// The bootstrapping module uses the glossary in ~/.ao/peers.json (later will use members from DB?) // to look up tor addresses for the give shortname or SSH public key. // We could just do all this in the AO, but the bootstrapper is for public / loose ties and the AO's explicit p2p is for close / private ties. // The other main difference is that the AO stores data in the database, simplex-chat does not (ao-cli only uses database for Use AO Features). // The bootstrapper occasionally queries all of the tor addresses in your address book. // If they are an AO with bootstrapping turned on, the AO server will respond with its public directory information. // Since you have connected to them via their .onion address, it is assumed they are a known trusted party, // so the information received will update your local directory information in your address book. // Be careful to only connect to bootstrap servers you trust, with owners who will not add unsafe .onions to their own directory! // An AO contacted at a tor address is considered a known party and an authority on announcing its own SSH key (if you trust the party). // Therefore it works to receive an initial trusted .onion address, connect, get their directory, and use it to connect to others. // You can copy the directory of each new peer, however these are marked with a hops: field to count how far away the trust gets. // Maybe there should be a setting you announce to other nodes about whether they can share your .onion address or not (reshare) // Start bootstrapping in the background export function startPublicBootstrap() { // Go through all the address book entries in my ~/.ao/peers.json // For each one that has a .onion address, do a fetch on it at the /bootstrap route // If it responds with JSON containing directory information, increment the hops: field on all of it, and merge it with my file // Must use entire new or old record. Use whichever one has fewer hops. Only replace if timestamp is newer. // Again we are assuming that we know the owner of the .onion address and trust them, because a .onion is not spoofable. } // Kill the bootstrapping process export function stopPublicBootstrap() { }