixnet distributed virtual private network protocol. |
|
indra/seed
Package seed is a non-relay node that simply accepts and propagates peer advertisment gossip to clients and relays on the network.
|
Package seed is a non-relay node that simply accepts and propagates peer advertisment gossip to clients and relays on the network. |
|
indra/seed/client
Package client is a client for the seed RPC service for remote unlock and management.
|
Package client is a client for the seed RPC service for remote unlock and management. |
|
pkg
|
|
|
ad
Package ad is an interface for peer information advertisements.
|
Package ad is an interface for peer information advertisements. |
|
cfg
Package cfg contains settings for the various network modes and seeds for those networks.
|
Package cfg contains settings for the various network modes and seeds for those networks. |
|
codec
Package codec defines an interface for encoding and decoding message packets in the Indra network.
|
Package codec defines an interface for encoding and decoding message packets in the Indra network. |
|
codec/ad
Package ad is an abstract message type that composes the common elements of all ads - nonce ID, public key (identity), expiry and signature.
|
Package ad is an abstract message type that composes the common elements of all ads - nonce ID, public key (identity), expiry and signature. |
|
codec/ad/addresses
Package addresses defines the message format that provides the network multi-address of a peer with a given public identity key.
|
Package addresses defines the message format that provides the network multi-address of a peer with a given public identity key. |
|
codec/ad/intro
Package intro defines a message type that provides information about an introduction point for a hidden service.
|
Package intro defines a message type that provides information about an introduction point for a hidden service. |
|
codec/ad/load
Package load provides a message type that provides information about the current load level of a node identified by its public key.
|
Package load provides a message type that provides information about the current load level of a node identified by its public key. |
|
codec/ad/peer
Package peer provides a message type that provides the base information, identity key and relay rate for an Indra relay.
|
Package peer provides a message type that provides the base information, identity key and relay rate for an Indra relay. |
|
codec/ad/services
Package services provides a message type for advertising what kinds of exit services a peer provides to clients, including the port number and the cost per megabyte of data.
|
Package services provides a message type for advertising what kinds of exit services a peer provides to clients, including the port number and the cost per megabyte of data. |
|
codec/onion/cores/balance
Package balance provides an onion layer message that comes in response to a getbalance query, informing the client of the balance of a session, identified by the getbalance nonce.ID.
|
Package balance provides an onion layer message that comes in response to a getbalance query, informing the client of the balance of a session, identified by the getbalance nonce.ID. |
|
codec/onion/cores/confirmation
Package confirmation provides an onion message type that simply returns a confirmation for an associated nonce.ID of a previous message that we want to confirm was received.
|
Package confirmation provides an onion message type that simply returns a confirmation for an associated nonce.ID of a previous message that we want to confirm was received. |
|
codec/onion/cores/end
Package end is a null tombstone type onion message that indicates there is no more data in the onion (used with encoding only).
|
Package end is a null tombstone type onion message that indicates there is no more data in the onion (used with encoding only). |
|
codec/onion/cores/response
Package response provides a message type in response to an Exit message.
|
Package response provides a message type in response to an Exit message. |
|
codec/onion/crypt
Package crypt is an onion message layer which specifies that subsequent content will be encrypted.
|
Package crypt is an onion message layer which specifies that subsequent content will be encrypted. |
|
codec/onion/delay
Package delay provides an onion message type that allows a client to specify an arbitrary delay time before processing the rest of an onion message.
|
Package delay provides an onion message type that allows a client to specify an arbitrary delay time before processing the rest of an onion message. |
|
codec/onion/exit
Package exit is an onion message type that contains a payload intended to be forwarded to the exit service of a relay.
|
Package exit is an onion message type that contains a payload intended to be forwarded to the exit service of a relay. |
|
codec/onion/forward
Package forward is an onion message layer that specifies a single redirection for the remainder of the onion.
|
Package forward is an onion message layer that specifies a single redirection for the remainder of the onion. |
|
codec/onion/getbalance
Package getbalance provides an onion message layer type that makes a request for the current balance of a session.
|
Package getbalance provides an onion message layer type that makes a request for the current balance of a session. |
|
codec/onion/hidden/introquery
Package introquery is an onion message that verifies a relay is an introducer for a given hidden service, returning its intro.Ad.
|
Package introquery is an onion message that verifies a relay is an introducer for a given hidden service, returning its intro.Ad. |
|
codec/onion/hidden/ready
Package ready provides an onion message type that is sent via client provided routing header back to the client after an introducer forwards a route message to initiate a hidden service connection.
|
Package ready provides an onion message type that is sent via client provided routing header back to the client after an introducer forwards a route message to initiate a hidden service connection. |
|
codec/onion/hidden/route
Package route provides an onion mesage type that initiates a hidden service connection with a designated introducer who holds the forwarding routing header to send the route message to a hidden service, who replies to the client using their reply routing header with a ready message.
|
Package route provides an onion mesage type that initiates a hidden service connection with a designated introducer who holds the forwarding routing header to send the route message to a hidden service, who replies to the client using their reply routing header with a ready message. |
|
codec/onion/hidden/services
Package services provides a message type for hidden services to send to designated introducer relays.
|
Package services provides a message type for hidden services to send to designated introducer relays. |
|
codec/onion/hidden/whisper
Package whisper provides a message type for sending a message to a hidden service, or back to a hidden service client.
|
Package whisper provides a message type for sending a message to a hidden service, or back to a hidden service client. |
|
codec/onion/reverse
Package reverse provides a message type for the forwarding directions in a 3 layer routing header.
|
Package reverse provides a message type for the forwarding directions in a 3 layer routing header. |
|
codec/onion/session
Package session provides an onion message type that delivers the two session private keys to be associated with a session, for which the hash of the secrets was used as the payment preimage for starting a session.
|
Package session provides an onion message type that delivers the two session private keys to be associated with a session, for which the hash of the secrets was used as the payment preimage for starting a session. |
|
codec/ont
Package ont defines interfaces for the engine: Ngin and Onion coding.Codec subtypes, and some helpers that use the abstraction.
|
Package ont defines interfaces for the engine: Ngin and Onion coding.Codec subtypes, and some helpers that use the abstraction. |
|
codec/reg
Package reg is a registry for message types that implement the coding.Codec interface.
|
Package reg is a registry for message types that implement the coding.Codec interface. |
|
crypto
Package crypto contains all the cryptographic primitives used in Indra.
|
Package crypto contains all the cryptographic primitives used in Indra. |
|
crypto/ciph
Package ciph manages encryption ciphers and encrypting blobs of data.
|
Package ciph manages encryption ciphers and encrypting blobs of data. |
|
crypto/nonce
Package nonce provides a simple interface for generating standard AES encryption nonces that give strong cryptographic entropy to message encryption, as well as 8 byte (64 bit) random private identifiers for references between types.
|
Package nonce provides a simple interface for generating standard AES encryption nonces that give strong cryptographic entropy to message encryption, as well as 8 byte (64 bit) random private identifiers for references between types. |
|
crypto/sha256
Package sha256 provides a simple interface for single and double SHA256 hashes, used with secp256k1 signatures, message digest checksums, cloaked public key "addresses" and so on.
|
Package sha256 provides a simple interface for single and double SHA256 hashes, used with secp256k1 signatures, message digest checksums, cloaked public key "addresses" and so on. |
|
docker
Package docker contains a library for building and pushing docker images for Indra to a configured docker repository.
|
Package docker contains a library for building and pushing docker images for Indra to a configured docker repository. |
|
engine
Package engine is the implementation of the core Indra relay and client.
|
Package engine is the implementation of the core Indra relay and client. |
|
engine/ads
Package ads provides a bundle for peer information advertisement types and initial generation of them, and deriving a peer node data structure from the ad set received over the gossip network.
|
Package ads provides a bundle for peer information advertisement types and initial generation of them, and deriving a peer node data structure from the ad set received over the gossip network. |
|
engine/consts
Package consts is a series of constants common to several different onion message types.
|
Package consts is a series of constants common to several different onion message types. |
|
engine/dispatcher
Package dispatcher is a network packet send/receive handler for peer to peer connections between relays.
|
Package dispatcher is a network packet send/receive handler for peer to peer connections between relays. |
|
engine/magic
Package magic is a simple specification and error helper for message identifying 4 byte strings that are used for the switching logic of a relay.
|
Package magic is a simple specification and error helper for message identifying 4 byte strings that are used for the switching logic of a relay. |
|
engine/node
Package node is a specification for the in-memory metadata related to an indra network peer.
|
Package node is a specification for the in-memory metadata related to an indra network peer. |
|
engine/packet
Package packet handles segmenting messages into uniform sized packets and generating a stream of cipher halves and receiver cloaked addresses to encrypt them with, and reassembling the segments into the original messages.
|
Package packet handles segmenting messages into uniform sized packets and generating a stream of cipher halves and receiver cloaked addresses to encrypt them with, and reassembling the segments into the original messages. |
|
engine/payments
Package payments provides an abstraction above the implementation for handling Lightning Network payments and storing pending payments awaiting session keys.
|
Package payments provides an abstraction above the implementation for handling Lightning Network payments and storing pending payments awaiting session keys. |
|
engine/responses
Package responses handles waiting for and responding to received responses, including tracking the session billing and custom callback hooks when responses arrive.
|
Package responses handles waiting for and responding to received responses, including tracking the session billing and custom callback hooks when responses arrive. |
|
engine/services
Package services defines the base data structure for a service.
|
Package services defines the base data structure for a service. |
|
engine/sess
Package sess provides the Session Manager, which keeps track of a client's sessions.
|
Package sess provides the Session Manager, which keeps track of a client's sessions. |
|
engine/sessions
Package sessions defines some key data structures relating to the data for sessions, imported by sess package for reading and writing session and circuit metadata.
|
Package sessions defines some key data structures relating to the data for sessions, imported by sess package for reading and writing session and circuit metadata. |
|
engine/tpt
Package tpt provides the definition of the interface Transport, which is an abstraction used for reading and writing to peers via transport.Transport.
|
Package tpt provides the definition of the interface Transport, which is an abstraction used for reading and writing to peers via transport.Transport. |
|
engine/transport
Package transport provides a set of definitions of abstractions that layer above the implementation enabling the use of simple functions that interact on channels to queue and receive messages from the tpt.Transport of which several variants are here implemented.
|
Package transport provides a set of definitions of abstractions that layer above the implementation enabling the use of simple functions that interact on channels to queue and receive messages from the tpt.Transport of which several variants are here implemented. |
|
headers
Package headers is a set of helpers for defining the data to put in a reverse message to enable source routed messages to return anonymously to the client who sent them.
|
Package headers is a set of helpers for defining the data to put in a reverse message to enable source routed messages to return anonymously to the client who sent them. |
|
hidden
Package hidden is a manager for hidden services.
|
Package hidden is a manager for hidden services. |
|
interrupt
Package interrupt provides a set of services for handling OS interrupt signals and in-place restarting of a server.
|
Package interrupt provides a set of services for handling OS interrupt signals and in-place restarting of a server. |
|
node
Package node provides the magic keys that identify each network swarm in the Indra network - mainnet, testnet and simnet.
|
Package node provides the magic keys that identify each network swarm in the Indra network - mainnet, testnet and simnet. |
|
p2p
Package p2p provides the implementation for the p2p gossip and libp2p swarm membership used for a seed node, which is a non-relaying, non-client node only providing network metadata to new connections.
|
Package p2p provides the implementation for the p2p gossip and libp2p swarm membership used for a seed node, which is a non-relaying, non-client node only providing network metadata to new connections. |
|
p2p/metrics
Package metrics provides a simple logging update of the status of a seed node and its peer and connection counts.
|
Package metrics provides a simple logging update of the status of a seed node and its peer and connection counts. |
|
proc/log
Package log is a logging subsystem that provides code optional location tracing and semi-automated subsystem registration and output control.
|
Package log is a logging subsystem that provides code optional location tracing and semi-automated subsystem registration and output control. |
|
rpc
Package rpc provides an RPC server for use in remote control and external application integration.
|
Package rpc provides an RPC server for use in remote control and external application integration. |
|
seed
Package seed provides an implementation of an indra seed server, its purpose to be a rendezvous point for non-routeable clients as well as gathering and distributing current peer information metadata.
|
Package seed provides an implementation of an indra seed server, its purpose to be a rendezvous point for non-routeable clients as well as gathering and distributing current peer information metadata. |
|
storage
Package storage provides an encrypted key value store and an RPC service for remote unlocking to prevent secrets being stored on remote nonvolatile storage.
|
Package storage provides an encrypted key value store and an RPC service for remote unlocking to prevent secrets being stored on remote nonvolatile storage. |
|
util/appdata
Package appdata provides access to the current operating system's proper default application data directory, where we can read and write, and ideally, not have other processes also read and write (as in android/iOS).
|
Package appdata provides access to the current operating system's proper default application data directory, where we can read and write, and ideally, not have other processes also read and write (as in android/iOS). |
|
util/b32
Package b32 is an isolated package for storing the based32 cipher set.
|
Package b32 is an isolated package for storing the based32 cipher set. |
|
util/b32/based32
Package based32 provides a simplified variant of the standard Bech32 human readable binary codec
|
Package based32 provides a simplified variant of the standard Bech32 human readable binary codec |
|
util/b32/codec
Package codec provides a high level abstraction for a customisable binary data encoder with a string encoding.
|
Package codec provides a high level abstraction for a customisable binary data encoder with a string encoding. |
|
util/b32/codecer
Package codecer is the interface definition for a Human Readable Binary Transcription Codec
|
Package codecer is the interface definition for a Human Readable Binary Transcription Codec |
|
util/cryptorand
Package cryptorand augments the standard math/rand library with cryptographic entropy seeding.
|
Package cryptorand augments the standard math/rand library with cryptographic entropy seeding. |
|
util/file
Package file provides some helpers for working with files and folders, specifically making possibly multi-level deep new directories based on a pathspec and testing whether a file exists.
|
Package file provides some helpers for working with files and folders, specifically making possibly multi-level deep new directories based on a pathspec and testing whether a file exists. |
|
util/math
Package math provides a simple 32 bit unsigned integer minimum function.
|
Package math provides a simple 32 bit unsigned integer minimum function. |
|
util/multi
Package multi provides several functions for working with multiaddr.Multiaddr and netip.AddrPort types, including public key p2p identifiers.
|
Package multi provides several functions for working with multiaddr.Multiaddr and netip.AddrPort types, including public key p2p identifiers. |
|
util/norm
Package norm is a string comparison library that makes everything lowercase before comparison for case insensitive equality testing.
|
Package norm is a string comparison library that makes everything lowercase before comparison for case insensitive equality testing. |
|
util/path
Package path provides a simple string slice representation for paths, equally usable for filesystems or HD keychain schemes.
|
Package path provides a simple string slice representation for paths, equally usable for filesystems or HD keychain schemes. |
|
util/qu
Package qu provides observable quit and trigger signal channels that forgive common errors like closing closed channels and signaling closed channels, normally causing a panic.
|
Package qu provides observable quit and trigger signal channels that forgive common errors like closing closed channels and signaling closed channels, normally causing a panic. |
|
util/slice
Package slice is a collection of miscellaneous functions involving slices of bytes, including little-endian encoding for 16, 32 and 64-bit unsigned integers used for serialisation length prefixes and system entropy based hash chain padding.
|
Package slice is a collection of miscellaneous functions involving slices of bytes, including little-endian encoding for 16, 32 and 64-bit unsigned integers used for serialisation length prefixes and system entropy based hash chain padding. |
|
util/splice
Package splice is a collection of tools for encoding and decoding variables into byte buffers with a fluent chained method interface.
|
Package splice is a collection of tools for encoding and decoding variables into byte buffers with a fluent chained method interface. |
|
util/tests
Package tests provides some helpers for tests.
|
Package tests provides some helpers for tests. |
|
util/windows
Package windows provides some tools for handling launching subprocesses on windows using cmd.exe.
|
Package windows provides some tools for handling launching subprocesses on windows using cmd.exe. |
Click to show internal directories.
Click to hide internal directories.