{"id":13396449,"url":"https://github.com/ssbc/ssb-server","last_synced_at":"2025-10-08T20:52:37.671Z","repository":{"id":22553664,"uuid":"25894747","full_name":"ssbc/ssb-server","owner":"ssbc","description":"The gossip and replication server for Secure Scuttlebutt - a distributed social network","archived":false,"fork":false,"pushed_at":"2022-06-17T15:11:15.000Z","size":3067,"stargazers_count":1696,"open_issues_count":42,"forks_count":169,"subscribers_count":73,"default_branch":"main","last_synced_at":"2025-09-30T04:26:28.442Z","etag":null,"topics":["gossip","javascript","scuttlebot","scuttlebutt"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ssbc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"open_collective":"secure-scuttlebutt-consortium"}},"created_at":"2014-10-28T23:23:16.000Z","updated_at":"2025-09-24T06:00:54.000Z","dependencies_parsed_at":"2022-08-07T10:15:51.287Z","dependency_job_id":null,"html_url":"https://github.com/ssbc/ssb-server","commit_stats":null,"previous_names":["ssbc/scuttlebot","pfraze/scuttlebot"],"tags_count":65,"template":false,"template_full_name":null,"purl":"pkg:github/ssbc/ssb-server","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssbc%2Fssb-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssbc%2Fssb-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssbc%2Fssb-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssbc%2Fssb-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ssbc","download_url":"https://codeload.github.com/ssbc/ssb-server/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ssbc%2Fssb-server/sbom","scorecard":{"id":844474,"data":{"date":"2025-08-11","repo":{"name":"github.com/ssbc/ssb-server","commit":"919cbdd0267b8a5d24923af567390c9b30dae0d3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.5,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":7,"reason":"Found 12/16 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 26 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T21:08:12.407Z","repository_id":22553664,"created_at":"2025-08-23T21:08:12.407Z","updated_at":"2025-08-23T21:08:12.407Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279000637,"owners_count":26082819,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-08T02:00:06.501Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gossip","javascript","scuttlebot","scuttlebutt"],"created_at":"2024-07-30T18:00:52.277Z","updated_at":"2025-10-08T20:52:37.625Z","avatar_url":"https://github.com/ssbc.png","language":"JavaScript","readme":"# ssb-server\n\nssb-server is an open source **peer-to-peer log store** used as a database, identity provider, and messaging system.\nIt has:\n\n - Global replication\n - File-synchronization\n - End-to-end encryption\n\n`ssb-server` behaves just like a [Kappa Architecture DB](http://milinda.pathirage.org/kappa-architecture.com/).\nIn the background, it syncs with known peers.\nPeers do not have to be trusted, and can share logs and files on behalf of other peers, as each log is an unforgeable append-only message feed.\nThis means ssb-servers comprise a [global gossip-protocol mesh](https://en.wikipedia.org/wiki/Gossip_protocol) without any host dependencies.\n\nIf you are looking to use ssb-server to run a pub, consider using [ssb-minimal-pub-server](https://github.com/ssbc/ssb-minimal-pub-server) instead.\n\n**Join us in #scuttlebutt on [Libera Chat](https://libera.chat/).**\n\n[![build status](https://secure.travis-ci.org/ssbc/ssb-server.png)](http://travis-ci.org/ssbc/ssb-server)\n\n## Install\n\nHow to Install `ssb-server` and create a working pub \n\n1. `sudo apt install curl autotools-dev automake`\n\n2. Install the Node Version Manager (NVM):\n\n```\ncurl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.34.0/install.sh | bash\n```\n\n3. Close and reopen your terminal to start using nvm or run the following:\n\n```\nexport NVM_DIR=\"$HOME/.nvm\"\n[ -s \"$NVM_DIR/nvm.sh\" ] \u0026\u0026 \\. \"$NVM_DIR/nvm.sh\"  # This loads nvm\n[ -s \"$NVM_DIR/bash_completion\" ] \u0026\u0026 \\. \"$NVM_DIR/bash_completion\"  # This loads nvm bash_completion\n```\n\n4. `nvm install 10`\n\n5. `nvm alias default 10`\n\n6. `npm install -g node-gyp`\n\n7. Then to add `ssb-server` to your available CLI commands, install it using the `-g` global flag:\n\n```\nnpm install -g ssb-server\n```\n\nIf you are running as the root user this command will fail. Ideally you would run ssb-server as a non-priviledged user, but if you have to run it as root you can do so with `npm install -g ssb-server --unsafe-perm`.\n\n8. `nano ~/run-server.sh` and input:\n\n```\n#!/bin/bash\nwhile true; do\n  ssb-server start\n  sleep 3\ndone\n```\n\nInput Ctrl-X to save and quit.\n\nBe sure to start the pub server from this script (as shown in step 10), as this script will run the pub server and restart it even if it crashes.      \n\n9. `mkdir ~/.ssb/`\n\n10. `nano ~/.ssb/config` and input:\n\n```\n{\n  \"connections\": {\n    \"incoming\": {\n      \"net\": [\n        { \"scope\": \"public\", \"host\": \"0.0.0.0\", \"external\": \"Your Host Name or Public IP\", \"transform\": \"shs\", \"port\": 8008 }\n      ]\n    },\n    \"outgoing\": {\n      \"net\": [{ \"transform\": \"shs\" }]\n    }\n  }\n}\n```\n\n11. Now run `sh ~/run-server.sh` in a detachable session (e.g. screens)\n\n12. Detach the session and run `ssb-server whoami` to check to see if the server is working.\n\n13. Now is the time to think of a really cool name for your new pub server.  Once you have it run:\n\n`ssb-server publish --type about --about {pub-id (this is the output from ssb-server whoami)} --name {Your pubs awesome name}`\n\n14. Now it's time to create those invites! \nJust run `ssb-server invite.create 1` and send those codes to your friends.\n\nCongratulations!  You are now ready to scuttlebutt with your friends! \n\n\u003eNote for those running `ssb-server` from a home computer.\n\u003eYou will need to make sure that your router will allow connections to port 8008.  Thus, you will need to forward port 8008 to the local IP address of the computer running the server (look up how to do this online).\n\u003eIf you haven't done this step, when a client tries to connect to your server using the invite code, they will get an error that your invite code is not valid.\n\n\n\n## Applications\n\nThere are already several applications built on `ssb-server`,\none of the best ways to learn about secure-scuttlebutt is to poke around in these applications.\n\n* [patchwork](http://github.com/ssbc/patchwork) is a discussion platform that we use to anything and everything concerning ssb and decentralization.\n* [patchbay](http://github.com/ssbc/patchbay) is another take on patchwork - it's compatible, less polished, but more modular. The main goal of patchbay is to be very easy to add features to.\n* [git-ssb](https://github.com/clehner/git-ssb) is git (\u0026 github!) on top of secure-scuttlebutt. Although we still keep our repos on github, primary development is via git-ssb.\n\nIt is recommended to get started with patchwork, and then look into git-ssb and patchbay.\n\n## Starting an `ssb-server`\n\n### Command Line Usage Example\n\nStart the server with extra log detail\nLeave this running in its own terminal/window\n```bash\nssb-server start --logging.level=info\n```\n\n### Javascript Usage Example\n\n```js\nvar Server = require('ssb-server')\nvar config = require('ssb-config')\nvar fs = require('fs')\nvar path = require('path')\n\n// add plugins\nServer\n  .use(require('ssb-master'))\n  .use(require('ssb-gossip'))\n  .use(require('ssb-replicate'))\n  .use(require('ssb-backlinks'))\n\nvar server = Server(config)\n\n// save an updated list of methods this server has made public\n// in a location that ssb-client will know to check\nvar manifest = server.getManifest()\nfs.writeFileSync(\n  path.join(config.path, 'manifest.json'), // ~/.ssb/manifest.json\n  JSON.stringify(manifest)\n)\n```\nsee: [github.com/ssbc/**ssb-config**](https://github.com/ssbc/ssb-config) for custom configuration.\n\n## Calling `ssb-server` Functions\n\nThere are a variety of ways to call `ssb-server` methods, from a command line as well as in a javascript program.\n\n### Command Line Usage Example\n\nThe command `ssb-server` can also used to call the running `ssb-server`.\n\nNow, in a separate terminal from the one where you ran `ssb-server start`, you can run commands such as the following:\n```bash\n# publish a message\nssb-server publish --type post --text \"My First Post!\"\n\n# stream all messages in all feeds, ordered by publish time\nssb-server feed\n\n# stream all messages in all feeds, ordered by receive time\nssb-server log\n\n# stream all messages by one feed, ordered by sequence number\nssb-server hist --id $FEED_ID\n```\n\n### Javascript Usage Example\n\nNote that the following involves using a separate JS package, called [ssb-client](https://github.com/ssbc/ssb-client). It is most suitable for connecting to a running `ssb-server` and calling its methods. To see further distinctions between `ssb-server` and `ssb-client`, check out this [handbook article](https://handbook.scuttlebutt.nz/guides/ssb-server-context).\n\n```js\nvar pull = require('pull-stream')\nvar Client = require('ssb-client')\n\n// create a ssb-server client using default settings\n// (server at localhost:8080, using key found at ~/.ssb/secret, and manifest we wrote to `~/.ssb/manifest.json` above)\nClient(function (err, server) {\n  if (err) throw err\n\n  // publish a message\n  server.publish({ type: 'post', text: 'My First Post!' }, function (err, msg) {\n    // msg.key           == hash(msg.value)\n    // msg.value.author  == your id\n    // msg.value.content == { type: 'post', text: 'My First Post!' }\n    // ...\n  })\n\n  // stream all messages in all feeds, ordered by publish time\n  pull(\n    server.createFeedStream(),\n    pull.collect(function (err, msgs) {\n      // msgs[0].key == hash(msgs[0].value)\n      // msgs[0].value...\n    })\n  )\n\n  // stream all messages in all feeds, ordered by receive time\n  pull(\n    server.createLogStream(),\n    pull.collect(function (err, msgs) {\n      // msgs[0].key == hash(msgs[0].value)\n      // msgs[0].value...\n    })\n  )\n\n  // stream all messages by one feed, ordered by sequence number\n  pull(\n    server.createHistoryStream({ id: \u003c feedId \u003e }),\n    pull.collect(function (err, msgs) {\n      // msgs[0].key == hash(msgs[0].value)\n      // msgs[0].value...\n    })\n  )\n})\n```\n\n## Use Cases\n\n`ssb-server`'s message-based data structure makes it ideal for mail and forum applications (see [Patchwork](https://ssbc.github.io/patchwork/)).\nHowever, it is sufficiently general to be used to build:\n\n - Office tools (calendars, document-sharing, tasklists)\n - Wikis\n - Package managers\n\nBecause `ssb-server` doesn't depend on hosts, its users can synchronize over WiFi or any other connective medium, making it great for [Sneakernets](https://en.wikipedia.org/wiki/Sneakernet).\n\n`ssb-server` is [eventually-consistent with peers](https://en.wikipedia.org/wiki/Eventual_consistency), and requires exterior coordination to create strictly-ordered transactions.\nTherefore, by itself, it would probably make a poor choice for implementing a crypto-currency.\n(We get asked that a lot.)\n\n---\n\n### Getting Started\n\n- [Install](https://handbook.scuttlebutt.nz/guides/ssb-server/install) - Setup instructions\n- [Tutorial](https://handbook.scuttlebutt.nz/guides/ssb-server/tutorial) - Primer on developing with ssb-server\n- [API / CLI Reference](https://scuttlebot.io/apis/scuttlebot/ssb.html) (out of date, but still the best reference)\n- [ssb-config](https://github.com/ssbc/ssb-config) - a module which helps build config to start ssb-server with\n- [ssb-client](https://github.com/ssbc/ssb-client) - make a remote connection to the server\n- [Modules docs](https://modules.scuttlebutt.nz) - see an overview of all the modules\n\n### Key Concepts\n\n- [Secure Scuttlebutt](https://ssbc.github.io/scuttlebutt-protocol-guide/), ssb-server's global database protocol\n- [Content Hash Linking](https://ssbc.github.io/docs/ssb/linking.html)\n- [Secret Handshake](https://ssbc.github.io/docs/ssb/secret-handshake.html), ssb-server's transport-layer security protocol\n- [Private Box](https://ssbc.github.io/docs/ssb/end-to-end-encryption.html), ssb-server's end-to-end security protocol\n- [Frequently Asked Questions](https://ssbc.github.io/docs/ssb/faq.html)\n\n### Further Reading\n\n- [Design Challenge: Avoid Centralization and Singletons](https://handbook.scuttlebutt.nz/stories/design-challenge-avoid-centralization-and-singletons)\n- [Design Challenge: Sybil Attacks](https://handbook.scuttlebutt.nz/stories/design-challenge-sybil-attacks)\n- [Using Trust in Open Networks](https://handbook.scuttlebutt.nz/stories/using-trust-in-open-networks)\n\n\n# License\n\nMIT\n","funding_links":["https://opencollective.com/secure-scuttlebutt-consortium"],"categories":["Technology stack","JavaScript","javascript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fssbc%2Fssb-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fssbc%2Fssb-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fssbc%2Fssb-server/lists"}