mirror of https://github.com/status-im/specs.git
2 lines
41 KiB
HTML
2 lines
41 KiB
HTML
<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <title>1/CLIENT - Status Specification</title> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon"> <link rel="stylesheet" href="/assets/css/just-the-docs-default.css"> <script type="text/javascript" src="/assets/js/vendor/lunr.min.js"></script> <script type="text/javascript" src="/assets/js/just-the-docs.js"></script> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- Begin Jekyll SEO tag v2.7.1 --> <title>1/CLIENT | Status Specification</title> <meta name="generator" content="Jekyll v4.2.1" /> <meta property="og:title" content="1/CLIENT" /> <meta property="og:locale" content="en_US" /> <link rel="canonical" href="https://specs.status.im/stable/1" /> <meta property="og:url" content="https://specs.status.im/stable/1" /> <meta property="og:site_name" content="Status Specification" /> <meta name="twitter:card" content="summary" /> <meta property="twitter:title" content="1/CLIENT" /> <script type="application/ld+json"> {"@type":"WebPage","url":"https://specs.status.im/stable/1","headline":"1/CLIENT","@context":"https://schema.org"}</script> <!-- End Jekyll SEO tag --> </head> <body> <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"> <symbol id="svg-link" viewBox="0 0 24 24"> <title>Link</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-link"> <path d="M10 13a5 5 0 0 0 7.54.54l3-3a5 5 0 0 0-7.07-7.07l-1.72 1.71"></path><path d="M14 11a5 5 0 0 0-7.54-.54l-3 3a5 5 0 0 0 7.07 7.07l1.71-1.71"></path> </svg> </symbol> <symbol id="svg-search" viewBox="0 0 24 24"> <title>Search</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-search"> <circle cx="11" cy="11" r="8"></circle><line x1="21" y1="21" x2="16.65" y2="16.65"></line> </svg> </symbol> <symbol id="svg-menu" viewBox="0 0 24 24"> <title>Menu</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"> <line x1="3" y1="12" x2="21" y2="12"></line><line x1="3" y1="6" x2="21" y2="6"></line><line x1="3" y1="18" x2="21" y2="18"></line> </svg> </symbol> <symbol id="svg-arrow-right" viewBox="0 0 24 24"> <title>Expand</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-right"> <polyline points="9 18 15 12 9 6"></polyline> </svg> </symbol> <symbol id="svg-doc" viewBox="0 0 24 24"> <title>Document</title> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file"> <path d="M13 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V9z"></path><polyline points="13 2 13 9 20 9"></polyline> </svg> </symbol> </svg> <div class="side-bar"> <div class="site-header"> <a href="https://specs.status.im/" class="site-title lh-tight"> Status Specification </a> <a href="#" id="menu-button" class="site-button"> <svg viewBox="0 0 24 24" class="icon"><use xlink:href="#svg-menu"></use></svg> </a> </div> <nav role="navigation" aria-label="Main" id="site-nav" class="site-nav"> <ul class="nav-list"><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="https://specs.status.im/stable/" class="nav-list-link">Stable specs</a><ul class="nav-list "><li class="nav-list-item active"><a href="https://specs.status.im/stable/1" class="nav-list-link active">1/CLIENT</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/10" class="nav-list-link">10/WAKU-USAGE</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/11" class="nav-list-link">11/WAKU-MAILSERVER</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/15" class="nav-list-link">15/NOTIFICATIONS</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/2" class="nav-list-link">2/ACCOUNT</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/3" class="nav-list-link">3/WHISPER-USAGE</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/4" class="nav-list-link">4/WHISPER-MAILSERVER</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/5" class="nav-list-link">5/SECURE-TRANSPORT</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/6" class="nav-list-link">6/PAYLOADS</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/8" class="nav-list-link">8/EIPS</a></li><li class="nav-list-item "><a href="https://specs.status.im/stable/9" class="nav-list-link">9/ETHEREUM-USAGE</a></li></ul></li><li class="nav-list-item"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="https://specs.status.im/draft/" class="nav-list-link">Draft specs</a><ul class="nav-list "><li class="nav-list-item "><a href="https://specs.status.im/draft/12" class="nav-list-link">12/IPFS gateway for Sticker Pack</a></li><li class="nav-list-item "><a href="https://specs.status.im/draft/13" class="nav-list-link">13/3RD-PARTY-USAGE</a></li><li class="nav-list-item "><a href="https://specs.status.im/draft/14" class="nav-list-link">14/Dapp browser API usage</a></li><li class="nav-list-item "><a href="https://specs.status.im/draft/16" class="nav-list-link">16/Keycard Usage for Wallet and Chat Keys</a></li><li class="nav-list-item "><a href="https://specs.status.im/draft/3" class="nav-list-link">3/WHISPER-USAGE</a></li><li class="nav-list-item "><a href="https://specs.status.im/draft/6" class="nav-list-link">6/PAYLOADS</a></li><li class="nav-list-item "><a href="https://specs.status.im/draft/7" class="nav-list-link">7/GROUP-CHAT</a></li></ul></li><li class="nav-list-item"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="https://specs.status.im/raw/" class="nav-list-link">Raw specs</a><ul class="nav-list "><li class="nav-list-item "><a href="https://specs.status.im/raw/16" class="nav-list-link">16/PUSH-NOTIFICATION-SERVER</a></li></ul></li><li class="nav-list-item"><a href="https://specs.status.im/development" class="nav-list-link">DEVELOPMENT</a></li><li class="nav-list-item"><a href="https://specs.status.im/style-guideline" class="nav-list-link">STYLE-GUIDELINE</a></li></ul> </nav> <footer class="site-footer"> This site uses <a href="https://github.com/pmarsceill/just-the-docs">Just the Docs</a>, a documentation theme for Jekyll. </footer> </div> <div class="main" id="top"> <div id="main-header" class="main-header"> <div class="search"> <div class="search-input-wrap"> <input type="text" id="search-input" class="search-input" tabindex="0" placeholder="Search Status Specification" aria-label="Search Status Specification" autocomplete="off"> <label for="search-input" class="search-label"><svg viewBox="0 0 24 24" class="search-icon"><use xlink:href="#svg-search"></use></svg></label> </div> <div id="search-results" class="search-results"></div> </div> </div> <div id="main-content-wrap" class="main-content-wrap"> <nav aria-label="Breadcrumb" class="breadcrumb-nav"> <ol class="breadcrumb-nav-list"> <li class="breadcrumb-nav-list-item"><a href="https://specs.status.im/stable/">Stable specs</a></li> <li class="breadcrumb-nav-list-item"><span>1/CLIENT</span></li> </ol> </nav> <div id="main-content" class="main-content" role="main"> <h1 id="1client"> <a href="#1client" class="anchor-heading" aria-labelledby="1client"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> 1/CLIENT </h1> <blockquote> <p>Version: 0.3</p> <p>Status: Stable</p> <p>Authors: Adam Babik <a href="mailto:adam@status.im">adam@status.im</a>, Andrea Maria Piana <a href="mailto:andreap@status.im">andreap@status.im</a>, Dean Eigenmann <a href="mailto:dean@status.im">dean@status.im</a>, Corey Petty <a href="mailto:corey@status.im">corey@status.im</a>, Oskar Thorén <a href="mailto:oskar@status.im">oskar@status.im</a>, Samuel Hawksby-Robinson <a href="mailto:samuel@status.im">samuel@status.im</a> (alphabetical order)</p> </blockquote> <h2 id="abstract"> <a href="#abstract" class="anchor-heading" aria-labelledby="abstract"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Abstract </h2> <p>This specification describes how to write a Status client for communicating with other Status clients.</p> <p>This specification presents a reference implementation of the protocol <sup><a href="#footnotes">1</a></sup> that is used in a command line client <sup><a href="#footnotes">2</a></sup> and a mobile app <sup><a href="#footnotes">3</a></sup>.</p> <p>This document consists of two parts. The first outlines the specifications that have to be implemented in order to be a full Status client. The second gives a design rationale and answers some common questions.</p> <h2 id="table-of-contents"> <a href="#table-of-contents" class="anchor-heading" aria-labelledby="table-of-contents"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Table of Contents </h2> <ul> <li><a href="#abstract">Abstract</a></li> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#introduction">Introduction</a> <ul> <li><a href="#protocol-layers">Protocol layers</a></li> <li><a href="#protobuf">Protobuf</a></li> </ul> </li> <li><a href="#components">Components</a> <ul> <li><a href="#p2p-overlay">P2P Overlay</a> <ul> <li><a href="#node-discovery-and-roles">Node discovery and roles</a></li> <li><a href="#bootstrapping">Bootstrapping</a></li> <li><a href="#discovery">Discovery</a></li> <li><a href="#mobile-nodes">Mobile nodes</a></li> </ul> </li> <li><a href="#transport-privacy-and-whisper--waku-usage">Transport privacy and Whisper/Waku usage</a></li> <li><a href="#secure-transport">Secure Transport</a></li> <li><a href="#data-sync">Data Sync</a></li> <li><a href="#payloads-and-clients">Payloads and clients</a></li> <li><a href="#bips-and-eips-standards-support">BIPs and EIPs Standards support</a></li> </ul> </li> <li><a href="#security-considerations">Security Considerations</a></li> <li><a href="#design-rationale">Design Rationale</a> <ul> <li><a href="#p2p-overlay-1">P2P Overlay</a> <ul> <li><a href="#why-devp2p-why-not-use-libp2p">Why devp2p? Why not use libp2p?</a></li> <li><a href="#what-about-other-rlpx-subprotocols-like-les-and-swarm">What about other RLPx subprotocols like LES, and Swarm?</a></li> <li><a href="#why-do-you-use-whisper">Why do you use Whisper?</a></li> <li><a href="#why-do-you-use-waku">Why do you use Waku?</a></li> <li><a href="#why-is-pow-for-waku-set-so-low">Why is PoW for Waku set so low?</a></li> <li><a href="#why-do-you-not-use-discovery-v5-for-node-discovery">Why do you not use Discovery v5 for node discovery?</a></li> <li><a href="#i-heard-something-about-mailservers-being-trusted-somehow">I heard something about <code class="language-plaintext highlighter-rouge">Mailservers</code> being trusted somehow?</a></li> </ul> </li> <li><a href="#data-sync-1">Data sync</a> <ul> <li><a href="#why-is-mvds-not-used-for-public-chats">Why is MVDS not used for public chats?</a></li> </ul> </li> </ul> </li> <li><a href="#footnotes">Footnotes</a></li> <li><a href="#appendix-a-security-considerations">Appendix A: Security considerations</a> <ul> <li><a href="#scalability-and-ux">Scalability and UX</a></li> <li><a href="#privacy">Privacy</a></li> <li><a href="#spam-resistance">Spam resistance</a></li> <li><a href="#censorship-resistance">Censorship resistance</a></li> </ul> </li> <li><a href="#acknowledgments">Acknowledgments</a></li> <li><a href="#changelog">Changelog</a> <ul> <li><a href="#version-03">Version 0.3</a></li> </ul> </li> </ul> <h2 id="introduction"> <a href="#introduction" class="anchor-heading" aria-labelledby="introduction"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Introduction </h2> <h3 id="protocol-layers"> <a href="#protocol-layers" class="anchor-heading" aria-labelledby="protocol-layers"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Protocol layers </h3> <p>Implementing a Status clients largely means implementing the following layers. Additionally, there are separate specifications for things like key management and account lifecycle.</p> <p>Other aspects, such as how a node uses IPFS for stickers or how the browser works, are currently underspecified. These specifications facilitate the implementation of a Status client for basic private communication.</p> <div class="table-wrapper"><table> <thead> <tr> <th>Layer</th> <th>Purpose</th> <th>Technology</th> </tr> </thead> <tbody> <tr> <td>Data and payloads</td> <td>End user functionality</td> <td>1:1, group chat, public chat</td> </tr> <tr> <td>Data sync</td> <td>Data consistency</td> <td>MVDS.</td> </tr> <tr> <td>Secure transport</td> <td>Confidentiality, PFS, etc</td> <td>Double Ratchet</td> </tr> <tr> <td>Transport privacy</td> <td>Routing, Metadata protection</td> <td>Waku / Whisper</td> </tr> <tr> <td>P2P Overlay</td> <td>Overlay routing, NAT traversal</td> <td>devp2p</td> </tr> </tbody> </table></div> <h3 id="protobuf"> <a href="#protobuf" class="anchor-heading" aria-labelledby="protobuf"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Protobuf </h3> <p><a href="https://developers.google.com/protocol-buffers/"><code class="language-plaintext highlighter-rouge">protobuf</code></a> is used in different layers, version <code class="language-plaintext highlighter-rouge">proto3</code> used is unless stated otherwise.</p> <h2 id="components"> <a href="#components" class="anchor-heading" aria-labelledby="components"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Components </h2> <h3 id="p2p-overlay"> <a href="#p2p-overlay" class="anchor-heading" aria-labelledby="p2p-overlay"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> P2P Overlay </h3> <p>Status clients run on a public, permissionless peer-to-peer network, as specified by the devP2P network protocols. devP2P provides a protocol for node discovery which is in draft mode <a href="https://github.com/ethereum/devp2p/blob/master/discv5/discv5.md">here</a>. See more on node discovery and management in the next section.</p> <p>To communicate between Status nodes, the <a href="https://github.com/ethereum/devp2p/blob/master/rlpx.md">RLPx Transport Protocol, v5</a> is used, which allows for TCP-based communication between nodes.</p> <p>On top of this RLPx-based subprotocols are ran, the client SHOULD NOT use <a href="https://eips.ethereum.org/EIPS/eip-627">Whisper V6</a>, the client SHOULD use <a href="https://rfc.vac.dev/spec/6/">Waku V1</a> for privacy-preserving messaging and efficient usage of a node’s bandwidth.</p> <h4 id="node-discovery-and-roles"> <a href="#node-discovery-and-roles" class="anchor-heading" aria-labelledby="node-discovery-and-roles"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Node discovery and roles </h4> <p>There are four types of node roles:</p> <ol> <li><code class="language-plaintext highlighter-rouge">Bootstrap node</code></li> <li><code class="language-plaintext highlighter-rouge">Whisper/Waku relayer</code></li> <li><code class="language-plaintext highlighter-rouge">Mailserver</code> (servers and clients)</li> <li><code class="language-plaintext highlighter-rouge">Mobile node</code> (Status Clients)</li> </ol> <p>A standard Status client MUST implement both <code class="language-plaintext highlighter-rouge">Whisper/Waku relayer</code> and <code class="language-plaintext highlighter-rouge">Mobile node</code> node types. The other node types are optional, but it is RECOMMEND to implement a <code class="language-plaintext highlighter-rouge">Mailserver</code> client mode, otherwise the user experience is likely to be poor.</p> <h4 id="bootstrapping"> <a href="#bootstrapping" class="anchor-heading" aria-labelledby="bootstrapping"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Bootstrapping </h4> <p>Bootstrap nodes allow Status nodes to discover and connect to other Status nodes in the network.</p> <p>Currently, Status Gmbh provides the main bootstrap nodes, but anyone can run these provided they are connected to the rest of the Whisper/Waku network.</p> <p>Status maintains a list of production fleet bootstrap nodes in the following locations:</p> <p><strong>Hong Kong:</strong></p> <ul> <li><code class="language-plaintext highlighter-rouge">enode://6e6554fb3034b211398fcd0f0082cbb6bd13619e1a7e76ba66e1809aaa0c5f1ac53c9ae79cf2fd4a7bacb10d12010899b370c75fed19b991d9c0cdd02891abad@47.75.99.169:443</code></li> <li><code class="language-plaintext highlighter-rouge">enode://23d0740b11919358625d79d4cac7d50a34d79e9c69e16831c5c70573757a1f5d7d884510bc595d7ee4da3c1508adf87bbc9e9260d804ef03f8c1e37f2fb2fc69@47.52.106.107:443</code></li> </ul> <p><strong>Amsterdam:</strong></p> <ul> <li><code class="language-plaintext highlighter-rouge">enode://436cc6f674928fdc9a9f7990f2944002b685d1c37f025c1be425185b5b1f0900feaf1ccc2a6130268f9901be4a7d252f37302c8335a2c1a62736e9232691cc3a@178.128.138.128:443</code></li> <li><code class="language-plaintext highlighter-rouge">enode://5395aab7833f1ecb671b59bf0521cf20224fe8162fc3d2675de4ee4d5636a75ec32d13268fc184df8d1ddfa803943906882da62a4df42d4fccf6d17808156a87@178.128.140.188:443</code></li> </ul> <p><strong>Central US:</strong></p> <ul> <li><code class="language-plaintext highlighter-rouge">enode://32ff6d88760b0947a3dee54ceff4d8d7f0b4c023c6dad34568615fcae89e26cc2753f28f12485a4116c977be937a72665116596265aa0736b53d46b27446296a@34.70.75.208:443</code></li> <li><code class="language-plaintext highlighter-rouge">enode://5405c509df683c962e7c9470b251bb679dd6978f82d5b469f1f6c64d11d50fbd5dd9f7801c6ad51f3b20a5f6c7ffe248cc9ab223f8bcbaeaf14bb1c0ef295fd0@35.223.215.156:443</code></li> </ul> <p>These bootstrap nodes MAY change and are not guaranteed to stay this way forever and at some point circumstances might force them to change.</p> <h4 id="discovery"> <a href="#discovery" class="anchor-heading" aria-labelledby="discovery"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Discovery </h4> <p>A Status client MUST discover or have a list of peers to connect to. Status uses a light discovery mechanism based on a combination of <a href="https://github.com/ethereum/devp2p/blob/master/discv5/discv5.md">Discovery v5</a> and <a href="https://github.com/libp2p/specs/tree/master/rendezvous">Rendezvous Protocol</a>, (with some <a href="https://github.com/status-im/rendezvous#differences-with-original-rendezvous">modifications</a>). Additionally, some static nodes MAY also be used.</p> <p>A Status client MUST use at least one discovery method or use static nodes to communicate with other clients.</p> <p>Discovery V5 uses bootstrap nodes to discover other peers. Bootstrap nodes MUST support Discovery V5 protocol as well in order to provide peers. It is kademlia-based discovery mechanism and it might consume significant (at least on mobile) amount of network traffic to operate.</p> <p>In order to take advantage from simpler and more mobile-friendly peers discovery mechanism, i.e. Rendezvous protocol, one MUST provide a list of Rendezvous nodes which speak Rendezvous protocol. Rendezvous protocol is request-response discovery mechanism. It uses Ethereum Node Records (ENR) to report discovered peers.</p> <p>Both peers discovery mechanisms use topics to provide peers with certain capabilities. There is no point in returning peers that do not support a particular protocol. Status nodes that want to be discovered MUST register to Discovery V5 and/or Rendezvous with the <code class="language-plaintext highlighter-rouge">whisper</code> topic. Status nodes that are <code class="language-plaintext highlighter-rouge">Mailservers</code> and want to be discoverable MUST additionally register with the <code class="language-plaintext highlighter-rouge">whispermail</code> topic.</p> <p>It is RECOMMENDED to use both mechanisms but at the same time implement a structure called <code class="language-plaintext highlighter-rouge">PeerPool</code>. <code class="language-plaintext highlighter-rouge">PeerPool</code> is responsible for maintaining an optimal number of peers. For mobile nodes, there is no significant advantage to have more than 2-3 peers and one <code class="language-plaintext highlighter-rouge">Mailserver</code>. <code class="language-plaintext highlighter-rouge">PeerPool</code> can notify peers discovery protocol implementations that they should suspend their execution because the optimal number of peers is found. They should resume if the number of connected peers drops or a <code class="language-plaintext highlighter-rouge">Mailserver</code> disconnects.</p> <p>It is worth noticing that an efficient caching strategy MAY be of great use, especially, on mobile devices. Discovered peers can be cached as they rarely change and used when the client starts again. In such a case, there might be no need to even start peers discovery protocols because cached peers will satisfy the optimal number of peers.</p> <p>Alternatively, a client MAY rely exclusively on a list of static peers. This is the most efficient way because there are no peers discovery algorithm overhead introduced. The disadvantage is that these peers might be gone and without peers discovery mechanism, it won’t be possible to find new ones.</p> <p>The current list of static peers is published on <a href="https://fleets.status.im/">https://fleets.status.im/</a>. <code class="language-plaintext highlighter-rouge">eth.prod</code> is the current group of peers the official Status client uses. The others are test networks.</p> <p>Finally, Waku node addresses can be retrieved by traversing the merkle tree found at <a href="https://fleets.status.im"><code class="language-plaintext highlighter-rouge">fleets.status.im</code></a>, as described in <a href="https://eips.ethereum.org/EIPS/eip-1459#client-protocol">EIP-1459</a>.</p> <h4 id="mobile-nodes"> <a href="#mobile-nodes" class="anchor-heading" aria-labelledby="mobile-nodes"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Mobile nodes </h4> <p>A <code class="language-plaintext highlighter-rouge">Mobile node</code> is a Whisper and/or Waku node which connects to part of the respective Whisper and/or Waku network(s). A <code class="language-plaintext highlighter-rouge">Mobile node</code> MAY relay messages. See next section for more details on how to use Whisper and/or Waku to communicate with other Status nodes.</p> <h3 id="transport-privacy-and-whisper--waku-usage"> <a href="#transport-privacy-and-whisper--waku-usage" class="anchor-heading" aria-labelledby="transport-privacy-and-whisper--waku-usage"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Transport privacy and Whisper / Waku usage </h3> <p>Once a Whisper and/or Waku node is up and running there are some specific settings required to communicate with other Status nodes.</p> <p>See <a href="https://specs.status.im/spec/3">3/WHISPER-USAGE</a> and <a href="https://specs.status.im/spec/10">10/WAKU-USAGE</a> for more details.</p> <p>For providing an offline inbox, see the complementary <a href="https://specs.status.im/spec/4">4/WHISPER-MAILSERVER</a> and <a href="https://specs.status.im/spec/11">11/WAKU-MAILSERVER</a>.</p> <h3 id="secure-transport"> <a href="#secure-transport" class="anchor-heading" aria-labelledby="secure-transport"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Secure Transport </h3> <p>In order to provide confidentiality, integrity, authentication and forward secrecy of messages the node implements a secure transport on top of Whisper and Waku. This is used in 1:1 chats and group chats, but not for public chats. See <a href="https://specs.status.im/spec/5">5/SECURE-TRANSPORT</a> for more.</p> <h3 id="data-sync"> <a href="#data-sync" class="anchor-heading" aria-labelledby="data-sync"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Data Sync </h3> <p><a href="https://specs.vac.dev/mvds.html">MVDS</a> is used for 1:1 and group chats, however it is currently not in use for public chats. <a href="#payloads-and-clients">Status payloads</a> are serialized and then wrapped inside an MVDS message which is added to an <a href="https://specs.vac.dev/mvds.html#payloads">MVDS payload</a>, the node encrypts this payload (if necessary for 1-to-1 / group-chats) and sends it using Whisper or Waku which also encrypts it.</p> <h3 id="payloads-and-clients"> <a href="#payloads-and-clients" class="anchor-heading" aria-labelledby="payloads-and-clients"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Payloads and clients </h3> <p>On top of secure transport, various types of data sync clients and the node uses payload formats for things like 1:1 chat, group chat and public chat. These have various degrees of standardization. Please refer to <a href="https://specs.status.im/spec/6">6/PAYLOADS</a> for more details.</p> <h3 id="bips-and-eips-standards-support"> <a href="#bips-and-eips-standards-support" class="anchor-heading" aria-labelledby="bips-and-eips-standards-support"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> BIPs and EIPs Standards support </h3> <p>For a list of EIPs and BIPs that SHOULD be supported by Status client, please see <a href="https://specs.status.im/spec/8">8/EIPS</a>.</p> <h2 id="security-considerations"> <a href="#security-considerations" class="anchor-heading" aria-labelledby="security-considerations"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Security Considerations </h2> <p>See <a href="#appendix-a-security-considerations">Appendix A</a></p> <h2 id="design-rationale"> <a href="#design-rationale" class="anchor-heading" aria-labelledby="design-rationale"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Design Rationale </h2> <h3 id="p2p-overlay-1"> <a href="#p2p-overlay-1" class="anchor-heading" aria-labelledby="p2p-overlay-1"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> P2P Overlay </h3> <h4 id="why-devp2p-why-not-use-libp2p"> <a href="#why-devp2p-why-not-use-libp2p" class="anchor-heading" aria-labelledby="why-devp2p-why-not-use-libp2p"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Why devp2p? Why not use libp2p? </h4> <p>At the time Status developed the main Status clients, devp2p was the most mature. However, in the future libp2p is likely to be used, as it’ll provide us with multiple transports, better protocol negotiation, NAT traversal, etc.</p> <p>For very experimental bridge support, see the bridge between libp2p and devp2p in <a href="https://github.com/status-im/murmur">Murmur</a>.</p> <h4 id="what-about-other-rlpx-subprotocols-like-les-and-swarm"> <a href="#what-about-other-rlpx-subprotocols-like-les-and-swarm" class="anchor-heading" aria-labelledby="what-about-other-rlpx-subprotocols-like-les-and-swarm"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> What about other RLPx subprotocols like LES, and Swarm? </h4> <p>Status is primarily optimized for resource restricted devices, and at present time light client support for these protocols are suboptimal. This is a work in progress.</p> <p>For better Ethereum light client support, see <a href="https://github.com/status-im/status-go/issues/1025">Re-enable LES as option</a>. For better Swarm support, see <a href="https://github.com/ethersphere/SWIPs/pull/12">Swarm adaptive nodes</a>.</p> <p>For transaction support, Status clients currently have to rely on Infura.</p> <p>Status clients currently do not offer native support for file storage.</p> <h4 id="why-do-you-use-whisper"> <a href="#why-do-you-use-whisper" class="anchor-heading" aria-labelledby="why-do-you-use-whisper"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Why do you use Whisper? </h4> <p>Whisper is one of the <a href="http://gavwood.com/dappsweb3.html">three parts</a> of the vision of Ethereum as the world computer, Ethereum and Swarm being the other two. Status was started as an encapsulation of and a clear window to this world computer.</p> <h4 id="why-do-you-use-waku"> <a href="#why-do-you-use-waku" class="anchor-heading" aria-labelledby="why-do-you-use-waku"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Why do you use Waku? </h4> <p>Waku is a direct upgrade and replacement for Whisper, the main motivation for developing and implementing Waku can be found in the <a href="https://rfc.vac.dev/spec/6/#motivation">Waku specs</a>.</p> <blockquote> <p>Waku was created to incrementally improve in areas that Whisper is lacking in, with special attention to resource restricted devices. We specify the standard for Waku messages in order to ensure forward compatibility of different Waku clients, backwards compatibility with Whisper clients, as well as to allow multiple implementations of Waku and its capabilities. We also modify the language to be more unambiguous, concise and consistent.</p> </blockquote> <p>Considerable work has gone into the active development of Ethereum, in contrast Whisper is not currently under active development, and it has several drawbacks. Among others:</p> <ul> <li>Whisper is very wasteful bandwidth-wise and doesn’t appear to be scalable</li> <li>Proof of work is a poor spam protection mechanism for heterogeneous devices</li> <li>The privacy guarantees provided are not rigorous</li> <li>There are no incentives to run a node</li> </ul> <p>Finding a more suitable transport privacy is an ongoing research effort, together with <a href="https://vac.dev/vac-overview">Vac</a> and other teams in the space.</p> <h4 id="why-is-pow-for-waku-set-so-low"> <a href="#why-is-pow-for-waku-set-so-low" class="anchor-heading" aria-labelledby="why-is-pow-for-waku-set-so-low"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Why is PoW for Waku set so low? </h4> <p>A higher PoW would be desirable, but this kills the battery on mobile phones, which is a prime target for Status clients.</p> <p>This means the network is currently vulnerable to DDoS attacks. Alternative methods of spam protection are currently being researched.</p> <h4 id="why-do-you-not-use-discovery-v5-for-node-discovery"> <a href="#why-do-you-not-use-discovery-v5-for-node-discovery" class="anchor-heading" aria-labelledby="why-do-you-not-use-discovery-v5-for-node-discovery"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Why do you not use Discovery v5 for node discovery? </h4> <p>At the time of implementing dynamic node discovery, Discovery v5 wasn’t completed yet. Additionally, running a DHT on a mobile leads to slow node discovery, bad battery and poor bandwidth usage. Instead, each client can choose to turn on Discovery v5 for a short period until the node populates their peer list.</p> <p>For some further investigation, see <a href="https://github.com/status-im/swarms/blob/master/ideas/092-disc-v5-research.md">here</a>.</p> <h4 id="i-heard-something-about-mailservers-being-trusted-somehow"> <a href="#i-heard-something-about-mailservers-being-trusted-somehow" class="anchor-heading" aria-labelledby="i-heard-something-about-mailservers-being-trusted-somehow"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> I heard something about <code class="language-plaintext highlighter-rouge">Mailservers</code> being trusted somehow? </h4> <p>In order to use a <code class="language-plaintext highlighter-rouge">Mailserver</code>, a given node needs to connect to it directly, i.e. add the <code class="language-plaintext highlighter-rouge">Mailserver</code> as its peer and mark it as trusted. This means that the <code class="language-plaintext highlighter-rouge">Mailserver</code> is able to send direct p2p messages to the node instead of broadcasting them. Effectively, it knows the bloom filter of the topics the node is interested in, when it is online as well as many metadata like IP address.</p> <h3 id="data-sync-1"> <a href="#data-sync-1" class="anchor-heading" aria-labelledby="data-sync-1"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Data sync </h3> <h4 id="why-is-mvds-not-used-for-public-chats"> <a href="#why-is-mvds-not-used-for-public-chats" class="anchor-heading" aria-labelledby="why-is-mvds-not-used-for-public-chats"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Why is MVDS not used for public chats? </h4> <p>Currently, public chats are broadcast-based, and there’s no direct way of finding out who is receiving messages. Hence there’s no clear group sync state context whereby participants can sync. Additionally, MVDS is currently not optimized for large group contexts, which means bandwidth usage will be a lot higher than reasonable. See <a href="https://vac.dev/p2p-data-sync-for-mobile">P2P Data Sync for Mobile</a> for more. This is an active area of research.</p> <h2 id="footnotes"> <a href="#footnotes" class="anchor-heading" aria-labelledby="footnotes"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Footnotes </h2> <ol> <li><a href="https://github.com/status-im/status-protocol-go/">https://github.com/status-im/status-protocol-go/</a></li> <li><a href="https://github.com/status-im/status-console-client/">https://github.com/status-im/status-console-client/</a></li> <li><a href="https://github.com/status-im/status-react/">https://github.com/status-im/status-react/</a></li> </ol> <h2 id="appendix-a-security-considerations"> <a href="#appendix-a-security-considerations" class="anchor-heading" aria-labelledby="appendix-a-security-considerations"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Appendix A: Security considerations </h2> <p>There are several security considerations to take into account when running Status. Chief among them are: scalability, DDoS-resistance and privacy. These also vary depending on what capabilities are used, such as <code class="language-plaintext highlighter-rouge">Mailserver</code>, light node, and so on.</p> <h3 id="scalability-and-ux"> <a href="#scalability-and-ux" class="anchor-heading" aria-labelledby="scalability-and-ux"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Scalability and UX </h3> <p><strong>Bandwidth usage:</strong></p> <p>In version 1 of Status, bandwidth usage is likely to be an issue. In Status version 1.1 this is partially addressed with Waku usage, see <a href="https://github.com/vacp2p/research/tree/dcc71f4779be832d3b5ece9c4e11f1f7ec24aac2/whisper_scalability">the theoretical scaling model</a>.</p> <p><strong><code class="language-plaintext highlighter-rouge">Mailserver</code> High Availability requirement:</strong></p> <p>A <code class="language-plaintext highlighter-rouge">Mailserver</code> has to be online to receive messages for other nodes, this puts a high availability requirement on it.</p> <p><strong>Gossip-based routing:</strong></p> <p>Use of gossip-based routing doesn’t necessarily scale. It means each node can see a message multiple times, and having too many light nodes can cause propagation probability that is too low. See <a href="https://our.status.im/whisper-pss-comparison/">Whisper vs PSS</a> for more and a possible Kademlia based alternative.</p> <p><strong>Lack of incentives:</strong></p> <p>Status currently lacks incentives to run nodes, which means node operators are more likely to create centralized choke points.</p> <h3 id="privacy"> <a href="#privacy" class="anchor-heading" aria-labelledby="privacy"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Privacy </h3> <p><strong>Light node privacy:</strong></p> <p>The main privacy concern with light nodes is that directly connected peers will know that a message originates from them (as it are the only ones it sends). This means nodes can make assumptions about what messages (topics) their peers are interested in.</p> <p><strong>Bloom filter privacy:</strong></p> <p>A user reveals which messages they are interested in, by setting only the topics they are interested in on the bloom filter. This is a fundamental trade-off between bandwidth usage and privacy, though the trade-off space is likely suboptimal in terms of the <a href="https://eprint.iacr.org/2017/954.pdf">Anonymity</a> <a href="https://petsymposium.org/2019/files/hotpets/slides/coordination-helps-anonymity-slides.pdf">trilemma</a>.</p> <p><strong><code class="language-plaintext highlighter-rouge">Mailserver client</code> privacy:</strong></p> <p>A <code class="language-plaintext highlighter-rouge">Mailserver client</code> has to trust a <code class="language-plaintext highlighter-rouge">Mailserver</code>, which means they can send direct traffic. This reveals what topics / bloom filter a node is interested in, along with its peerID (with IP).</p> <p><strong>Privacy guarantees not rigorous:</strong></p> <p>Privacy for Whisper or Waku hasn’t been studied rigorously for various threat models like global passive adversary, local active attacker, etc. This is unlike e.g. Tor and mixnets.</p> <p><strong>Topic hygiene:</strong></p> <p>Similar to bloom filter privacy, using a very specific topic reveals more information. See scalability model linked above.</p> <h3 id="spam-resistance"> <a href="#spam-resistance" class="anchor-heading" aria-labelledby="spam-resistance"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Spam resistance </h3> <p><strong>PoW bad for heterogeneous devices:</strong></p> <p>Proof of work is a poor spam prevention mechanism. A mobile device can only have a very low PoW in order not to use too much CPU / burn up its phone battery. This means someone can spin up a powerful node and overwhelm the network.</p> <p><strong><code class="language-plaintext highlighter-rouge">Mailserver</code> trusted connection:</strong></p> <p>A <code class="language-plaintext highlighter-rouge">Mailserver</code> has a direct TCP connection, which means they are trusted to send traffic. This means a malicious or malfunctioning <code class="language-plaintext highlighter-rouge">Mailserver</code> can overwhelm an individual node.</p> <h3 id="censorship-resistance"> <a href="#censorship-resistance" class="anchor-heading" aria-labelledby="censorship-resistance"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Censorship resistance </h3> <p><strong>Devp2p TCP port blockable:</strong></p> <p>By default Devp2p runs on port <code class="language-plaintext highlighter-rouge">30303</code>, which is not commonly used for any other service. This means it is easy to censor, e.g. airport WiFi. This can be mitigated somewhat by running on e.g. port <code class="language-plaintext highlighter-rouge">80</code> or <code class="language-plaintext highlighter-rouge">443</code>, but there are still outstanding issues. See libp2p and Tor’s Pluggable Transport for how this can be improved.</p> <p>See <a href="https://github.com/status-im/status-react/issues/6351">https://github.com/status-im/status-react/issues/6351</a> for some discussion.</p> <h2 id="acknowledgments"> <a href="#acknowledgments" class="anchor-heading" aria-labelledby="acknowledgments"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Acknowledgments </h2> <p>Jacek Sieka</p> <h2 id="changelog"> <a href="#changelog" class="anchor-heading" aria-labelledby="changelog"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Changelog </h2> <h3 id="version-03"> <a href="#version-03" class="anchor-heading" aria-labelledby="version-03"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Version 0.3 </h3> <p>Released <a href="https://github.com/status-im/specs/commit/664dd1c9df6ad409e4c007fefc8c8945b8d324e8">May 22, 2020</a></p> <ul> <li>Added that Waku SHOULD be used</li> <li>Added that Whisper SHOULD NOT be used</li> <li>Added language to include Waku in all relevant places</li> <li>Change to keep <code class="language-plaintext highlighter-rouge">Mailserver</code> term consistent</li> </ul> <h2 id="copyright"> <a href="#copyright" class="anchor-heading" aria-labelledby="copyright"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Copyright </h2> <p>Copyright and related rights waived via <a href="https://creativecommons.org/publicdomain/zero/1.0/">CC0</a>.</p> </div> </div> <div class="search-overlay"></div> </div> </body> </html>
|