kpp/how_tox_works.txt

## how_tox_works.txt
1. Alice creates ToxID
	a. Key pair generation: curve25519xsalsa20poly1305, a particular combination of Curve25519, Salsa20, and Poly1305 specified in "Cryptography in NaCl". This function is conjectured to meet the standard notions of privacy and third-party unforgeability.

2. Bob creates ToxID

3. Alice and Bob exchange ToxID in public
	a. You can exchange ToxIDs via email, key signing parties, publish on web sites...
	b. There are 4 bytes at the end (NoSpam) used to regenerate ToxID in case of receiving a lot of friend requests from spammers.

4. Alice goes online
	a. Ephemeral key generation: curve25519xsalsa20poly1305. Ephemeral key is generated each time you launch the app
	b. Bootstrap from known DHT nodes with static keys: http://nodes.tox.chat/.
	c. Or get a saved list of bootstrapped nodes from local cache file.

A distributed hash table (DHT) is a class of a decentralized distributed system that provides a lookup service similar to a hash table: (key, value) pairs are stored in a DHT, and any participating node can efficiently retrieve the value associated with a given key. Keys are unique identifiers which map to particular values, which in turn can be anything from addresses, to documents, to arbitrary data. Responsibility for maintaining the mapping from keys to values is distributed among the nodes, in such a way that a change in the set of participants causes a minimal amount of disruption. This allows a DHT to scale to extremely large numbers of nodes and to handle continual node arrivals, departures, and failures.

The DHT uses a metric to determine the distance between two nodes. The Distance type is the co-domain of this metric. The metric currently used by the Tox DHT is the XOR of the nodes' public keys: distance(x, y) = x XOR y. For this computation, public keys are interpreted as Big Endian integers.

When we speak of a "close node", we mean that its Distance to the node under consideration is small compared to the Distance to other nodes.


5. Bob goes online
	a. Generates ephemeral key
	b. Bootstrap from known DHT nodes

There are only ephemeral key -> IP in the DHT, so nobody can learn which IP Alice has.

6. Alice put info in DHT to reach her
	a. Alice generates Onion path to the closest DHT node to her ToxID.
		1. To hide her actual ToxID->IP from Mallory
		2. Onion Path: Alice (Ephemeral key) -> Node1 -> Node2 -> Node3 -> Destination
		3. Node1,2,3 - random nodes from DHT.
			Alice's ephemeral key -> IP is known only to Node1
			Node1 IP is known only to Node2 and Alice
			Node2 IP is known only to Node1 and Node3...

	b. Alice puts info to the closest node how to reach her
		1. She uses OnionPath to route the message to the closest DHT node so nobody can track her location
		2. She puts [Alice ToxID, OnionPath] to the closest node (Announce Node)
		3. This is called Announcement

7. Bob adds Alice's ToxID to his friend list in the app

7. Bob finds the closest DHT node to Alice ToxID
	a. Using distance(x, y) = x XOR y

8. Bob is looking for Alice's Announcement

9. When Alice is online and announced herself Bob get's that Announce Node

10. Bob sends friend request to Alice
	a. To Announce Node -> OnionPath -> Alice
	b. Details:

Length    | Content
--------- | -------------------------
`1`       | `0x20`
`4`       | NoSpam
`1..991`  | Message

	So if NoSpam does not match you won't get that friend request


11. Alice accepts the friend request
	a. By adding Bob's ToxID to her friend lists

Now both Alice and Bob got their ToxID -> IP and they can initiate end-to-end encryption

12. Start end-to-end encrypted messaging
	a. Alice and Bob generate ephemeral keys again
	b. They perform Diffie hellman key exchange
	c. Now they connected via network and got a shared key to end-to-end encrypt their messages
	1. Alice creates ToxID
	a. Key pair generation: curve25519xsalsa20poly1305, a particular combination of Curve25519, Salsa20, and Poly1305 specified in "Cryptography in NaCl". This function is conjectured to meet the standard notions of privacy and third-party unforgeability.

	2. Bob creates ToxID

	3. Alice and Bob exchange ToxID in public
	a. You can exchange ToxIDs via email, key signing parties, publish on web sites...
	b. There are 4 bytes at the end (NoSpam) used to regenerate ToxID in case of receiving a lot of friend requests from spammers.

	4. Alice goes online
	a. Ephemeral key generation: curve25519xsalsa20poly1305. Ephemeral key is generated each time you launch the app
	b. Bootstrap from known DHT nodes with static keys: http://nodes.tox.chat/.
	c. Or get a saved list of bootstrapped nodes from local cache file.

	A distributed hash table (DHT) is a class of a decentralized distributed system that provides a lookup service similar to a hash table: (key, value) pairs are stored in a DHT, and any participating node can efficiently retrieve the value associated with a given key. Keys are unique identifiers which map to particular values, which in turn can be anything from addresses, to documents, to arbitrary data. Responsibility for maintaining the mapping from keys to values is distributed among the nodes, in such a way that a change in the set of participants causes a minimal amount of disruption. This allows a DHT to scale to extremely large numbers of nodes and to handle continual node arrivals, departures, and failures.

	The DHT uses a metric to determine the distance between two nodes. The Distance type is the co-domain of this metric. The metric currently used by the Tox DHT is the XOR of the nodes' public keys: distance(x, y) = x XOR y. For this computation, public keys are interpreted as Big Endian integers.

	When we speak of a "close node", we mean that its Distance to the node under consideration is small compared to the Distance to other nodes.


	5. Bob goes online
	a. Generates ephemeral key
	b. Bootstrap from known DHT nodes

	There are only ephemeral key -> IP in the DHT, so nobody can learn which IP Alice has.

	6. Alice put info in DHT to reach her
	a. Alice generates Onion path to the closest DHT node to her ToxID.
	1. To hide her actual ToxID->IP from Mallory
	2. Onion Path: Alice (Ephemeral key) -> Node1 -> Node2 -> Node3 -> Destination
	3. Node1,2,3 - random nodes from DHT.
	Alice's ephemeral key -> IP is known only to Node1
	Node1 IP is known only to Node2 and Alice
	Node2 IP is known only to Node1 and Node3...

	b. Alice puts info to the closest node how to reach her
	1. She uses OnionPath to route the message to the closest DHT node so nobody can track her location
	2. She puts [Alice ToxID, OnionPath] to the closest node (Announce Node)
	3. This is called Announcement

	7. Bob adds Alice's ToxID to his friend list in the app

	7. Bob finds the closest DHT node to Alice ToxID
	a. Using distance(x, y) = x XOR y

	8. Bob is looking for Alice's Announcement

	9. When Alice is online and announced herself Bob get's that Announce Node

	10. Bob sends friend request to Alice
	a. To Announce Node -> OnionPath -> Alice
	b. Details:

	Length \| Content
	--------- \| -------------------------
	`1` \| `0x20`
	`4` \| NoSpam
	`1..991` \| Message

	So if NoSpam does not match you won't get that friend request


	11. Alice accepts the friend request
	a. By adding Bob's ToxID to her friend lists

	Now both Alice and Bob got their ToxID -> IP and they can initiate end-to-end encryption

	12. Start end-to-end encrypted messaging
	a. Alice and Bob generate ephemeral keys again
	b. They perform Diffie hellman key exchange
	c. Now they connected via network and got a shared key to end-to-end encrypt their messages