-
Notifications
You must be signed in to change notification settings - Fork 5
Protocol Specification
EMP uses Quibit to handle network connections and managing connected peers. You can find more information about Quibit via its GitHub Page.
| Field Name | Size | Go-Type | Description |
| magic | 4 | uint32 | Verify valid message server (0x987fc18e) |
| command | 1 | uint8 | Byte signifying how to interpret payload |
| type | 1 | uint8 | How message should be handled: BROADCAST = 0 REQUEST = 1 REPLY = 2 |
| checksum | 48 | []byte | SHA-384 Hash for Payload |
| length | 4 | uint32 | Length of payload in bytes |
| payload | ? | []byte |
| Field Name | Size | Go-Type | Description |
| ip_addr | 16 | net.IP ([16]byte) | Valid 16-Byte IPv6 Address, or IPv4 represented as 16 bytes (00 00 00 00 00 00 00 00 00 00 FF FF …) |
| port | 2 | uint16 | Valid port number with which to connect to the peer |
| last_seen | 8 | int64 | Standard UNIX timestamp in seconds |
Backbone nodes have their IP address exposed, so any node can connect to them. Peer nodes do not have their IP address exposed, so they can connect to backbone nodes, but backbone nodes cannot connect back. Peers can still be used as intermediaries between to backbone nodes.
The following commands should only part of REQUEST or REPLY frames. If the following has a BROADCAST, the frame should be dropped and a SHUN should be broadcast for the offending peer.
The peer initiating the connection is responsible for sending a version request to the server before any other communications. The valid response to a **VERSION **is another VERSION.
| Field Name | Size | Go-Type | Description |
| prot_version | 2 | uint16 | Current protocol version running on the peer |
| timestamp | 8 | int64 (time.Time) | Standard UNIX timestamp in seconds |
| IP_addr | 16 | net.IP | IP address, or all 0’s if node is not a backbone node |
| port | 2 | uint16 | Port, or 0 if node is not a backbone node |
| user_agent | ? | string | A User-Agent String |
Used for requesting or sending a list of peers to adjacent backbone nodes. List length can be calculated by dividing the total message length by 26. A list of peers length 0 acts as a pure request for the recipient’s peer list. The valid response to a PEER is another PEER.
| Field Name | Size | Go-Type | Description |
| peers | 26*? | []Node | Array of Peers |
Used for requesting or sending a list of object identifiers. List length can be calculated by dividing the total message length by 48. A list of objects length 0 acts as a pure request for the recipient’s object list. The valid response to an OBJ is another OBJ.
| Field Name | Size | Go-Type | Description |
| objects | 48*? | [][48]byte | A TXID-Hash for messages, or an Address-Hash for Public Keys and Public Key Requests |
Used for requesting a particular object from a connected peer. The valid response to a GETOBJ is either another empty GETOBJ if the object is not found, or any of the Broadcasted message types.
| Field Name | Size | Go-Type | Description |
| object | 48 | [48]byte | Object hashed with SHA-384 |
Upon receiving any of these message types for the first time, they should be re-broadcasted to all connected nodes. A node will allow broadcasted messages from another node if and only if they received a valid VERSION request or reply from that peer recently, otherwise a SHUN should be broadcast for the offending node.
Sends out a request for a public key. Public key requests should be stored for at least 1 day in all node inventories.
| Field Name | Size | Go-Type | Description |
| addr_hash | 48 | [48]byte | SHA-384 hash of the Address |
Sends out a symmetrically encrypted public key which can be decrypted with the Address. Public keys should be stored for at least 1 week, although longer or indefinite caching is recommended.
| Field Name | Size | Go-Type | Description |
| addr_hash | 48 | [48]byte | Recipient Public Identification Address |
| IV | 16 | [16]byte | AES-256 Initialization Vector |
| payload | 80 | [80]byte | Public key padded with 15 0-bytes. Valid pubkey length is 65. Encrypted with Public Sending Address |
Broadcasts an encrypted message to all nodes. MSG objects should be stored for at least 1 month or until the corresponding PURGE is received.
| Field Name | Size | Go-Type | Description |
| addr_hash | 48 | [48]byte | Recipient Public Identification Address |
| txid_hash | 48 | [48]byte | SHA-384 hash of the TXID |
| timestamp | 8 | int64 | Standard UNIX timestamp of message broadcast in seconds |
| IV | 16 | [16]byte | AES Initialization Vector |
| PubKey | 65 | [65]byte | Serialized Random X-Y Public Key for Decryption |
| ciphertext | ? | []byte | Encrypted Payload |
| MAC | 32 | [32]byte | HMAC/SHA256 for this message |
| Field Name | Size | Go-Type | Description |
| txid | 16 | [16]byte | TXID, required for PURGE broadcasts |
| pubkey | 65 | [65]byte | Sender’s Public Key |
| subject | ? | string | NULL-Terminated ASCII subject line |
| MIME | ? | string | NULL-Terminated ASCII MIME-type |
| plaintext | ? | []byte | Final, unencrypted message |
| signature | 65 | [65]byte | Signature of entire decrypted message using Sender’s Private Key |
Used as a combination read-receipt and signal to delete encrypted MSG objects. A peer should send out a PURGE as soon as they successfully decrypt a message. Clients should store a record of the PURGE until the normal expiration date of the purged MSG object.
| Field Name | Size | Go-Type | Description |
| txid | 16 | [16]byte | TXID that can be hashed to identify the MSG |
Functions identically to GETOBJ, except if the object is not a PURGE, than an empty **CHECKTXID **is returned. Standard use case is to check for a purged message on startup.
| Field Name | Size | Go-Type | Description |
| txid_hash | 48 | [48]byte | TXID_Hash that can be hashed to identify the MSG |
Broadcasts an encrypted publication to all nodes. PUB objects should be stored for at least 1 month or until the corresponding PURGE is received from the publisher.
| Field Name | Size | Go-Type | Description |
| addr_hash | 48 | [48]byte | Publisher’s Public Identification Address |
| txid_hash | 48 | [48]byte | SHA-384 hash of the TXID |
| timestamp | 8 | int64 | Standard UNIX timestamp of message broadcast in seconds |
| IV | 16 | [16]byte | AES Initialization Vector |
| PubKey | 65 | [65]byte | First 32 bytes are the Decryption Private Key, the last 33 are 0x00. |
| ciphertext | ? | []byte | Encrypted Payload |
| MAC | 32 | [32]byte | HMAC/SHA256 for this message |
| Field Name | Size | Go-Type | Description |
| txid | 16 | [16]byte | Either the txid (first-come-first-purge), or all 0x00, signifying that the purge will come from the publisher. |
| pubkey | 65 | [65]byte | Publisher’s Public Key |
| subject | ? | string | NULL-Terminated ASCII subject line |
| MIME | ? | string | NULL-Terminated ASCII MIME-type |
| plaintext | ? | []byte | Final, unencrypted message |
| signature | 65 | [65]byte | Signature of entire decrypted message using Publisher’s Private Key |
When a node receives a SHUN from 3 different nodes that have not had a SHUN directed at them, the offending node should be immediately disconnected and blacklisted for at least 1 day. In addition to any rules listed above, a node should broadcast a SHUN if they receive ANY malformed frames from ANY other node. A SHUN is stored in inventory as a SHA-384 hash of both peers. Any node broadcasting the same SHUN more than once will be immediately SHUNned.
| Field Name | Size | Go-Type | Description |
| offending_node | 26 | Peer | Description of the offending node |
| accusing_node | 26 | Peer | Description of accusing node |