A Gun DB extension that ships secure* ephemeral messaging between Gun peers using Bugout, secured by Gun's SEA suite

Related tags

Learning resource p2p gundb bugout decrentralization
Overview

Bugoff

A Gun DB extension that ships secure* ephemeral messaging between Gun peers using Bugout, secured by Gun's SEA suite

About

Bugoff creates an SEA encryption pair for every Bugout connection, encrypts each message with a shared secret, then decrypts those messages received by the recipient peer(s). It supports and encrypts direct (peer-to-peer) and broadcast (one-to-many) messages.

Gun peers typically communicate messages with each other by listening for graph change events. That means those messages generally must be stored somewhere on the graph before a peer receives a message about it. Bugoff glues together Gun and Bugout (a decentralized messaging library based on WebRTC/WebTorrent) to provide ephemeral messaging between peers that does not need to -- but may -- be stored in a Gun DB graph.

Bugoff peers connect to each other through Bugout, which is a WebTorrent extension that swarms peers together based on an infohash shared to the WebTorrent network. The infohash represents a torrent containing the swarm name. Since this is clear text in the torrent, Bugoff abstracts that name away with a SHA256 hash. This way, only those who know the SHA256 hash can join the Bugoff swarm. A way to secure the swarm further could be to pass in a Gun user's public SEA key as the swarm identifier.

Status

*Bugoff is in an experimental state. Some intended features and functionality may not yet work correctly. Please use with care!

Install

> npm i bugoff

Example

const { SEA } = require('gun')
const Bugoff = require('bugoff')

;(async ()=>{
  let bugoff = new Bugoff('some unique swarm identifier')

  // Return this Bugoff swarm/room identifier
  console.log('Bugoff swarm ID:', bugoff.identifier)

  console.log('My address:', bugoff.address)
  // You may pass in your own Gun SEA pair
  bugoff.SEA(await SEA.pair())
  
  // Or let Bugoff generate a new SEA pair for you (this happens automatically)
  await bugoff.SEA()

  // Return the current SEA pair
  console.log(await bugoff.sea)

  bugoff.on('seen', address => {
    console.log('Seen!', address)
    // Broadcast message
    bugoff.send('Broadcast message test')
    // Direct message
    bugoff.send(address, 'Direct message test')
  })

  // Decrypted messages
  bugoff.on('decrypted', (address, pubkeys, message) => {
    console.log('From address:', address)
    console.log('Sender pubkeys:', pubkeys)
    console.log('Message:', message)
  })

  // Encrypted messages. May be useful for debugging.
  bugoff.on('message', (address, data) => console.log('From:', address, 'Received message!', data))

})()

API

Bugoff follows the Bugout API, with this primary exception:

  1. Every message is encrypted using the Gun SEA suite, so the bugoff.on() and bugoff.once() methods require a new listener for decryption: bugoff.on('decrypted', (address, pubkeys, message)) & bugoff.once('decrypted', (address, pubkeys, message))

Bugoff will be further expanded / tested for Gun chaining methods in later versions.

Properties

bugoff.identifier

Returns the Bugoff swarm identifier, a SHA256 hash of the identifier that is passed in to create the swarm.

bugoff.address

Returns this instance's Bugoff address. This can be used by other peers to directly send messages to this instance.

bugoff.sea

Return the Gun SEA pair this instance is using.

This is an asychronous call and must be used with await.

Example

console.log('Bugoff swarm ID:', bugoff.identifier)
console.log('My address:', bugoff.address)
console.log('Insance encryption keys:', await bugoff.sea)

Methods

bugoff.SEA([pair])

Generate or pass in a Gun SEA pair. If pair is not specified, Bugoff will generate and use its own pair for this instance.

This is an asychronous call and must be used with await.

Events

'decrypted', (address, pubkeys, message)

Returns decrypted messages on the target Bugoff instance.

Example

bugoff.on('decrypted', (address, pubkeys, message) => {
  console.log('From address:', address)
  console.log('Sender pubkeys:', pubkeys)
  console.log('Message:', message)
})

'message', (address, message)

Returns encrypted messages on the target Bugoff instance. This may be useful for storing encrypted messages somewhere else, or for debugging.

TODO

  • Test with browsers. Bugoff should work in the browser with Browserify.
  • Extend to Gun as a Gun chain extension.

Contact

All feedback, critique, bug reports are welcome and expected. Please submit an issue, or chat with me about it

MIT licensed

You might also like...

A messaging app built on top of Solana blockchain where you can store and view your messages.

Message App on Solana 💬 This Message application written Rust using Anchor ⚓ Setting up the Environment: Rust Installation curl --proto '=https' --tl

Oct 2, 2022

Lightweight (zero dependencies) library for enabling cross document web messaging on top of the MessageChannel API.

Lightweight (zero dependencies) library for enabling cross document web messaging on top of the MessageChannel API.

Jul 15, 2022

A live instant messaging app that translates user messages into the other user's preferred language.

BabelFish Description BabelFish is an interactive multi-person chat app with built in live translation. It is created using the MERN stack (MongoDB, E

Jul 18, 2022

Agetos is a web-platform messaging service founded in 2022. It has no purpose. Just like the other applications.

Agetos is a web-platform messaging service founded in 2022. It has no purpose. Just like the other applications.

Start with a simple idea 🤳 Turn it into an awesome app 🔥 About Agetos is a web-platform messaging service founded in 2022. It has no purpose. Just l

Aug 4, 2022

Onchain private messaging app with a significant encryption algorithm.

Onchain private messaging app with a significant encryption algorithm.

Hedwig DEMO We want to implement SSL technology to blockchain so decided to build onchain private messaging app. Diffie Hellman protocol was invented

Nov 3, 2022

REST API complete test suite using openapi.json

Openapi Test Suite Objective This package aims to solve the following two problems: Maintenance is a big problem to solve in any test suite. As the AP

Nov 3, 2022

A lightweight abstraction between Svelte stores and Chrome extension storage.

Svelte Chrome Storage A lightweight abstraction between Svelte stores and Chrome extension storage. This library makes data synchronization of backgro

Nov 15, 2022

implements user authentication and session management using Express.js, MongoDB, and secure cookies

Auth-Flow This project is a simple user authentication system that uses Express.js and MongoDB to store user data. The system allows users to sign up

Mar 17, 2023

A simple but powerful tweening / animation library for Javascript. Part of the CreateJS suite of libraries.

TweenJS TweenJS is a simple tweening library for use in Javascript. It was developed to integrate well with the EaselJS library, but is not dependent

Jan 3, 2023
Comments
  • Bump minimist from 1.2.5 to 1.2.6

    Bump minimist from 1.2.5 to 1.2.6

    Bumps minimist from 1.2.5 to 1.2.6.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump simple-get from 4.0.0 to 4.0.1

    Bump simple-get from 4.0.0 to 4.0.1

    Bumps simple-get from 4.0.0 to 4.0.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Owner
Daniel Raeder
Daniel Raeder
GitHub
Generate a secured base32 one time password to authenticate your user! 🔐

Django SOTP ?? Generate a secured base32 one time password to authenticate your user! Case Study ?? Before I mention why you should use django-sotp in

アブラム (Abram) 36 Dec 22, 2022
A large scale simulation which pits millions of space ships against each other in a virtual universe all running directly in SingleStore.

Wasm Space Program In this demo we simulate a fake universe full of thousands of solar systems. In each solar system there are many space ships and en

SingleStore Labs 11 Nov 2, 2022
Under the Sea is an official AWS workshop delivered by AWS SAs and AWS Partners to help customers and partners to learn about AIOps with serverless architectures on AWS.

Under the Sea - AIOps with Serverless Workshop Under the Sea is an exciting MMORPG developed by the famous entrepreneur behind Wild Rydes, the most po

AWS Samples 4 Nov 16, 2022
A Secure Web Proxy. Which is fast, secure, and easy to use.

Socratex A Secure Web Proxy. Which is fast, secure, and easy to use. This project is under active development. Everything may change soon. Socratex ex

Leask Wong 220 Dec 15, 2022
A simple Prometheus (aggregated) push gateway allowing stateless/serverless workloads, ephemeral and batch jobs to easily expose their metrics.

Serverless Prometheus (aggregated) Push Gateway A simple Prometheus (aggregated) push gateway allowing stateless/serverless workloads, ephemeral and b

Adam Janiš 17 Dec 4, 2022
A simple example repo that demonstrates the dynamic ephemeral storage solution for AWS Lambda outlined in the corresponding Storyboard Dev Blog post.

AWS Lambda Dynamic Ephemeral Storage Example A simple example repo that demonstrates the dynamic ephemeral storage solution for AWS Lambda outlined in

Storyboard.fm 3 Jun 14, 2022
A peer-to-peer chat app that is serverless, decentralized, and ephemeral

Chitchatter Logo provided by @ramyashreeshetty Chitchatter is a free (as in both price and freedom) communication tool. It is designed with security a

Jeremy Kahn 714 Dec 19, 2022
A time-based one-time password (TOTP) generator and authenticator for Gun DB

Entangler A time-based one-time password (TOTP) generator and authenticator for Gun DB Entangler generates a 6 digit passcode every 30 seconds. It gen

Daniel Raeder 16 Nov 9, 2022
Telegram'da belirlediğiniz dakika, saat ve gün aralığında size istediğiniz para ve kripto para biriminin anlık fiyatını mesaj olarak gönderiyor.

Telegram Cryptocurrency Notification Bot Telegram'da belirlediğiniz dakika, saat ve gün aralığında size istediğiniz para ve kripto para biriminin anlı

İbrahim Can Mercan 18 Nov 23, 2022
Stream Chat Messaging Example App

Stream Chat Messaging Example App Is your core product something that would benefit from the increased engagement that comes from in-app chat? With St

Ashutosh Mohanty 7 Nov 20, 2022