Skip to content

Commit 42798a9

Browse files
piegamesdepiegamesde
committed
Server protocol: add PoW
1 parent 4affa6f commit 42798a9

File tree

1 file changed

+30
-1
lines changed

1 file changed

+30
-1
lines changed

server-protocol.md

Lines changed: 30 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,18 @@ and handle them accordingly, if present:
100100
expect the protocol to be `tcp` (expect websockets support in the future). Clients
101101
should make a preselection of viable relay servers (which may include entries from other
102102
sources as well), and randomly select one or two.
103+
* `proof_of_work`: A proof of work task to mitigate DOS attacks. The difficulty is dictated
104+
by the server based on its current load. The entry looks like this:
105+
```json
106+
{
107+
"challenge": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABXXXX",
108+
"sha256": "a66cdd7def34cb0267b83d21c37c429af0a15dcd00465da22402dab9f1cbf10e",
109+
"mac": "<snip>"
110+
}
111+
```
112+
The challenge contains exactly 32 hex-encoded bytes, of which the last nibbles are censored ('X'),
113+
and the `sha256sum` of the uncensored challenge. The goal is to find the complete `challenge` with
114+
the given hash.
103115

104116
The first thing each client sends to the server, immediately after receiving
105117
the welcome message, is a `bind` message. This specifies the
@@ -108,6 +120,23 @@ messages will be scoped to. While technically each message could be
108120
independent (with its own `appid` and `side`), I thought it would be less
109121
confusing to use exactly one WebSocket per logical wormhole connection.
110122

123+
Due to backwards compatibity, clients are not forced to give a proof of work.
124+
However, it is strongly recommended. Here's how a full "bind" message may look like:
125+
126+
```json
127+
{
128+
"type": "bind",
129+
"appid": "lothar.com/wormhole/text-or-file-xfer",
130+
"side": "123456",
131+
"proof_of_work": {
132+
"challenge": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABXXXX",
133+
"sha256": "a66cdd7def34cb0267b83d21c37c429af0a15dcd00465da22402dab9f1cbf10e",
134+
"mac": "<snip>",
135+
"response": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF",
136+
},
137+
}
138+
```
139+
111140
A `ping` will provoke a `pong`: these are only used by unit tests for
112141
synchronization purposes (to detect when a batch of messages have been fully
113142
processed by the server). NAT-binding refresh messages are handled by the
@@ -216,7 +245,7 @@ This lists all message types, along with the type-specific keys for each (if
216245
any), and which ones provoke direct responses:
217246

218247
* S->C welcome {welcome:}
219-
* (C->S) bind {appid:, side:}
248+
* (C->S) bind {appid:, side:, proof_of_work: {..},}
220249
* (C->S) list {} -> nameplates
221250
* S->C nameplates {nameplates: [{id: str},..]}
222251
* (C->S) allocate {} -> allocated

0 commit comments

Comments
 (0)