Private list of bootstrap/relay nodes

[red-zxspectrum]

Hi!

With default settings TRIFA (and other Tox clients) use TCP relays for communication with other clients. So the traffic goes through unknown servers, we cannot trust these servers for sure. The server cannot decrypt client's data, but it can collect metadata: IP, port, traffic profile, delays. It is possible to use UDP, but it does not work well, and an ISP can observe IPs of peers. Someone might prefer to avoid some servers in bad countries. TRIFA has an option to add a node, but there is no option to replace built-in nodes.

I would be great to have an ability to control the node list. I see two options here:

• Simple ability to load a JSON file to replace all built-in nodes. I think this option is not very hard to implement: just remove hardcoded nodes from the sources and add a small JSON loader.
• Whitelist for all communications. Not just restrict bootstrap node/relay list, but filter out any IPs if they are not in the whitelist. Useful for DHT and P2P, but hard to implement.

Thank you for your project!

[zoff99]

the underlying library (c-toxcore) does not support this at this time. tox clients will share nodes, TCP relays as well as UDP DHT nodes.

[red-zxspectrum]

the underlying library (c-toxcore) does not support this at this time

Do you mean that if I delete all default nodes from the source code, recompile the app, and add my own node in the options, then TRIFA (through c-toxcore) will find and use other nodes anyway? I can run my own tox-bootstrapd and set an empty list of other bootstrap nodes for it, then use it as TCP relay. I think in this case TRIFA (c-toxcore) will be unable to find any nodes, is not it?

[zoff99]

if you delete all the default nodes and then start the app with your own bootstrap node eventually you may get other nodes from friend's toxcore.
the only way to avoid connecting to some nodes is a firewall on your device.
of course you could patch c-toxcore to never use any other tcp relays. but this is another matter and not something trifa can do.

toxcore itself does not hide your IP address (you need to use tor proxy for that)
tor proxy should solve your issue, if tor is working in your part of the world.

[zoff99]

trifa does have an experimental option to fully disable TCP mode and only use direct P2P UDP connections.
it would totally avoid any TCP relays. i am not sure if this is what you want.

[red-zxspectrum]

tor proxy should solve your issue, if tor is working in your part of the world.

TOR is banned in some countries, but Tox protocol is not (not yet). It would be great to support other transport of just a plain SOCKS to let user to choose.

option to fully disable TCP mode and only use direct P2P UDP connections.

Good as an option. Will UDP mode work through a proxy?

[zoff99]

Will UDP mode work through a proxy? --> No.

[red-zxspectrum]

Will UDP mode work through a proxy? --> No.

Why not? Some SOCKS5 proxies can work with UDP too.