From 66661e47dc826f50b690e080057f47a0ea27016c Mon Sep 17 00:00:00 2001 From: Aleksi Lindeman <0xdec05eba@gmail.com> Date: Sat, 17 Feb 2018 14:26:29 +0100 Subject: Add encryption functions (xchacha20) Changed license to GPL 3.0 because of incompatible license with opendht. Should odhtdb stay GPL 3.0 or should opendht be replaced with libdht so license can be changed back to MIT? --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'README.md') diff --git a/README.md b/README.md index d14d88c..8db5819 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # odhtdb Decentralized key-value database using OpenDHT for decentralized communication. +## End-to-end encryption +Data is signed using ed25519 and encrypted using XChaCha20. See src/Encryption.cpp and src/Signature.cpp. # Limits Only 65kb of data can be used for each `add`. You can add more data by using `add` several times. @@ -13,3 +15,9 @@ But how can we know if data was routed? does opendht expose this to other nodes Currently operations are executed without knowing if they succeed or not. Operations should be modified to perhaps return std::future or use a callback function which is called with the operation result. ## Safely store private keys Use Argon2 to store private keys +## Authorization +Verify the user that uses 'add' operation belongs to a group with write access to the key. If authorization fails, store the request +for a period of time since the request can be received before we have got the request to add user to the group with write access for the key. +This can happen because we dont verify all peers get the data so by the time one peer gets the data, they could have got other data from us +(depends on network routing, network speed etc). Out of order requests also allows the network to operate faster. +Operations are parsed in order for the receiving peer using operation timestamp. -- cgit v1.2.3