{"id":21858659,"url":"https://github.com/tgragnato/snowflake","last_synced_at":"2026-03-11T21:38:54.308Z","repository":{"id":41249799,"uuid":"413341960","full_name":"tgragnato/snowflake","owner":"tgragnato","description":"WebRTC Pluggable Transport","archived":false,"fork":false,"pushed_at":"2026-03-09T11:56:02.000Z","size":6343,"stargazers_count":7,"open_issues_count":6,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-03-09T12:47:45.815Z","etag":null,"topics":["censorship-circumvention","dtls","pion-dtls","pion-webrtc","pluggable-transports","stun","webrtc"],"latest_commit_sha":null,"homepage":"https://tgragnato.it/snowflake/","language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"keroserene/snowflake","license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tgragnato.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-10-04T08:44:12.000Z","updated_at":"2026-03-09T08:46:27.000Z","dependencies_parsed_at":"2023-12-25T21:01:36.182Z","dependency_job_id":"ee1b06f3-a81a-4db3-80c9-790f078bc3e7","html_url":"https://github.com/tgragnato/snowflake","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/tgragnato/snowflake","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tgragnato%2Fsnowflake","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tgragnato%2Fsnowflake/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tgragnato%2Fsnowflake/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tgragnato%2Fsnowflake/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tgragnato","download_url":"https://codeload.github.com/tgragnato/snowflake/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tgragnato%2Fsnowflake/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30401959,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-11T21:02:20.017Z","status":"ssl_error","status_checked_at":"2026-03-11T20:59:32.667Z","response_time":84,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["censorship-circumvention","dtls","pion-dtls","pion-webrtc","pluggable-transports","stun","webrtc"],"created_at":"2024-11-28T02:47:03.592Z","updated_at":"2026-03-11T21:38:54.303Z","avatar_url":"https://github.com/tgragnato.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Snowflake\n\n[![Go](https://github.com/tgragnato/snowflake/actions/workflows/go.yml/badge.svg?branch=main)](https://github.com/tgragnato/snowflake/actions/workflows/go.yml)\n[![CodeQL](https://github.com/tgragnato/snowflake/actions/workflows/codeql.yml/badge.svg?branch=main)](https://github.com/tgragnato/snowflake/actions/workflows/codeql.yml)\n[![Go Report Card](https://goreportcard.com/badge/github.com/tgragnato/snowflake)](https://goreportcard.com/report/github.com/tgragnato/snowflake)\n[![codecov](https://codecov.io/gh/tgragnato/snowflake/branch/main/graph/badge.svg)](https://codecov.io/gh/tgragnato/snowflake)\n\nSnowflake is a censorship-evasion pluggable transport using WebRTC, inspired by Flashproxy.\n\n### Custom fork\n\n![Schematic](/schematic.png)\n\n- golang 1.25+ \u0026 bumped dependencies\n- custom transport for broker negotiation (TLS 1.3 with selected ciphersuites \u0026 groups, MultiPath TCP)\n- custom DTLS fingerprint, different from any popular WebRTC implementation\n- use the Setting Engine to reduce MulticastDNS noise\n- use a context aware io.Reader that closes on errors in copyLoop\n- extremely simple token handling\n- client padding to evade TLS in DTLS detection\n- introduction of a proxy option to force the NAT type as unrestricted\n- coder/websocket in place of gorilla/websocket\n\n**Table of Contents**\n\n- [Structure of this Repository](#structure-of-this-repository)\n- [Usage](#usage)\n  - [Using Snowflake with Tor](#using-snowflake-with-tor)\n  - [Running a Snowflake Proxy](#running-a-snowflake-proxy)\n  - [Using the Snowflake Library with Other Applications](#using-the-snowflake-library-with-other-applications)\n- [Test Environment](#test-environment)\n- [FAQ](#faq)\n- [More info and links](#more-info-and-links)\n\n### Structure of this Repository\n\n- `broker/` contains code for the Snowflake broker\n- `doc/` contains Snowflake documentation and manpages\n- `client/` contains the Tor pluggable transport client and client library code\n- `common/` contains generic libraries used by multiple pieces of Snowflake\n- `proxy/` contains code for the Go standalone Snowflake proxy\n- `probetest/` contains code for a NAT probetesting service\n- `server/` contains the Tor pluggable transport server and server library code\n\n### Usage\n\nSnowflake is currently deployed as a pluggable transport for Tor.\n\n#### Using Snowflake with Tor\n\nTo use the Snowflake client with Tor, you will need to add the appropriate `Bridge` and `ClientTransportPlugin` lines to your [torrc](https://2019.www.torproject.org/docs/tor-manual.html.en) file. See the [client README](client) for more information on building and running the Snowflake client.\n\n#### Running a Snowflake Proxy\n\nYou can contribute to Snowflake by running a Snowflake proxy. We have the option to run a proxy in your browser or as a standalone Go program. See our [community documentation](https://community.torproject.org/relay/setup/snowflake/) for more details. \n\n#### Using the Snowflake Library with Other Applications\n\nSnowflake can be used as a Go API, and adheres to the [v2.1 pluggable transports specification](). For more information on using the Snowflake Go library, see the [Snowflake library documentation](doc/using-the-snowflake-library.md).\n\n### FAQ\n\n**Q: How does it work?**\n\nIn the Tor use-case:\n\n1. Volunteers visit websites that host the 'snowflake' proxy, run a snowflake [web extension](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake-webext), or use a standalone proxy.\n2. Tor clients automatically find available browser proxies via the Broker\n(the domain fronted signaling channel).\n3. Tor client and browser proxy establish a WebRTC peer connection.\n4. Proxy connects to some relay.\n5. Tor occurs.\n\nMore detailed information about how clients, snowflake proxies, and the Broker\nfit together on the way...\n\n**Q: What are the benefits of this PT compared with other PTs?**\n\nSnowflake combines the advantages of flashproxy and meek. Primarily:\n\n- It has the convenience of Meek, but can support magnitudes more\nusers with negligible CDN costs. (Domain fronting is only used for brief\nsignalling / NAT-piercing to setup the P2P WebRTC DataChannels which handle\nthe actual traffic.)\n\n- Arbitrarily high numbers of volunteer proxies are possible like in\nflashproxy, but NATs are no longer a usability barrier - no need for\nmanual port forwarding!\n\n**Q: Why is this called Snowflake?**\n\nIt utilizes the \"ICE\" negotiation via WebRTC, and also involves a great\nabundance of ephemeral and short-lived (and special!) volunteer proxies...\n\n### More info and links\n\nWe have more documentation in the [Snowflake wiki](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home) and at https://snowflake.torproject.org/.\n\n##### uTLS Settings\n\nSnowflake communicate with broker that serves as signaling server with TLS based domain fronting connection, which may be identified by its usage of Go language TLS stack.\n\nuTLS is a software library designed to initiate the TLS Client Hello fingerprint of browsers or other popular software's TLS stack to evade censorship based on TLS client hello fingerprint with `-utls-imitate` . You can use `-version` to see a list of supported values.\n\nDepending on client and server configuration, it may not always work as expected as not all extensions are correctly implemented.\n\nYou can also remove SNI (Server Name Indication) from client hello to evade censorship with `-utls-nosni`, not all servers supports this.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftgragnato%2Fsnowflake","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftgragnato%2Fsnowflake","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftgragnato%2Fsnowflake/lists"}