shallot-routing
Advanced tools
Small-scale onion routing over WebRTC, built on top of Conductor-Chord in ES6.
DISCLAIMER: THIS PROJECT IS A PROOF-OF-CONCEPT, AND SHOULD NOT BE USED WHERE SERIOUS SECURITY IS DESIRED!
Shallot uses the chord network to allow opening of an onion route to any other node of a known ID. The idea is that this can allow for security-focused apps to be designed around Chord's File System and ownership of keys, allowing you to tie usernames in an app to node IDs if desired.
Routes in the system are one-way; this approach is taken to minimize the risk of route failure affecting both directions of traffic flow, similarly to I2P.
Shallot can be used either as a module for an existing Chord system, or as the basis of such a system:
//Full Shallot (includes Chord)
var Shallot = require("shallot").Shallot;
//Module Only
var Module = require("shallot").ShallotModule;
window.s = new Shallot({
chordConfig: {
// See Chord repo for details.
},
shallotConfig: {
// Amount of nodes before endpoint.
routeLength: 3,
// Timeout duration for each call along the route.
callTimeout: 1500,
// Max attempts for each call along the route.
maxCallRetries: 3,
// Time to cache answered states for calls.
rcCacheDuration: 20000
}
});
//Join a chord network...
s.join("ws://mcfelix.me:7171")
.then(
() => {
//Act on connections sent to us.
s.on("receiveConnection", conn => {
//Listening for messages on channels we receive.
conn.on("data", data => console.log(`[DATA] ${conn.startId}): ${data}`))
})
//Opening a connection to another node.
s.connectTo(/* id */)
.then(
session => session.send("Hello World!"),
error => console.log("Error encountered while opening! " + error)
)
},
error => {
alert("Couldn't join chord server: " + error);
}
)
For a server node, using my modified wrtc:
var Shallot = require("shallot").Shallot,
wrtc = require("wrtc"),
SegfaultHandler = require("segfault-handler");
SegfaultHandler.registerHandler("crash.log");
var s = new Shallot(
{
chordConfig:{
conductorConfig: {
rtc_facade: wrtc
},
isServer: true,
debug: true
}
}
);
FAQs
Small scale distributed onion routing over WebRTC.
The npm package shallot-routing receives a total of 1 weekly downloads. As such, shallot-routing popularity was classified as not popular.
We found that shallot-routing demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.