||4 years ago|
|bogs||4 years ago|
|css||4 years ago|
|fonts||4 years ago|
|.gitignore||4 years ago|
|app.js||4 years ago|
|index.html||4 years ago|
|lib.js||4 years ago|
|nacl-util.min.js||4 years ago|
|nacl.min.js||4 years ago|
|package-lock.json||4 years ago|
|package.json||4 years ago|
|readme.md||4 years ago|
|server.js||4 years ago|
secure blockchain logging (blogging).
To avoid confusion we're dropping the 'l' and calling them 'bogs'.
WARNING This is very new and experimental software, not intended for use in production. Pull-requests are welcome, and if you find anything wrong feel free to report it in public.
Try it online at http://bogbook.com/ !
bogbook is a distributed social networking application using TweetNaCl.js to publish signed append-only logs to your browser's localStorage.
The bogs are then gossiped between your bog client and bog 'pub' servers using websockets. You're responsible for syncing your messages between different bog 'pub' servers. Bog 'pubs' themselves don't talk to each other, instead they only talk to clients.
When you click on a public key, your client will connect to your current pub to see if there are any new messages from the public key that you've clicked on.
But what about ssb?!
This is not secure-scuttlebutt. But it is influenced by my 3+ years working on the project, and there are many similarities between bogbook and secure-scuttlebutt.
The biggest difference is that all of the bogging happens in the client, making it a browser-first bogging network. Last I checked, ssb isn't leaving the server.
Right now we have no private bogging, and no blob distribution (besides profile photos, which are saved to your log in base64).
git clone firstname.lastname@example.org/bogbook/bogbook.git cd bogbook npm install npm start
Bogbook should launch in your browser. If it doesn't, navigate to http://localhost:8080/
All of the bogbook cryptography is produced using TweetNaCl.js which is a port of TweetNaCl, a cryptography library written in 100 Tweets.
bogbook generates an ed25519 public/private keypair on load using
nacl.sign.keyPair(), which is then stored in localStorage at
localStorage['id'] as a JSON object with the public/private keypairs base64-encoded.
When you post a new message, bogbook will
- iterate up the message sequence number
- hash the contents of the previous message using sha512
- sign the contents of the current message with your ed22519 private key
- hash the new message (including the signature) using sha512
before appending the feed to the log stored in your browser.
Please note: All logs are append-only, public, and plain text at the current time. While you can moderate your local database and pub servers by deleting logs associated with public keys, it can be difficult to unsay something, so don't drink and bog, people.
Some browsers clear localStorage upon exit, others will clear it if you wipe your browser cache. Remember to save your public/private keypair somewhere, because no one can regenerate it for you.
Please report all bugs at http://bogbook.com/